package noo.rest.security.processor;

import java.io.IOException;
import java.util.concurrent.TimeUnit;
import java.util.function.Function;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import noo.exception.AuthenticateException;
import noo.rest.security.SecueHelper;
import noo.util.Http;
import noo.util.ID;
import noo.util.S;

/* loaded from: input_file:noo/rest/security/processor/AccessCodeInterceptor.class */
public class AccessCodeInterceptor extends RequestInterceptor {
    public static String ACCESSKEY = "accessKey";
    public static String SECRET = "accessSecret";
    public static String CODE = "code";
    public static String TOKENURL = "/refresh_code";
    public static String CHECK_TOKENURL = "/check_code";
    public static String TOKEN_PREFIX = "noo.access.code:";
    private Function<String, String> secret_load;
    private boolean useOnce = true;

    @Override // noo.rest.security.processor.RequestInterceptor
    public boolean process(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        if (is_RefreshTokenUrl(str)) {
            retrieveCode(httpServletRequest, httpServletResponse);
            return true;
        }
        if (!is_CheckTokenUrl(str)) {
            return false;
        }
        String str2 = TOKEN_PREFIX + httpServletRequest.getParameter(CODE);
        if (!S.isNotBlank((String) this.redis.opsForValue().get(str2))) {
            SecueHelper.writeResponse(httpServletResponse, "false");
            return true;
        }
        if (this.useOnce) {
            this.redis.delete(str2);
        }
        SecueHelper.writeResponse(httpServletResponse, "true");
        return true;
    }

    private boolean is_RefreshTokenUrl(String str) {
        return str.endsWith(TOKENURL);
    }

    private boolean is_CheckTokenUrl(String str) {
        return str.endsWith(CHECK_TOKENURL);
    }

    protected void retrieveCode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter(ACCESSKEY);
        String parameter2 = httpServletRequest.getParameter(SECRET);
        if (this.secret_load == null || !S.isNotBlank(parameter) || !S.isNotBlank(parameter2)) {
            throw new AuthenticateException("必须有access申请信息！");
        }
        if (!parameter2.equals(this.secret_load.apply(parameter))) {
            throw new AuthenticateException("access key secret错误！");
        }
        SecueHelper.writeResponse(httpServletResponse, genCode());
    }

    private String genCode() {
        String uuid = ID.uuid();
        this.redis.opsForValue().set(TOKEN_PREFIX + uuid, "0", 60L, TimeUnit.MINUTES);
        return uuid;
    }

    public Function<String, String> getSecret_load() {
        return this.secret_load;
    }

    public void setSecret_load(Function<String, String> function) {
        this.secret_load = function;
    }

    public void setUseOnce(boolean z) {
        this.useOnce = z;
    }

    public static String getCode(String str, String str2, String str3) {
        String str4 = ACCESSKEY + "=" + str2 + "&" + SECRET + "=" + str3;
        return str.toLowerCase().startsWith("https://") ? Http.httpsGet(str, str4) : Http.sendGet(str, str4);
    }

    public static boolean checkCode(String str, String str2) {
        String str3 = CODE + "=" + str2;
        return "true".equals(str.toLowerCase().startsWith("https://") ? Http.httpsGet(str, str3) : Http.sendGet(str, str3));
    }
}
