package org.nanoframework.extension.shiro.web.component.impl;

import com.google.inject.Inject;
import java.util.Date;
import java.util.Iterator;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.SimpleSession;
import org.apache.shiro.session.mgt.ValidatingSession;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.nanoframework.commons.crypt.CryptUtil;
import org.nanoframework.commons.support.logging.Logger;
import org.nanoframework.commons.support.logging.LoggerFactory;
import org.nanoframework.commons.util.SerializableUtils;
import org.nanoframework.commons.util.StringUtils;
import org.nanoframework.extension.shiro.Protocol;
import org.nanoframework.extension.shiro.web.component.SSOComponent;
import org.nanoframework.extension.shiro.web.service.SSOService;
import org.nanoframework.web.server.filter.HttpRequestFilter;
import org.nanoframework.web.server.http.status.HttpStatus;
import org.nanoframework.web.server.http.status.ResultMap;
import org.nanoframework.web.server.mvc.Model;
import org.nanoframework.web.server.mvc.View;
import org.nanoframework.web.server.mvc.support.AngularRedirectView;
import org.nanoframework.web.server.mvc.support.ForwardView;
import org.nanoframework.web.server.mvc.support.RedirectView;

/* loaded from: input_file:org/nanoframework/extension/shiro/web/component/impl/AbstractSSOComponent.class */
public abstract class AbstractSSOComponent implements SSOComponent {
    protected static final String AUTHENTICATED_SESSION_KEY = "AUTHENTICATED_SESSION_KEY";
    protected static final String PRINCIPALS_SESSION_KEY = "PRINCIPALS_SESSION_KEY";

    @Inject
    protected SSOService ssoService;
    protected static final Logger LOGGER = LoggerFactory.getLogger(SSOComponentImpl.class);
    protected static final String SHIRO_SESSION_PREFIX_PROPERTY = "context.sso.shiro.session.prefix";
    protected static final String DEFAULT_SHIRO_SESSION_PREFIX = "SHIRO_SESSION_";
    protected static final String SHIRO_SESSION_PREFIX = System.getProperty(SHIRO_SESSION_PREFIX_PROPERTY, DEFAULT_SHIRO_SESSION_PREFIX);
    protected static final String SHIRO_CLIENT_EXPIRE_TIME_PROPERTY = "context.sso.shiro.client.expire.time";
    protected static final String DEFAULT_SHIRO_CLIENT_EXPIRE_TIME = "3600";
    protected static final int SHIRO_CLIENT_EXPIRE_TIME = Integer.parseInt(System.getProperty(SHIRO_CLIENT_EXPIRE_TIME_PROPERTY, DEFAULT_SHIRO_CLIENT_EXPIRE_TIME));
    protected static final String SHIRO_SESSION_LISTENER_EXPIRE_TIME_PROPERTY = "context.sso.shiro.session.listener.expire.time";
    protected static final String DEFAULT_SHIRO_SESSION_LISTENER_EXPIRE_TIME = "7200";
    protected static final int SHIRO_SESSION_LISTENER_EXPIRE_TIME = Integer.parseInt(System.getProperty(SHIRO_SESSION_LISTENER_EXPIRE_TIME_PROPERTY, DEFAULT_SHIRO_SESSION_LISTENER_EXPIRE_TIME));
    protected static final String IS_BIND_SESSION_FORWARD_PROPERTY = "context.sso.is.bind.session.forward";
    protected static final String DEFAULT_IS_BIND_SESSION_FORWARD = "true";
    protected static final boolean IS_BIND_SESSION_FORWARD = Boolean.parseBoolean(System.getProperty(IS_BIND_SESSION_FORWARD_PROPERTY, DEFAULT_IS_BIND_SESSION_FORWARD));
    protected static final String BIND_SESSION_FORWARD_URL_PROPERTY = "context.sso.bind.session.forward.url";
    protected static final String DEFAULT_BIND_SESSION_FORWARD_URL = "/pages/login.jsp";
    protected static final String BIND_SESSION_FORWARD_URL = System.getProperty(BIND_SESSION_FORWARD_URL_PROPERTY, DEFAULT_BIND_SESSION_FORWARD_URL);
    protected static final String BIND_SESSION_REDIRECT_URL_PROPERTY = "context.sso.bind.session.redirect.url";
    protected static final String DEFAULT_BIND_SESSION_REDIRECT_URL = "";
    protected static final String BIND_SESSION_REDIRECT_URL = System.getProperty(BIND_SESSION_REDIRECT_URL_PROPERTY, DEFAULT_BIND_SESSION_REDIRECT_URL);
    protected static final String IS_ANGULAR_REDIRECT_VIEW_PROPERTY = "context.sso.is.angular.redirect.view";
    protected static final String DEFAULT_IS_ANGULAR_REDIRECT_VIEW = "false";
    protected static final boolean IS_ANGULAR_REDIRECT_VIEW = Boolean.parseBoolean(System.getProperty(IS_ANGULAR_REDIRECT_VIEW_PROPERTY, DEFAULT_IS_ANGULAR_REDIRECT_VIEW));

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public String getSession(String str) {
        String str2 = SHIRO.get(SHIRO_CLIENT_SESSION_PREFIX + str);
        if (!StringUtils.isNotBlank(str2)) {
            return DEFAULT_BIND_SESSION_REDIRECT_URL;
        }
        String str3 = SHIRO.get(SHIRO_SESSION_PREFIX + str2);
        if (!StringUtils.isNotBlank(str3)) {
            return DEFAULT_BIND_SESSION_REDIRECT_URL;
        }
        try {
            if (!validationSession(str3)) {
                return DEFAULT_BIND_SESSION_REDIRECT_URL;
            }
            expireSession(str, str2);
            return str3;
        } catch (Throwable th) {
            LOGGER.error("Session validation error: {}", new Object[]{th.getMessage()});
            return DEFAULT_BIND_SESSION_REDIRECT_URL;
        }
    }

    protected boolean validationSession(String str) {
        ValidatingSession validatingSession = (Session) SerializableUtils.decode(str);
        if ((validatingSession instanceof ValidatingSession) && !validatingSession.isValid()) {
            return false;
        }
        Iterator it = validatingSession.getAttributeKeys().iterator();
        while (it.hasNext()) {
            if (!validationSession0(validatingSession, it.next())) {
                return false;
            }
        }
        accessSession(validatingSession);
        return true;
    }

    protected boolean validationSession0(Session session, Object obj) {
        if (!((String) obj).contains(AUTHENTICATED_SESSION_KEY) || validationAuthenticatedSession(session.getAttribute(obj))) {
            return !((String) obj).contains(PRINCIPALS_SESSION_KEY) || validationPrincipalsSession(session.getAttribute(obj));
        }
        return false;
    }

    protected boolean validationAuthenticatedSession(Object obj) {
        if (obj == null || !(obj instanceof Boolean)) {
            return false;
        }
        return ((Boolean) obj).booleanValue();
    }

    protected boolean validationPrincipalsSession(Object obj) {
        return (obj == null || !(obj instanceof SimplePrincipalCollection) || ((SimplePrincipalCollection) obj).isEmpty()) ? false : true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void accessSession(Session session) {
        ((SimpleSession) session).setLastAccessTime(new Date());
        this.ssoService.update(session);
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public String registrySession(String str, String str2) {
        String decrypt = CryptUtil.decrypt(str2);
        String str3 = SHIRO.get(SHIRO_SESSION_PREFIX + decrypt);
        if (!StringUtils.isNotBlank(str3) || !validationSession(str3)) {
            return DEFAULT_BIND_SESSION_REDIRECT_URL;
        }
        storageSession(str, decrypt);
        return str3;
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public ResultMap removeSession(String str) {
        try {
            String str2 = SHIRO.get(SHIRO_CLIENT_SESSION_PREFIX + str);
            if (StringUtils.isNotBlank(str2)) {
                String str3 = SHIRO.get(SHIRO_SESSION_PREFIX + str2);
                if (StringUtils.isNotBlank(str3)) {
                    this.ssoService.delete((Session) SerializableUtils.decode(str3));
                    clearOldSession(str);
                    return HttpStatus.OK.to();
                }
            }
            return HttpStatus.BAD_REQUEST.to();
        } catch (Throwable th) {
            LOGGER.error("Remove Session error: {}", new Object[]{th.getMessage()});
            return ResultMap.create(th.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR);
        }
    }

    @Override // org.nanoframework.extension.shiro.web.component.SSOComponent
    public View bindSession(String str, String str2) {
        Subject subject = SecurityUtils.getSubject();
        if (!subject.isAuthenticated() && !subject.isRemembered()) {
            return unAuthenticated(str);
        }
        storageSession(str2, (String) subject.getSession().getId());
        return new RedirectView(str);
    }

    protected void storageSession(String str, String str2) {
        clearOldSession(str);
        SHIRO.set(SHIRO_CLIENT_SESSION_PREFIX + str, str2);
        SHIRO.sadd(SHIRO_SESSION_LISTENER_PREFIX + str2, new String[]{str});
        expireSession(str, str2);
    }

    protected void expireSession(String str, String str2) {
        SHIRO.expire(SHIRO_CLIENT_SESSION_PREFIX + str, SHIRO_CLIENT_EXPIRE_TIME);
        SHIRO.expire(SHIRO_SESSION_LISTENER_PREFIX + str2, SHIRO_SESSION_LISTENER_EXPIRE_TIME);
    }

    protected void clearOldSession(String str) {
        String str2 = SHIRO.get(SHIRO_CLIENT_SESSION_PREFIX + str);
        if (StringUtils.isNotBlank(str2)) {
            SHIRO.srem(SHIRO_SESSION_LISTENER_PREFIX + str2, new String[]{str});
            SHIRO.del(new String[]{SHIRO_CLIENT_SESSION_PREFIX + str});
        }
    }

    protected void addServiceAttribute(String str) {
        if (StringUtils.isNotBlank(str)) {
            ((Model) HttpRequestFilter.HttpContext.get(Model.class)).addAttribute(Protocol.SHIRO.getServiceParameterName(), str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public View unAuthenticated(String str) {
        addServiceAttribute(str);
        return unAuthenticated();
    }

    protected View unAuthenticated() {
        return IS_BIND_SESSION_FORWARD ? new ForwardView(BIND_SESSION_FORWARD_URL, true) : IS_ANGULAR_REDIRECT_VIEW ? new AngularRedirectView(BIND_SESSION_REDIRECT_URL) : new RedirectView(BIND_SESSION_REDIRECT_URL);
    }
}
