package com.github.frogwarm.spring.boot.admin.client.impl;

import com.github.frogwarm.spring.boot.admin.client.AuthVerification;
import com.github.frogwarm.spring.boot.admin.client.AuthVerificationFilter;
import com.github.frogwarm.spring.boot.admin.common.TokenUtil;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/github/frogwarm/spring/boot/admin/client/impl/DefaultAuthVerification.class */
public class DefaultAuthVerification implements AuthVerification {
    private static final Logger log = LoggerFactory.getLogger(AuthVerificationFilter.class);
    private final String secret;

    public DefaultAuthVerification(String str) {
        this.secret = str;
    }

    @Override // com.github.frogwarm.spring.boot.admin.client.AuthVerification
    public boolean verification(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("admin-token");
        if (log.isDebugEnabled()) {
            log.debug("请求地址{}获取到header中token：{}", httpServletRequest.getRequestURI(), header);
        }
        return verification(header, httpServletRequest.getHeader("admin-timestamp"), httpServletRequest.getHeader("admin-nonce"), httpServletRequest.getRequestURI());
    }

    @Override // com.github.frogwarm.spring.boot.admin.client.AuthVerification
    public boolean verification(ServerHttpRequest serverHttpRequest) {
        if (!serverHttpRequest.getPath().value().startsWith("/actuator")) {
            return true;
        }
        String first = serverHttpRequest.getHeaders().getFirst("admin-token");
        if (log.isDebugEnabled()) {
            log.debug("请求地址{}获取到header中token：{}", serverHttpRequest.getPath(), first);
        }
        return verification(first, serverHttpRequest.getHeaders().getFirst("admin-timestamp"), serverHttpRequest.getHeaders().getFirst("admin-nonce"), serverHttpRequest.getPath().value());
    }

    private boolean verification(String str, String str2, String str3, String str4) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2) || StringUtils.isEmpty(str3)) {
            log.warn("{}验证权限失败，secret: {} ,token: {}, timestamp: {} ,nonceStr: {}。", new Object[]{str4, this.secret, str, str2, str3});
            return false;
        }
        boolean verification = TokenUtil.verification(str, this.secret, str2, str3);
        if (!verification) {
            log.warn("{}验证权限失败，secret: {} ,token: {}, timestamp: {} ,nonceStr: {}。", new Object[]{str4, this.secret, str, str2, str3});
        }
        return verification;
    }
}
