package cn.leancloud;

import cn.leancloud.core.GeneralRequestSignature;
import cn.leancloud.utils.StringUtil;
import javax.servlet.http.HttpServletRequest;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:cn/leancloud/PlatformRequestAuthentication.class */
public class PlatformRequestAuthentication {
    private static final Logger logger = LogManager.getLogger(PlatformRequestAuthentication.class);
    static final String ANDROID_AFFILIATED_SUFFIX = "ax-sig-1";
    static final String SIGN_MASTERKEY_SUFFIX = "master";
    private String appId;
    private String appKey;
    private String masterKey;
    private String prod;
    private String sessionToken;
    private String sign;
    private String remoteAddress;

    public static void validate(HttpServletRequest httpServletRequest) throws UnauthException {
        PlatformRequestAuthentication parse = parse(httpServletRequest);
        logger.debug("request auth: {}", parse);
        if (null == parse || parse.getAppId() == null) {
            throw new UnauthException();
        }
        if (LeanEngine.getAppId().equals(parse.getAppId()) && (LeanEngine.getAppKey().equals(parse.getAppKey()) || LeanEngine.getMasterKey().equals(parse.getAppKey()) || LeanEngine.getMasterKey().equals(parse.getMasterKey()))) {
            if (LeanEngine.getMasterKey().equals(parse.getMasterKey())) {
                httpServletRequest.setAttribute("authMasterKey", true);
            }
            httpServletRequest.setAttribute(EngineRequestContext.ATTRIBUTE_KEY_AUTHENTICATION, parse);
            return;
        }
        if (parse.getSign() != null) {
            String[] split = parse.getSign().split(",");
            String str = split[0];
            String str2 = split[1];
            String str3 = null;
            if (split.length > 2) {
                str3 = split[2];
            }
            if (ANDROID_AFFILIATED_SUFFIX.equals(str3)) {
                String androidKey = LeanEngine.getAndroidKey();
                if (!StringUtil.isEmpty(androidKey)) {
                    if (parse.getSign().equals(GeneralRequestSignature.requestSign(androidKey, Long.parseLong(str2), ANDROID_AFFILIATED_SUFFIX))) {
                        httpServletRequest.setAttribute(EngineRequestContext.ATTRIBUTE_KEY_AUTHENTICATION, parse);
                        return;
                    }
                }
            } else {
                if (parse.getSign().equals(GeneralRequestSignature.requestSign(Long.parseLong(str2), SIGN_MASTERKEY_SUFFIX.equals(str3)))) {
                    httpServletRequest.setAttribute(EngineRequestContext.ATTRIBUTE_KEY_AUTHENTICATION, parse);
                    return;
                }
            }
        }
        throw new UnauthException();
    }

    public static PlatformRequestAuthentication getInstance(HttpServletRequest httpServletRequest) {
        if (null == httpServletRequest) {
            return null;
        }
        return (PlatformRequestAuthentication) httpServletRequest.getAttribute(EngineRequestContext.ATTRIBUTE_KEY_AUTHENTICATION);
    }

    private static PlatformRequestAuthentication parse(HttpServletRequest httpServletRequest) {
        if (null == httpServletRequest) {
            return null;
        }
        if (httpServletRequest.getContentType() != null && httpServletRequest.getContentType().startsWith("text/plain")) {
            return null;
        }
        String headers = getHeaders(httpServletRequest, "x-lc-id", "x-avoscloud-application-id", "x-uluru-application-id");
        String headers2 = getHeaders(httpServletRequest, "x-lc-key", "x-avoscloud-application-key", "x-uluru-application-key");
        String headers3 = getHeaders(httpServletRequest, "x-avoscloud-master-key", "x-uluru-master-key");
        if (headers2 != null && headers2.indexOf(",master") > 0) {
            headers3 = headers2.substring(0, headers2.indexOf(",master"));
            headers2 = null;
        }
        String headers4 = getHeaders(httpServletRequest, "x-lc-prod", "x-avoscloud-application-production", "x-uluru-application-production");
        if ("false".equals(headers4)) {
            headers4 = "0";
        }
        String headers5 = getHeaders(httpServletRequest, "x-lc-session", "x-uluru-session-token", "x-avoscloud-session-token");
        String headers6 = getHeaders(httpServletRequest, "x-lc-sign", "x-avoscloud-request-sign");
        String headers7 = getHeaders(httpServletRequest, "x-real-ip", "x-forwarded-for");
        if (StringUtil.isEmpty(headers7)) {
            headers7 = httpServletRequest.getRemoteAddr();
        }
        PlatformRequestAuthentication platformRequestAuthentication = new PlatformRequestAuthentication(headers, headers2, headers3, headers4, headers5, headers6, headers7);
        EngineRequestContext.setSessionToken(headers5);
        EngineRequestContext.setRemoteAddress(headers7);
        return platformRequestAuthentication;
    }

    private static String getHeaders(HttpServletRequest httpServletRequest, String... strArr) {
        for (String str : strArr) {
            String header = httpServletRequest.getHeader(str);
            if (header != null) {
                return header;
            }
        }
        return null;
    }

    public PlatformRequestAuthentication(String str, String str2, String str3, String str4, String str5, String str6, String str7) {
        this.appId = str;
        this.appKey = str2;
        this.masterKey = str3;
        this.prod = str4;
        this.sessionToken = str5;
        this.sign = str6;
        this.remoteAddress = str7;
    }

    public String getAppId() {
        return this.appId;
    }

    public String getAppKey() {
        return this.appKey;
    }

    public String getMasterKey() {
        return this.masterKey;
    }

    public String getProd() {
        return this.prod;
    }

    public String getSessionToken() {
        return this.sessionToken;
    }

    public String getSign() {
        return this.sign;
    }

    public String getRemoteAddress() {
        return this.remoteAddress;
    }

    public String toString() {
        return "RequestAuth [appId=" + this.appId + ", appKey=" + (this.appKey != null ? this.appKey.substring(0, 2) + "..." : null) + ", masterKey=" + (this.masterKey != null ? this.masterKey.substring(0, 2) + "..." : null) + ", prod=" + this.prod + ", sessionToken=" + this.sessionToken + ", sign=" + this.sign + "]";
    }
}
