package goja.security.goja;

import com.google.common.base.Function;
import com.jfinal.plugin.activerecord.Model;
import com.jfinal.plugin.ehcache.CacheKit;
import goja.Goja;
import goja.encry.DigestsKit;
import goja.encry.EncodeKit;
import goja.mvc.kit.Requests;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.SecureRandom;
import java.util.Enumeration;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;

/* loaded from: input_file:goja/security/goja/SecurityKit.class */
public class SecurityKit {
    private static final String LOGIN_CACHE_SESSION = "login.session";
    private static final String DES = "DES";
    private static final int MAX_AGE = 31536000;
    public static final String COOKIE_LOGIN = Goja.appName + "_session_id";
    private static final String LOGIN_SESSION_KEY = Goja.appName + "#$session$login_user";
    private static final String LOGIN_MEMBER_ID = Goja.appName + "@session#member%id";
    private static final byte[] E_KEY = {49, 50, 51, 52, 53, 54, 55, 56};

    public static boolean isLogin(HttpServletRequest httpServletRequest) {
        return getLoginUser(httpServletRequest) != null;
    }

    public static <T extends Model> boolean login(T t, String str, boolean z, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        boolean checkPassword = checkPassword(t.getStr("salt"), t.getStr("password"), str);
        if (checkPassword) {
            setLoginMember(httpServletRequest, httpServletResponse, t, z);
        }
        return checkPassword;
    }

    public static <T extends Model> void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        CookieUser userFromCookie = getUserFromCookie(httpServletRequest);
        Requests.deleteCookie(httpServletRequest, httpServletResponse, COOKIE_LOGIN, true);
        if (userFromCookie != null) {
            CacheKit.remove(LOGIN_CACHE_SESSION, LOGIN_CACHE_SESSION + userFromCookie.getId());
        } else {
            Model loginUser = getLoginUser(httpServletRequest);
            if (loginUser != null) {
                CacheKit.remove(LOGIN_CACHE_SESSION, LOGIN_CACHE_SESSION + loginUser.getNumber("id"));
            }
        }
        Enumeration attributeNames = httpServletRequest.getSession().getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            httpServletRequest.getSession().removeAttribute((String) attributeNames.nextElement());
        }
        httpServletRequest.getSession().invalidate();
    }

    public static <T extends Model> T getLoginWithDb(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Function<Long, T> function) {
        T t = (T) getLoginUser(httpServletRequest);
        if (t != null) {
            return t;
        }
        CookieUser userFromCookie = getUserFromCookie(httpServletRequest);
        if (userFromCookie == null) {
            return null;
        }
        Model model = (Model) CacheKit.get(LOGIN_CACHE_SESSION, LOGIN_CACHE_SESSION + userFromCookie.getId());
        if (model == null) {
            model = (Model) function.apply(Long.valueOf(userFromCookie.getId()));
            CacheKit.put(LOGIN_CACHE_SESSION, LOGIN_CACHE_SESSION + userFromCookie.getId(), model);
        }
        if (model == null || !StringUtils.equalsIgnoreCase(model.getStr("password"), userFromCookie.getPassword())) {
            return null;
        }
        setLoginMember(httpServletRequest, httpServletResponse, model, true);
        return (T) model;
    }

    public static <T extends Model> T getLoginUser(HttpServletRequest httpServletRequest) {
        return (T) httpServletRequest.getSession().getAttribute(LOGIN_SESSION_KEY);
    }

    private static <T extends Model> void setLoginMember(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, T t, boolean z) {
        httpServletRequest.getSession().setAttribute(LOGIN_SESSION_KEY, t);
        httpServletRequest.getSession().setAttribute(LOGIN_MEMBER_ID, t.getNumber("id"));
        saveMemberInCookie(t, z, httpServletRequest, httpServletResponse);
    }

    public static boolean checkPassword(String str, String str2, String str3) {
        return StringUtils.equals(EncodeKit.encodeHex(DigestsKit.sha1(str3.getBytes(), EncodeKit.decodeHex(str), 1024)), str2);
    }

    public static <T extends Model> void saveMemberInCookie(T t, boolean z, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String loginKey = getLoginKey(t, Requests.remoteAddr(httpServletRequest), httpServletRequest.getHeader("user-agent"));
        int i = z ? MAX_AGE : -1;
        Requests.deleteCookie(httpServletRequest, httpServletResponse, COOKIE_LOGIN, true);
        Requests.setCookie(httpServletRequest, httpServletResponse, COOKIE_LOGIN, loginKey, i, true);
    }

    private static <T extends Model> String getLoginKey(T t, String str, String str2) {
        return encrypt(String.valueOf(t.getNumber("id")) + '|' + t.getStr("password") + '|' + str + '|' + (str2 == null ? 0 : str2.hashCode()) + '|' + System.currentTimeMillis());
    }

    private static byte[] encrypt(byte[] bArr, byte[] bArr2) throws RuntimeException {
        try {
            SecureRandom secureRandom = new SecureRandom();
            SecretKey generateSecret = SecretKeyFactory.getInstance(DES).generateSecret(new DESKeySpec(bArr2));
            Cipher cipher = Cipher.getInstance(DES);
            cipher.init(1, generateSecret, secureRandom);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static CookieUser getUserFromCookie(HttpServletRequest httpServletRequest) {
        try {
            Cookie cookie = Requests.getCookie(httpServletRequest, COOKIE_LOGIN);
            if (cookie == null || !StringUtils.isNotBlank(cookie.getValue())) {
                return null;
            }
            return userForCookie(cookie.getValue(), httpServletRequest);
        } catch (Exception e) {
            return null;
        }
    }

    private static String encrypt(String str) {
        try {
            return URLEncoder.encode(new String(Base64.encodeBase64(encrypt(str.getBytes(), E_KEY))), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            return null;
        }
    }

    private static CookieUser userForCookie(String str, HttpServletRequest httpServletRequest) {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        String[] split = StringUtils.split(decrypt(str), '|');
        if (split.length != 5) {
            return null;
        }
        String header = httpServletRequest.getHeader("user-agent");
        if ((header == null ? 0 : header.hashCode()) == Integer.parseInt(split[3])) {
            return new CookieUser(NumberUtils.toLong(split[0], -1L), split[1], false);
        }
        return null;
    }

    private static String decrypt(String str) {
        try {
            String decode = URLDecoder.decode(str, "UTF-8");
            if (StringUtils.isBlank(decode)) {
                return null;
            }
            return new String(decrypt(Base64.decodeBase64(decode.getBytes()), E_KEY));
        } catch (UnsupportedEncodingException e) {
            return null;
        }
    }

    private static byte[] decrypt(byte[] bArr, byte[] bArr2) throws RuntimeException {
        try {
            SecureRandom secureRandom = new SecureRandom();
            SecretKey generateSecret = SecretKeyFactory.getInstance(DES).generateSecret(new DESKeySpec(bArr2));
            Cipher cipher = Cipher.getInstance(DES);
            cipher.init(2, generateSecret, secureRandom);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }
}
