package com.jxdinfo.hussar.support.security.core.sso;

import com.jxdinfo.hussar.platform.core.utils.support.StringPool;
import com.jxdinfo.hussar.support.security.core.SecurityManager;
import com.jxdinfo.hussar.support.security.core.config.SecuritySsoConfig;
import com.jxdinfo.hussar.support.security.core.exception.SecurityTokenException;
import com.jxdinfo.hussar.support.security.core.session.SecuritySession;
import com.jxdinfo.hussar.support.security.core.sso.SecuritySsoConsts;
import com.jxdinfo.hussar.support.security.core.stp.SecurityLogic;
import com.jxdinfo.hussar.support.security.core.strategy.SecurityStrategy;
import com.jxdinfo.hussar.support.security.core.util.SecurityFoxUtil;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:BOOT-INF/lib/hussar-security-core-8.3.4-cus-gyzq.25-fix.4.jar:com/jxdinfo/hussar/support/security/core/sso/SecuritySsoTemplate.class */
public class SecuritySsoTemplate {
    public SecurityLogic securityLogic;

    @FunctionalInterface
    /* loaded from: input_file:BOOT-INF/lib/hussar-security-core-8.3.4-cus-gyzq.25-fix.4.jar:com/jxdinfo/hussar/support/security/core/sso/SecuritySsoTemplate$CallSloUrlFunction.class */
    public interface CallSloUrlFunction {
        void run(String str);
    }

    public SecuritySsoTemplate(SecurityLogic securityLogic) {
        this.securityLogic = securityLogic;
    }

    public String createTicket(Object obj) {
        String randomTicket = randomTicket(obj);
        saveTicket(randomTicket, obj);
        saveTicketIndex(randomTicket, obj);
        return randomTicket;
    }

    public void saveTicket(String str, Object obj) {
        SecurityManager.getSaTokenDao().set(splicingTicketSaveKey(str), String.valueOf(obj), SecurityManager.getConfig().getSso().getTicketTimeout());
    }

    public void saveTicketIndex(String str, Object obj) {
        SecurityManager.getSaTokenDao().set(splicingTicketIndexKey(obj), String.valueOf(str), SecurityManager.getConfig().getSso().getTicketTimeout());
    }

    public void deleteTicket(String str) {
        if (str == null) {
            return;
        }
        SecurityManager.getSaTokenDao().delete(splicingTicketSaveKey(str));
    }

    public void deleteTicketIndex(Object obj) {
        if (obj == null) {
            return;
        }
        SecurityManager.getSaTokenDao().delete(splicingTicketIndexKey(obj));
    }

    public Object getLoginId(String str) {
        if (SecurityFoxUtil.isEmpty(str)) {
            return null;
        }
        return SecurityManager.getSaTokenDao().get(splicingTicketSaveKey(str));
    }

    public <T> T getLoginId(String str, Class<T> cls) {
        return (T) SecurityFoxUtil.getValueByType(getLoginId(str), cls);
    }

    public String getTicketValue(Object obj) {
        if (obj == null) {
            return null;
        }
        return SecurityManager.getSaTokenDao().get(splicingTicketIndexKey(obj));
    }

    public Object checkTicket(String str) {
        Object loginId = getLoginId(str);
        if (loginId != null) {
            deleteTicket(str);
            deleteTicketIndex(loginId);
        }
        return loginId;
    }

    public String randomTicket(Object obj) {
        return SecurityFoxUtil.getRandomString(64);
    }

    public String buildServerAuthUrl(String str, String str2) {
        return SecurityFoxUtil.joinParam(SecurityManager.getConfig().getSso().getAuthUrl(), SecuritySsoConsts.ParamName.redirect, SecurityFoxUtil.joinParam(str, SecuritySsoConsts.ParamName.back, SecurityFoxUtil.encodeUrl(str2 == null ? "" : str2)));
    }

    public String buildRedirectUrl(Object obj, String str) {
        checkRedirectUrl(str);
        deleteTicket(getTicketValue(obj));
        return SecurityFoxUtil.joinParam(encodeBackParam(str), SecuritySsoConsts.ParamName.ticket, createTicket(obj));
    }

    public void checkRedirectUrl(String str) {
        if (!SecurityFoxUtil.isUrl(str)) {
            throw new SecurityTokenException("无效redirect：" + str);
        }
        int indexOf = str.indexOf("?");
        if (indexOf != -1) {
            str = str.substring(0, indexOf);
        }
        if (!SecurityStrategy.me.hasElement.apply(Arrays.asList(getAllowUrl().replaceAll(" ", "").split(",")), str).booleanValue()) {
            throw new SecurityTokenException("非法redirect：" + str);
        }
    }

    public String getAllowUrl() {
        return SecurityManager.getConfig().getSso().getAllowUrl();
    }

    public String encodeBackParam(String str) {
        int indexOf = str.indexOf("?" + SecuritySsoConsts.ParamName.back + StringPool.EQUALS);
        if (indexOf == -1) {
            indexOf = str.indexOf("&" + SecuritySsoConsts.ParamName.back + StringPool.EQUALS);
            if (indexOf == -1) {
                return str;
            }
        }
        int length = SecuritySsoConsts.ParamName.back.length() + 2;
        return str.substring(0, indexOf + length) + SecurityFoxUtil.encodeUrl(str.substring(indexOf + length));
    }

    public String buildUserinfoUrl(Object obj) {
        return SecurityFoxUtil.joinParam(SecurityFoxUtil.joinParam(SecurityManager.getConfig().getSso().getUserinfoUrl(), SecuritySsoConsts.ParamName.loginId, obj), SecuritySsoConsts.ParamName.secretkey, SecurityManager.getConfig().getSso().getSecretkey());
    }

    public void checkSecretkey(String str) {
        if (str == null || str.isEmpty() || !str.equals(SecurityManager.getConfig().getSso().getSecretkey())) {
            throw new SecurityTokenException("无效秘钥：" + str);
        }
    }

    public String buildCheckTicketUrl(String str, String str2) {
        String joinParam = SecurityFoxUtil.joinParam(SecurityManager.getConfig().getSso().getCheckTicketUrl(), SecuritySsoConsts.ParamName.ticket, str);
        if (str2 != null) {
            joinParam = SecurityFoxUtil.joinParam(joinParam, SecuritySsoConsts.ParamName.ssoLogoutCall, str2);
        }
        return joinParam;
    }

    public void registerSloCallbackUrl(Object obj, String str) {
        if (obj == null || str == null || str.isEmpty()) {
            return;
        }
        SecuritySession sessionByLoginId = this.securityLogic.getSessionByLoginId(obj);
        Set set = (Set) sessionByLoginId.get(SecuritySsoConsts.SLO_CALLBACK_SET_KEY, () -> {
            return new HashSet();
        });
        set.add(str);
        sessionByLoginId.set(SecuritySsoConsts.SLO_CALLBACK_SET_KEY, set);
    }

    public void forEachSloUrl(Object obj, CallSloUrlFunction callSloUrlFunction) {
        String secretkey = SecurityManager.getConfig().getSso().getSecretkey();
        Iterator it = ((Set) this.securityLogic.getSessionByLoginId(obj).get(SecuritySsoConsts.SLO_CALLBACK_SET_KEY, () -> {
            return new HashSet();
        })).iterator();
        while (it.hasNext()) {
            callSloUrlFunction.run(SecurityFoxUtil.joinParam(SecurityFoxUtil.joinParam((String) it.next(), SecuritySsoConsts.ParamName.loginId, obj), SecuritySsoConsts.ParamName.secretkey, secretkey));
        }
    }

    public String buildSloUrl(Object obj) {
        SecuritySsoConfig sso = SecurityManager.getConfig().getSso();
        return SecurityFoxUtil.joinParam(SecurityFoxUtil.joinParam(sso.getSloUrl(), SecuritySsoConsts.ParamName.loginId, obj), SecuritySsoConsts.ParamName.secretkey, sso.getSecretkey());
    }

    public void singleLogout(String str, Object obj, CallSloUrlFunction callSloUrlFunction) {
        checkSecretkey(str);
        forEachSloUrl(obj, callSloUrlFunction);
        this.securityLogic.logoutByTokenValue(this.securityLogic.getTokenValueByLoginId(obj), obj.toString());
    }

    public Object getUserinfo(Object obj) {
        return SecurityManager.getConfig().getSso().sendHttp.apply(buildUserinfoUrl(obj));
    }

    public String splicingTicketSaveKey(String str) {
        return SecurityManager.getConfig().getTokenName() + ":ticket:" + str;
    }

    public String splicingTicketIndexKey(Object obj) {
        return SecurityManager.getConfig().getTokenName() + ":id-ticket:" + obj;
    }
}
