package cn.dev33.satoken.sso;

import cn.dev33.satoken.SaManager;
import cn.dev33.satoken.config.SaSsoConfig;
import cn.dev33.satoken.exception.SaTokenException;
import cn.dev33.satoken.session.SaSession;
import cn.dev33.satoken.sso.SaSsoConsts;
import cn.dev33.satoken.stp.StpLogic;
import cn.dev33.satoken.strategy.SaStrategy;
import cn.dev33.satoken.util.SaFoxUtil;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:BOOT-INF/lib/sa-token-core-1.29.0.jar:cn/dev33/satoken/sso/SaSsoTemplate.class */
public class SaSsoTemplate {
    public StpLogic stpLogic;

    @FunctionalInterface
    /* loaded from: input_file:BOOT-INF/lib/sa-token-core-1.29.0.jar:cn/dev33/satoken/sso/SaSsoTemplate$CallSloUrlFunction.class */
    public interface CallSloUrlFunction {
        void run(String str);
    }

    public SaSsoTemplate(StpLogic stpLogic) {
        this.stpLogic = stpLogic;
    }

    public String createTicket(Object obj) {
        String randomTicket = randomTicket(obj);
        saveTicket(randomTicket, obj);
        saveTicketIndex(randomTicket, obj);
        return randomTicket;
    }

    public void saveTicket(String str, Object obj) {
        SaManager.getSaTokenDao().set(splicingTicketSaveKey(str), String.valueOf(obj), SaManager.getConfig().getSso().getTicketTimeout());
    }

    public void saveTicketIndex(String str, Object obj) {
        SaManager.getSaTokenDao().set(splicingTicketIndexKey(obj), String.valueOf(str), SaManager.getConfig().getSso().getTicketTimeout());
    }

    public void deleteTicket(String str) {
        if (str == null) {
            return;
        }
        SaManager.getSaTokenDao().delete(splicingTicketSaveKey(str));
    }

    public void deleteTicketIndex(Object obj) {
        if (obj == null) {
            return;
        }
        SaManager.getSaTokenDao().delete(splicingTicketIndexKey(obj));
    }

    public Object getLoginId(String str) {
        if (SaFoxUtil.isEmpty(str)) {
            return null;
        }
        return SaManager.getSaTokenDao().get(splicingTicketSaveKey(str));
    }

    public <T> T getLoginId(String str, Class<T> cls) {
        return (T) SaFoxUtil.getValueByType(getLoginId(str), cls);
    }

    public String getTicketValue(Object obj) {
        if (obj == null) {
            return null;
        }
        return SaManager.getSaTokenDao().get(splicingTicketIndexKey(obj));
    }

    public Object checkTicket(String str) {
        Object loginId = getLoginId(str);
        if (loginId != null) {
            deleteTicket(str);
            deleteTicketIndex(loginId);
        }
        return loginId;
    }

    public String randomTicket(Object obj) {
        return SaFoxUtil.getRandomString(64);
    }

    public String buildServerAuthUrl(String str, String str2) {
        return SaFoxUtil.joinParam(SaManager.getConfig().getSso().getAuthUrl(), SaSsoConsts.ParamName.redirect, SaFoxUtil.joinParam(str, SaSsoConsts.ParamName.back, SaFoxUtil.encodeUrl(str2 == null ? "" : str2)));
    }

    public String buildRedirectUrl(Object obj, String str) {
        checkRedirectUrl(str);
        deleteTicket(getTicketValue(obj));
        return SaFoxUtil.joinParam(encodeBackParam(str), SaSsoConsts.ParamName.ticket, createTicket(obj));
    }

    public void checkRedirectUrl(String str) {
        if (!SaFoxUtil.isUrl(str)) {
            throw new SaTokenException("无效redirect：" + str);
        }
        int indexOf = str.indexOf("?");
        if (indexOf != -1) {
            str = str.substring(0, indexOf);
        }
        if (!SaStrategy.me.hasElement.apply(Arrays.asList(getAllowUrl().replaceAll(" ", "").split(",")), str).booleanValue()) {
            throw new SaTokenException("非法redirect：" + str);
        }
    }

    public String getAllowUrl() {
        return SaManager.getConfig().getSso().getAllowUrl();
    }

    public String encodeBackParam(String str) {
        int indexOf = str.indexOf("?" + SaSsoConsts.ParamName.back + "=");
        if (indexOf == -1) {
            indexOf = str.indexOf("&" + SaSsoConsts.ParamName.back + "=");
            if (indexOf == -1) {
                return str;
            }
        }
        int length = SaSsoConsts.ParamName.back.length() + 2;
        return str.substring(0, indexOf + length) + SaFoxUtil.encodeUrl(str.substring(indexOf + length));
    }

    public String buildUserinfoUrl(Object obj) {
        return SaFoxUtil.joinParam(SaFoxUtil.joinParam(SaManager.getConfig().getSso().getUserinfoUrl(), SaSsoConsts.ParamName.loginId, obj), SaSsoConsts.ParamName.secretkey, SaManager.getConfig().getSso().getSecretkey());
    }

    public void checkSecretkey(String str) {
        if (str == null || str.isEmpty() || !str.equals(SaManager.getConfig().getSso().getSecretkey())) {
            throw new SaTokenException("无效秘钥：" + str);
        }
    }

    public String buildCheckTicketUrl(String str, String str2) {
        String joinParam = SaFoxUtil.joinParam(SaManager.getConfig().getSso().getCheckTicketUrl(), SaSsoConsts.ParamName.ticket, str);
        if (str2 != null) {
            joinParam = SaFoxUtil.joinParam(joinParam, SaSsoConsts.ParamName.ssoLogoutCall, str2);
        }
        return joinParam;
    }

    public void registerSloCallbackUrl(Object obj, String str) {
        if (obj == null || str == null || str.isEmpty()) {
            return;
        }
        SaSession sessionByLoginId = this.stpLogic.getSessionByLoginId(obj);
        Set set = (Set) sessionByLoginId.get(SaSsoConsts.SLO_CALLBACK_SET_KEY, () -> {
            return new HashSet();
        });
        set.add(str);
        sessionByLoginId.set(SaSsoConsts.SLO_CALLBACK_SET_KEY, set);
    }

    public void forEachSloUrl(Object obj, CallSloUrlFunction callSloUrlFunction) {
        SaSession sessionByLoginId = this.stpLogic.getSessionByLoginId(obj, false);
        if (sessionByLoginId == null) {
            return;
        }
        String secretkey = SaManager.getConfig().getSso().getSecretkey();
        Iterator it = ((Set) sessionByLoginId.get(SaSsoConsts.SLO_CALLBACK_SET_KEY, () -> {
            return new HashSet();
        })).iterator();
        while (it.hasNext()) {
            callSloUrlFunction.run(SaFoxUtil.joinParam(SaFoxUtil.joinParam((String) it.next(), SaSsoConsts.ParamName.loginId, obj), SaSsoConsts.ParamName.secretkey, secretkey));
        }
    }

    public String buildSloUrl(Object obj) {
        SaSsoConfig sso = SaManager.getConfig().getSso();
        return SaFoxUtil.joinParam(SaFoxUtil.joinParam(sso.getSloUrl(), SaSsoConsts.ParamName.loginId, obj), SaSsoConsts.ParamName.secretkey, sso.getSecretkey());
    }

    public void singleLogout(String str, Object obj, CallSloUrlFunction callSloUrlFunction) {
        checkSecretkey(str);
        forEachSloUrl(obj, callSloUrlFunction);
        this.stpLogic.logoutByTokenValue(this.stpLogic.getTokenValueByLoginId(obj));
    }

    public Object getUserinfo(Object obj) {
        return SaManager.getConfig().getSso().sendHttp.apply(buildUserinfoUrl(obj));
    }

    public String splicingTicketSaveKey(String str) {
        return SaManager.getConfig().getTokenName() + ":ticket:" + str;
    }

    public String splicingTicketIndexKey(Object obj) {
        return SaManager.getConfig().getTokenName() + ":id-ticket:" + obj;
    }
}
