package io.gitee.malbolge.session;

import cn.hutool.core.net.url.UrlBuilder;
import cn.hutool.core.net.url.UrlQuery;
import cn.hutool.core.util.HexUtil;
import cn.hutool.core.util.StrUtil;
import io.gitee.malbolge.api.SpringApi;
import io.gitee.malbolge.model.UserSession;
import io.gitee.malbolge.util.UuidUtil;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.time.Duration;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:io/gitee/malbolge/session/TicketUtil.class */
public class TicketUtil {
    private static byte[] content(UrlBuilder urlBuilder) {
        StringBuilder sb = new StringBuilder();
        sb.append("S: ").append(urlBuilder.getScheme());
        sb.append("H: ").append(urlBuilder.getHost());
        sb.append("P: ").append(urlBuilder.getPort());
        sb.append("R: ").append(urlBuilder.getPath());
        urlBuilder.getQuery().getQueryMap().forEach((charSequence, charSequence2) -> {
            sb.append("Q: ").append(charSequence).append(" = ").append(charSequence2);
        });
        sb.append("F: ").append(urlBuilder.getFragment());
        return sb.toString().getBytes(StandardCharsets.UTF_8);
    }

    private static byte[] md5(byte[] bArr) {
        return MessageDigest.getInstance("MD5").digest(bArr);
    }

    private static byte[] aes(boolean z, byte[] bArr, byte[] bArr2) {
        Cipher cipher = Cipher.getInstance("AES");
        cipher.init(z ? 1 : 2, new SecretKeySpec(bArr2, "AES"));
        return cipher.doFinal(bArr);
    }

    static String encode(String str, String str2, String str3) {
        UrlBuilder of = UrlBuilder.of(str);
        UrlQuery query = of.getQuery();
        if (StrUtil.isNotBlank(query.get(str2))) {
            throw new RuntimeException("不可授权的url:" + str);
        }
        query.add(str2, Base64.getUrlEncoder().withoutPadding().encodeToString(aes(true, HexUtil.decodeHex(str3), md5(content(of)))));
        return of.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String decode(String str, String str2) {
        UrlBuilder of = UrlBuilder.of(str);
        UrlQuery query = of.getQuery();
        CharSequence charSequence = query.get(str2);
        if (StrUtil.isBlank(charSequence)) {
            throw new RuntimeException("非授权的url:" + str);
        }
        query.remove(str2);
        return "ticket:" + HexUtil.encodeHexStr(aes(false, Base64.getUrlDecoder().decode(charSequence.toString()), md5(content(of))));
    }

    public static String auth(String str, String str2, String str3, Duration duration) {
        SessionConfig sessionConfig = (SessionConfig) SpringApi.getBean(SessionConfig.class);
        String uuid4 = UuidUtil.uuid4();
        String encode = encode(str, sessionConfig.getTicketKey(), uuid4);
        AutoLoginHandler autoLoginHandler = (AutoLoginHandler) SpringApi.getBean(AutoLoginHandler.class);
        SessionStorage sessionStorage = (SessionStorage) SpringApi.getBean(SessionStorage.class);
        UserSession userSession = new UserSession();
        userSession.setExtra(new SessionExtra(sessionStorage, userSession));
        userSession.setLoginHandler(userSession2 -> {
            userSession2.setClientKey("ticket:" + uuid4);
            sessionStorage.saveSession(userSession2.getSessionId(), userSession, duration);
        });
        autoLoginHandler.autoLogin(userSession, str2, str3);
        return encode;
    }
}
