package cn.chenzw.sso.easy.server.support;

import cn.chenzw.sso.easy.core.constants.SSOConstants;
import cn.chenzw.sso.easy.core.exception.SSOException;
import cn.chenzw.sso.easy.server.entity.SSODefinition;
import cn.chenzw.toolkit.codec.AESUtils;
import cn.chenzw.toolkit.http.HttpHolder;
import java.io.IOException;
import java.net.URLDecoder;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.text.ParseException;
import java.util.Calendar;
import java.util.Date;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.time.DateUtils;

/* loaded from: input_file:cn/chenzw/sso/easy/server/support/AbstractSSOTemplate.class */
public abstract class AbstractSSOTemplate {
    protected void preHandler(SSODefinition sSODefinition) throws Exception {
    }

    private boolean checkKey(SSODefinition sSODefinition) {
        String[] split = StringUtils.split(getPlainKey(sSODefinition.getKey(), sSODefinition.getSourcePrivateKey()), SSOConstants.KEY_SEPARATOR);
        if (split == null || split.length != 2) {
            throw new SSOException("无效的key密钥!");
        }
        String str = split[0];
        String str2 = split[1];
        if (!sSODefinition.getPlainUserName().equals(str)) {
            throw new SSOException("key密钥校验失败!");
        }
        doCheckKeyExpired(str2);
        return true;
    }

    private String getPlainKey(String str, String str2) {
        try {
            return new String(AESUtils.decryptHexString(str, str2), StandardCharsets.UTF_8);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException | DecoderException e) {
            throw new SSOException("key解析失败!");
        }
    }

    private Date getKeyTimestamp(String str) {
        try {
            return DateUtils.parseDate(str, SSOConstants.KEY_TIMESTAMP_FORMAT);
        } catch (ParseException e) {
            throw new SSOException("key密钥无效!");
        }
    }

    private void doCheckKeyExpired(String str) {
        Date keyTimestamp = getKeyTimestamp(str);
        if (Math.abs(keyTimestamp.getTime() - Calendar.getInstance().getTime().getTime()) >= SSOConstants.LIMIT_MILLI_SECOND) {
            throw new SSOException("key密钥已过期! timestamp:[" + keyTimestamp.getTime() + "]");
        }
    }

    protected abstract boolean checkLoginedIn(SSODefinition sSODefinition);

    protected abstract void login(SSODefinition sSODefinition);

    protected boolean validate(SSODefinition sSODefinition) {
        return true;
    }

    protected void postHandler(SSODefinition sSODefinition) throws Exception {
    }

    private void defaultPostHandler(SSODefinition sSODefinition) {
        try {
            if (StringUtils.isBlank(sSODefinition.getRedirectUrl())) {
                sSODefinition.getResponse().sendRedirect(SSOConstants.DEFAULT_REDIRECT_URL);
            } else {
                sSODefinition.getResponse().sendRedirect(URLDecoder.decode(sSODefinition.getRedirectUrl(), "UTF-8"));
            }
        } catch (IOException e) {
            throw new SSOException("单点跳转失败!");
        }
    }

    public void dispach() throws Exception {
        SSODefinition sSODefinition = new SSODefinition(HttpHolder.getRequest(), HttpHolder.getResponse());
        preHandler(sSODefinition);
        if (checkKey(sSODefinition) && validate(sSODefinition)) {
            if (!checkLoginedIn(sSODefinition)) {
                login(sSODefinition);
            }
            postHandler(sSODefinition);
            defaultPostHandler(sSODefinition);
        }
    }
}
