package org.onetwo.ext.security.provider;

import com.google.common.cache.Cache;
import com.google.common.cache.CacheBuilder;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import org.onetwo.common.exception.BaseException;
import org.onetwo.common.utils.LangOps;
import org.onetwo.ext.security.utils.ExceptionUserCheckerConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.context.event.EventListener;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.event.AuthenticationFailureBadCredentialsEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.util.Assert;

/* loaded from: input_file:org/onetwo/ext/security/provider/ExceptionUserChecker.class */
public class ExceptionUserChecker implements InitializingBean, AuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(ExceptionUserChecker.class);
    private Cache<String, AtomicInteger> exceptionUsers;
    private ExceptionUserCheckerConfig exceptionUserCheckerConfig;

    public void afterPropertiesSet() throws Exception {
        String duration = this.exceptionUserCheckerConfig.getDuration();
        Assert.hasText(duration, "duration must have length; it must not be null or empty");
        this.exceptionUsers = CacheBuilder.newBuilder().maximumSize(100L).expireAfterWrite(((Integer) r0.getKey()).intValue(), (TimeUnit) LangOps.parseTimeUnit(duration).getValue()).build();
    }

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        checkUser(authentication.getName());
        return null;
    }

    public void checkUser(String str) {
        int maxLoginTimes = this.exceptionUserCheckerConfig.getMaxLoginTimes();
        if (getExceptionTimesByUser(str).get() >= maxLoginTimes) {
            throw new LockedException("登录错误超过" + maxLoginTimes + "次，请稍后尝试！");
        }
    }

    @EventListener
    public void onBadCredentials(AuthenticationFailureBadCredentialsEvent authenticationFailureBadCredentialsEvent) {
        String name = authenticationFailureBadCredentialsEvent.getAuthentication().getName();
        int incrementAndGet = getExceptionTimesByUser(name).incrementAndGet();
        if (log.isWarnEnabled()) {
            log.warn("The user[{}] has logged in {} times failed", name, Integer.valueOf(incrementAndGet));
        }
    }

    public AtomicInteger getExceptionTimesByUser(String str) {
        try {
            return (AtomicInteger) this.exceptionUsers.get(str, () -> {
                return new AtomicInteger(0);
            });
        } catch (ExecutionException e) {
            throw new BaseException("getExceptionTimesByUser error: " + e.getMessage(), e);
        }
    }

    public boolean supports(Class<?> cls) {
        return UsernamePasswordAuthenticationToken.class.isAssignableFrom(cls);
    }

    public void setExceptionUserCheckerConfig(ExceptionUserCheckerConfig exceptionUserCheckerConfig) {
        this.exceptionUserCheckerConfig = exceptionUserCheckerConfig;
    }
}
