package org.webswing.server.common.service.security.impl;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.webswing.server.common.service.security.AbstractWebswingUser;
import org.webswing.server.common.service.security.AuthenticatedWebswingUser;
import org.webswing.server.common.service.security.WebswingLoginSessionTokenClaim;
import org.webswing.server.common.service.security.WebswingTokenClaim;
import org.webswing.server.common.util.JwtUtil;
import org.webswing.server.common.util.ServerUtil;

/* loaded from: input_file:org/webswing/server/common/service/security/impl/WebswingSecuritySubject.class */
public class WebswingSecuritySubject {
    private static final Logger log = LoggerFactory.getLogger(WebswingSecuritySubject.class);
    protected static final ThreadLocal<WebswingSecuritySubject> subjects = new ThreadLocal<>();
    protected WebswingTokenClaim webswingClaim = new WebswingTokenClaim();
    private WebswingLoginSessionTokenClaim loginSessionWebswingClaim = new WebswingLoginSessionTokenClaim();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/webswing/server/common/service/security/impl/WebswingSecuritySubject$SubjectType.class */
    public enum SubjectType {
        access,
        transfer
    }

    public static WebswingSecuritySubject get() {
        return subjects.get();
    }

    public static WebswingSecuritySubject buildFrom(HttpServletRequestWrapper httpServletRequestWrapper) {
        WebswingSecuritySubject fromToken = getFromToken(ServerUtil.extractBearerToken((HttpServletRequest) httpServletRequestWrapper), SubjectType.access);
        fromToken.setHost(ServerUtil.getClientIp(httpServletRequestWrapper));
        return fromToken;
    }

    public static WebswingSecuritySubject buildFrom(String str) {
        return getFromToken(str, SubjectType.access);
    }

    public static WebswingSecuritySubject buildAndSetTransferSubjectFrom(HttpServletRequest httpServletRequest) {
        WebswingSecuritySubject fromToken = getFromToken(ServerUtil.parseTokenFromCookie(httpServletRequest, "wtt"), SubjectType.transfer);
        subjects.set(fromToken);
        return fromToken;
    }

    public static WebswingSecuritySubject buildFrom(Map<String, List<String>> map) {
        return getFromToken(ServerUtil.extractBearerToken(map), SubjectType.access);
    }

    private static WebswingSecuritySubject getFromToken(String str, SubjectType subjectType) {
        Jws<Claims> parseTransferTokenClaims;
        WebswingSecuritySubject webswingSecuritySubject = new WebswingSecuritySubject();
        if (str == null) {
            return webswingSecuritySubject;
        }
        try {
            parseTransferTokenClaims = subjectType == SubjectType.transfer ? JwtUtil.parseTransferTokenClaims(str) : JwtUtil.parseAccessTokenClaims(str);
        } catch (Exception e) {
            log.error("Failed to parse JWT token [" + str + "]!", e);
        }
        if (parseTransferTokenClaims == null) {
            return webswingSecuritySubject;
        }
        String str2 = (String) ((Claims) parseTransferTokenClaims.getBody()).get("webs", String.class);
        if (StringUtils.isBlank(str2)) {
            log.error("Empty webswing claim in token [" + str + "]!");
            return null;
        }
        webswingSecuritySubject.webswingClaim = JwtUtil.deserializeWebswingClaim(str2);
        return webswingSecuritySubject;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public <V> V execute(Callable<V> callable) throws ExecutionException {
        try {
            try {
                subjects.set(this);
                V call = callable.call();
                subjects.remove();
                return call;
            } catch (Throwable th) {
                throw new ExecutionException(th);
            }
        } catch (Throwable th2) {
            subjects.remove();
            throw th2;
        }
    }

    public void initLoginSession(HttpServletRequest httpServletRequest) {
        Jws<Claims> parseLoginSessionTokenClaims;
        try {
            String parseTokenFromCookie = ServerUtil.parseTokenFromCookie(httpServletRequest, "wlst");
            if (StringUtils.isBlank(parseTokenFromCookie) || (parseLoginSessionTokenClaims = JwtUtil.parseLoginSessionTokenClaims(parseTokenFromCookie)) == null) {
                return;
            }
            String str = (String) ((Claims) parseLoginSessionTokenClaims.getBody()).get("wlsc", String.class);
            if (StringUtils.isBlank(str)) {
                return;
            }
            this.loginSessionWebswingClaim = JwtUtil.deserializeWebswingLoginSessionClaim(str);
        } catch (Exception e) {
            log.debug("Could not parse login session token!", e);
        }
    }

    private Map<String, AbstractWebswingUser> getUserMap() {
        return this.webswingClaim.getUserMap();
    }

    private void setHost(String str) {
        this.webswingClaim.setHost(str);
    }

    public String getHost() {
        return this.webswingClaim.getHost();
    }

    public Object getAttribute(String str) {
        return (this.loginSessionWebswingClaim == null || this.loginSessionWebswingClaim.getAttributes() == null || !this.loginSessionWebswingClaim.getAttributes().containsKey(str)) ? this.webswingClaim.getAttributes().get(str) : this.loginSessionWebswingClaim.getAttributes().get(str);
    }

    public void setAttribute(String str, Object obj) {
        if (this.loginSessionWebswingClaim == null || this.loginSessionWebswingClaim.getAttributes() == null) {
            this.webswingClaim.getAttributes().put(str, obj);
        } else if (obj == null) {
            this.loginSessionWebswingClaim.getAttributes().remove(str);
        } else {
            this.loginSessionWebswingClaim.getAttributes().put(str, obj);
        }
    }

    public boolean isAuthenticated() {
        return !getUserMap().isEmpty();
    }

    public AbstractWebswingUser getUserForSecuredPath(String str) {
        return getUserMap().get(str);
    }

    public void login(HttpServletResponse httpServletResponse, String str, AuthenticatedWebswingUser authenticatedWebswingUser) {
        getUserMap().put(str, new AbstractWebswingUser(authenticatedWebswingUser));
        if (this.loginSessionWebswingClaim != null && this.loginSessionWebswingClaim.getAttributes() != null) {
            this.webswingClaim.getAttributes().putAll(this.loginSessionWebswingClaim.getAttributes());
        }
        ServerUtil.writeTokens(httpServletResponse, JwtUtil.serializeWebswingClaim(this.webswingClaim), false);
        ServerUtil.clearLoginTokenFromCookies(httpServletResponse);
    }

    public void logout(HttpServletResponse httpServletResponse, String str) {
        getUserMap().remove(str);
        if (getUserMap().isEmpty()) {
            ServerUtil.clearTokensFromCookies(httpServletResponse);
        } else {
            ServerUtil.writeTokens(httpServletResponse, JwtUtil.serializeWebswingClaim(this.webswingClaim), true);
        }
    }

    public void saveLoginSession(HttpServletResponse httpServletResponse) {
        ServerUtil.writeLoginSessionToken(httpServletResponse, JwtUtil.serializeWebswingLoginSessionClaim(this.loginSessionWebswingClaim));
    }

    public static String fixClaimForAdminConsole(String str, String str2) {
        try {
            WebswingTokenClaim deserializeWebswingClaim = JwtUtil.deserializeWebswingClaim(str);
            if (deserializeWebswingClaim.getUserMap() != null) {
                HashMap hashMap = new HashMap();
                Iterator<Map.Entry<String, AbstractWebswingUser>> it = deserializeWebswingClaim.getUserMap().entrySet().iterator();
                while (it.hasNext()) {
                    Map.Entry<String, AbstractWebswingUser> next = it.next();
                    String key = next.getKey();
                    if (key.startsWith(str2)) {
                        hashMap.put(key.substring(key.indexOf(str2) + str2.length()), next.getValue());
                        it.remove();
                    }
                }
                deserializeWebswingClaim.getUserMap().putAll(hashMap);
            }
            return JwtUtil.serializeWebswingClaim(deserializeWebswingClaim);
        } catch (Exception e) {
            log.error("Could not deserialize webswing token claim!", e);
            return str;
        }
    }
}
