package com.xiaomi.mone.app.auth;

import com.alibaba.nacos.api.config.annotation.NacosValue;
import com.alibaba.nacos.client.config.utils.MD5;
import com.xiaomi.mone.app.common.Result;
import com.xiaomi.mone.app.enums.CommonError;
import com.xiaomi.mone.app.redis.RedisService;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
import java.util.concurrent.locks.ReentrantLock;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.backoff.ExponentialBackOff;

@Service
/* loaded from: input_file:BOOT-INF/lib/app-service-1.4-jdk21-1.jar:com/xiaomi/mone/app/auth/AuthorizationService.class */
public class AuthorizationService {

    @NacosValue(value = "${hera.auth.user}", autoRefreshed = true)
    private String userName;

    @NacosValue(value = "${hera.auth.pwd}", autoRefreshed = true)
    private String passWord;

    @NacosValue(value = "${hera.auth.secret}", autoRefreshed = true)
    private String secret;

    @Autowired
    RedisService redisService;
    private final ReentrantLock lock = new ReentrantLock();
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AuthorizationService.class);
    private static int tokenAccessSequence = 0;
    private static int tokenTimeLimit = 600;
    private static DateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");

    public Result fetchToken(String str, String str2, Long l) {
        log.info("fetchToken user : {} , timestamp : {}", str, df.format(l));
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2) || l == null) {
            log.error("fetchToken param error! user : {}, sign : {}, timestamp :{}", str, str2, l);
            return Result.fail(CommonError.ParamsError);
        }
        Long valueOf = Long.valueOf(System.currentTimeMillis());
        if (valueOf.longValue() - l.longValue() < 0 || valueOf.longValue() - l.longValue() > ExponentialBackOff.DEFAULT_MAX_INTERVAL) {
            log.error("fetchToken param time expired! currentTimeStamp : {}, param timestamp :{}", valueOf, l);
            return Result.fail(CommonError.ParamsError);
        }
        if (!this.userName.equals(str)) {
            log.info("fetchToken param user error! user : {} ", str);
            return Result.fail(CommonError.NO_AUTHORIZATION);
        }
        String mD5String = MD5.getInstance().getMD5String(this.passWord);
        StringBuilder sb = new StringBuilder();
        sb.append(this.userName).append(mD5String).append(l);
        if (MD5.getInstance().getMD5String(sb.toString()).equals(str2)) {
            return Result.success(generateToken(this.userName));
        }
        log.info("fetchToken param sign error! user : {} , sign : {}", str, str2);
        return Result.fail(CommonError.NO_AUTHORIZATION);
    }

    private String generateToken(String str) {
        StringBuilder sb = new StringBuilder();
        sb.append("token:").append(str).append(":").append(System.currentTimeMillis()).append(":").append(this.secret);
        String mD5String = MD5.getInstance().getMD5String(sb.toString());
        try {
            this.redisService.set(mD5String, String.valueOf(tokenAccessSequence), tokenTimeLimit);
        } catch (Exception e) {
            log.error(e.getMessage(), (Throwable) e);
        }
        return mD5String;
    }

    public Result checkAuthorization(String str) {
        if (StringUtils.isBlank(str)) {
            log.error("checkAuthorization error!token is null!");
            return Result.fail(CommonError.NO_TOKEN);
        }
        try {
            if (!StringUtils.isBlank(this.redisService.get(str))) {
                return Result.success();
            }
            log.error("checkAuthorization token is error or expired!");
            return Result.fail(CommonError.INVALID_TOKEN);
        } catch (Exception e) {
            log.error("checkAuthorization redis exception!" + e.getMessage(), (Throwable) e);
            return Result.fail(CommonError.UnknownError);
        }
    }

    public Integer checkAuthorizationWithSeq(String str, Integer num) {
        this.lock.lock();
        try {
            if (StringUtils.isBlank(str)) {
                log.error("checkAuthorization error!token is null!");
                this.lock.unlock();
                return null;
            }
            if (this.redisService.get(str) == null) {
                log.error("checkAuthorization token is error or expired!");
                this.lock.unlock();
                return null;
            }
            Integer valueOf = Integer.valueOf(this.redisService.get(str));
            if (num.intValue() <= valueOf.intValue()) {
                log.error("token accessSeq has expired!accessSeq:{}, currentNum:{}", num, valueOf);
                this.lock.unlock();
                return null;
            }
            if (num.intValue() - valueOf.intValue() > 1) {
                log.error("token accessSeq error!accessSeq:{}, currentNum:{}", num, valueOf);
                this.lock.unlock();
                return null;
            }
            this.redisService.set(str, String.valueOf(num), this.redisService.ttl(str));
            Integer valueOf2 = Integer.valueOf(num.intValue() + 1);
            this.lock.unlock();
            return valueOf2;
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }
}
