package io.gitee.malbolge.session;

import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.ObjUtil;
import cn.hutool.core.util.StrUtil;
import io.gitee.malbolge.annotation.AutoSpi;
import io.gitee.malbolge.model.ApiResultException;
import io.gitee.malbolge.model.UserSession;
import io.gitee.malbolge.servlet.HttpInterceptor;
import io.gitee.malbolge.util.UuidUtil;
import jakarta.annotation.Resource;
import java.time.Duration;
import java.util.List;
import java.util.Map;
import java.util.function.Consumer;

@AutoSpi(HttpInterceptor.class)
/* loaded from: input_file:io/gitee/malbolge/session/SessionInterceptor.class */
public class SessionInterceptor extends HttpInterceptor {

    @Resource
    private SessionConfig config;

    @Resource
    private SessionStorage storage;

    @Resource
    private AutoLoginHandler handler;

    protected void init() {
        UserSession session = getSession();
        session.setExtra(new SessionExtra(this.storage, session));
        this.storage.init();
    }

    protected void clear() {
        getSession().setExtra((UserSession.Extra) null);
        this.storage.clear();
    }

    protected void intercept() throws Exception {
        if (!this.config.isEnabled()) {
            next();
            return;
        }
        UserSession session = getSession();
        try {
            session.setLoginHandler(this::doLogin);
            session.setLogoutHandler(this::doLogout);
            verify(session);
            next();
        } finally {
            session.setLoginHandler((Consumer) null);
            session.setLogoutHandler((Consumer) null);
            saveSession(session);
        }
    }

    protected final boolean isIgnore() {
        return this.config.getIgnoreVerify().stream().anyMatch(str -> {
            return this.antPath(str);
        }) && this.config.getRequireVerify().stream().noneMatch(str2 -> {
            return this.antPath(str2);
        });
    }

    protected final boolean isCompat() {
        return ObjUtil.equals(requestPath(), this.config.getLogoutAction()) || this.config.getCompatVerify().stream().anyMatch(str -> {
            return this.antPath(str);
        });
    }

    protected final boolean skip(UserSession userSession) {
        return !this.config.isEnabled() || userSession.isLogin() || isIgnore();
    }

    protected final String getClientKeyByCookie() {
        return cookie(this.config.getClientKey());
    }

    protected final String getTokenKeyByCookie() {
        return cookie(this.config.getTokenKey());
    }

    protected final void verify(UserSession userSession) {
        if (skip(userSession)) {
            return;
        }
        try {
            String clientKeyByCookie = getClientKeyByCookie();
            if (StrUtil.isBlank(clientKeyByCookie)) {
                String tokenKeyByCookie = getTokenKeyByCookie();
                if (StrUtil.isBlank(tokenKeyByCookie)) {
                    if (!ticketVerify()) {
                        throw new ApiResultException(-101, "缺少凭证");
                    }
                    return;
                }
                List<Map<String, String>> authorize = this.config.getAuthorize();
                if (CollUtil.isEmpty(authorize)) {
                    throw new ApiResultException(-102, "未配置授权信息");
                }
                Map<String, String> orElse = authorize.stream().filter(map -> {
                    return ObjUtil.equals(tokenKeyByCookie, map.get("token"));
                }).findFirst().orElse(null);
                if (orElse == null) {
                    throw new ApiResultException(-103, "无效的token");
                }
                userSession.setTokenKey(tokenKeyByCookie);
                this.handler.autoLogin(userSession, tokenKeyByCookie, orElse, request());
            } else {
                UserSession session = this.storage.getSession(clientKeyByCookie);
                if (session == null) {
                    if (!ticketVerify()) {
                        throw new ApiResultException(-104, "无效的会话");
                    }
                } else {
                    userSession.putAll(session);
                    userSession.setClientKey(clientKeyByCookie);
                    ticketVerify();
                }
            }
        } catch (ApiResultException e) {
            if (!isCompat()) {
                throw e;
            }
        }
    }

    private boolean ticketVerify() {
        String ticketKey = this.config.getTicketKey();
        String header = request().getHeader("Referer");
        if (!StrUtil.containsAny(header, new CharSequence[]{"?" + ticketKey + "=", "&" + ticketKey + "="})) {
            return false;
        }
        String decode = TicketUtil.decode(header, ticketKey);
        UserSession session = getSession();
        if (!ObjUtil.notEqual(decode, session.getClientKey())) {
            return true;
        }
        UserSession session2 = this.storage.getSession(decode);
        if (session2 == null) {
            throw new ApiResultException(-104, "无效的会话");
        }
        session.putAll(session2);
        session.setClientKey(decode);
        return true;
    }

    protected final Duration getTimeout() {
        return this.config.getTimeout();
    }

    protected final void saveSession(UserSession userSession) {
        if (!userSession.isLogin() || userSession.isLoggedIn() || userSession.isLoggedOut()) {
            return;
        }
        this.storage.saveSession(userSession.getSessionId(), userSession, getTimeout());
        String clientKey = userSession.getClientKey();
        if (StrUtil.isNotBlank(clientKey)) {
            cookie(this.config.getClientKey(), clientKey, -1, this.config.getDomain());
        }
    }

    protected final void doLogin(UserSession userSession) {
        String clientKeyByCookie = getClientKeyByCookie();
        if (StrUtil.isNotBlank(clientKeyByCookie)) {
            this.storage.deleteSession(clientKeyByCookie);
        }
        if (StrUtil.isBlank(userSession.getTokenKey())) {
            userSession.setClientKey(UuidUtil.uuid4());
        }
        saveSession(userSession);
    }

    protected final void doLogout(UserSession userSession) {
        if (userSession.isLogin()) {
            this.storage.deleteSession(userSession.getSessionId());
            removeCookie(this.config.getClientKey(), this.config.getDomain());
        }
    }
}
