package com.github.javaclub.base.utils;

import com.alibaba.fastjson.JSONObject;
import com.github.javaclub.base.domain.AdminUser;
import com.github.javaclub.base.domain.LoginTokenModel;
import com.github.javaclub.base.domain.UserProfile;
import com.github.javaclub.base.service.UserAccountService;
import com.github.javaclub.sword.BizException;
import com.github.javaclub.sword.algorithm.crypt.MiscCryptor;
import com.github.javaclub.sword.core.BizObjects;
import com.github.javaclub.sword.core.Strings;
import com.github.javaclub.sword.domain.enumtype.BasicMessage;
import com.github.javaclub.sword.web.holder.AdminUserHolder;
import com.github.javaclub.sword.web.holder.AppUserHolder;
import com.github.javaclub.toolbox.ToolBox;
import com.github.javaclub.toolbox.cache.redis.RedisStore;
import com.github.javaclub.toolbox.enumtype.SysAccountEnum;
import com.github.javaclub.toolbox.spring.BeanFactory;
import java.io.Serializable;
import java.time.Duration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/javaclub/base/utils/SecurityUtils.class */
public class SecurityUtils {
    static Logger log = LoggerFactory.getLogger(SecurityUtils.class);

    public static AdminUser getAdminUser() {
        return (AdminUser) AdminUserHolder.get();
    }

    public static UserProfile getAppUser() {
        return (UserProfile) AppUserHolder.get();
    }

    public static UserProfile getAppUserFromToken() {
        return getAppUserFromToken(false);
    }

    public static UserProfile getAppUserFromToken(boolean z) {
        try {
            String currentRequestHeader = ToolBox.Web.getCurrentRequestHeader("token");
            if (Strings.isBlank(currentRequestHeader)) {
                throw new BizException(BasicMessage.UN_LOGINED.getCode(), "请登录后再试！");
            }
            LoginTokenModel checkUserLoginToken = checkUserLoginToken(currentRequestHeader);
            Long parseLong = ToolBox.Numbers.parseLong(((Serializable) ToolBox.Objects.requireNotNull(checkUserLoginToken.getAccountId(), "用户信息异常，请重新登录！")).toString());
            String str = RedisStore.defaultPublic().get(ConfigUtils.getAccountTokenKey(SysAccountEnum.BIZ.identity(), parseLong, currentRequestHeader));
            if (Strings.isBlank(str)) {
                throw new BizException(BasicMessage.UN_LOGINED.getCode(), "登录已失效, 请登录后重试！");
            }
            UserProfile userProfile = (UserProfile) JSONObject.parseObject(str, UserProfile.class);
            BizObjects.requireTrue(Boolean.valueOf(null != userProfile && ToolBox.Numbers.isPositiveNumber(userProfile.getId())), BasicMessage.UN_LOGINED, "登录状态异常, 请重新登录！");
            if (ToolBox.Numbers.isPositiveNumber(parseLong)) {
                long currentTimeMillis = System.currentTimeMillis() - checkUserLoginToken.getTimestamp().longValue();
                if (0 > currentTimeMillis || currentTimeMillis > Duration.ofHours(ConfigUtils.getLoginExpiredHours(SysAccountEnum.BIZ.identity())).toMillis()) {
                    throw new BizException(BasicMessage.LOGIN_INVALID.getCode(), "登录已过期, 请登录后重试！");
                }
            }
            if (!ConfigUtils.isLoginUserLoadFromDb()) {
                return userProfile;
            }
            UserProfile loadUserProfile = ((UserAccountService) BeanFactory.getInstance().getBean(UserAccountService.class)).loadUserProfile(userProfile.getId());
            BizObjects.requireTrue(Boolean.valueOf(null != loadUserProfile), BasicMessage.UN_NORMAL_USER, "登录状态异常, 请重新登录！");
            return loadUserProfile;
        } catch (BizException | com.github.javaclub.BizException e) {
            if (z) {
                throw e;
            }
            return null;
        } catch (Throwable th) {
            log.error("用户token解析异常：url=" + ((Object) ToolBox.Web.getCurrentHttpRequest().getRequestURL()), th);
            if (z) {
                throw new BizException(BasicMessage.LOGIN_INVALID.getCode(), "系统繁忙，请登录后重试！");
            }
            return null;
        }
    }

    static LoginTokenModel checkUserLoginToken(String str) throws Exception {
        String decrypt = MiscCryptor.decrypt(str);
        BizObjects.requireTrue(Boolean.valueOf(Strings.isNotBlank(decrypt)), BasicMessage.LOGIN_INVALID, "登录已失效, 请登录后重试！");
        LoginTokenModel loginTokenModel = (LoginTokenModel) JSONObject.parseObject(decrypt, LoginTokenModel.class);
        BizObjects.requireTrue(Boolean.valueOf(null != loginTokenModel), BasicMessage.LOGIN_INVALID, "登录状态异常, 请重新登录！");
        BizObjects.requireTrue(Boolean.valueOf(null != loginTokenModel.getAccountId()), BasicMessage.LOGIN_INVALID, "登录状态异常, 请重新登录！！");
        BizObjects.requireTrue(Boolean.valueOf(loginTokenModel.validate()), BasicMessage.LOGIN_INVALID, "登录校验失败, 请重新登录！");
        return loginTokenModel;
    }
}
