package cn.dev33.satoken.apikey;

import cn.dev33.satoken.SaManager;
import cn.dev33.satoken.apikey.model.ApiKeyModel;
import cn.dev33.satoken.config.SaTokenConfig;
import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.context.model.SaRequest;
import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.error.SaErrorCode;
import cn.dev33.satoken.exception.ApiKeyException;
import cn.dev33.satoken.exception.ApiKeyScopeException;
import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
import cn.dev33.satoken.session.SaSession;
import cn.dev33.satoken.session.raw.SaRawSessionDelegator;
import cn.dev33.satoken.strategy.SaStrategy;
import cn.dev33.satoken.util.SaFoxUtil;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: input_file:cn/dev33/satoken/apikey/SaApiKeyTemplate.class */
public class SaApiKeyTemplate {
    public static final String DEFAULT_NAMESPACE = "apikey";
    public String namespace;
    public SaRawSessionDelegator rawSessionDelegator;
    public static final String API_KEY_LIST = "__HD_API_KEY_LIST";

    public SaApiKeyTemplate() {
        this(DEFAULT_NAMESPACE);
    }

    public SaApiKeyTemplate(String str) {
        if (SaFoxUtil.isEmpty(str)) {
            throw new ApiKeyException("namespace 不能为空");
        }
        this.namespace = str;
        this.rawSessionDelegator = new SaRawSessionDelegator(str);
    }

    public ApiKeyModel getApiKeyModelFromCache(String str) {
        return (ApiKeyModel) getSaTokenDao().getObject(splicingApiKeySaveKey(str), ApiKeyModel.class);
    }

    public ApiKeyModel getApiKeyModelFromDatabase(String str) {
        return SaManager.getSaApiKeyDataLoader().getApiKeyModelFromDatabase(this.namespace, str);
    }

    public ApiKeyModel getApiKey(String str) {
        if (str == null) {
            return null;
        }
        ApiKeyModel apiKeyModelFromCache = getApiKeyModelFromCache(str);
        if (apiKeyModelFromCache == null) {
            apiKeyModelFromCache = getApiKeyModelFromDatabase(str);
            saveApiKey(apiKeyModelFromCache);
        }
        return apiKeyModelFromCache;
    }

    public ApiKeyModel checkApiKey(String str) {
        ApiKeyModel apiKey = getApiKey(str);
        if (apiKey == null) {
            throw new ApiKeyException("无效 API Key: " + str).setApiKey(str).setCode(SaErrorCode.CODE_12301);
        }
        if (apiKey.timeExpired()) {
            throw new ApiKeyException("API Key 已过期: " + str).setApiKey(str).setCode(SaErrorCode.CODE_12302);
        }
        if (apiKey.getIsValid().booleanValue()) {
            return apiKey;
        }
        throw new ApiKeyException("API Key 已被禁用: " + str).setApiKey(str).setCode(SaErrorCode.CODE_12303);
    }

    public void saveApiKey(ApiKeyModel apiKeyModel) {
        if (apiKeyModel == null) {
            return;
        }
        apiKeyModel.checkByCanSaved();
        String splicingApiKeySaveKey = splicingApiKeySaveKey(apiKeyModel.getApiKey());
        if (apiKeyModel.timeExpired()) {
            getSaTokenDao().deleteObject(splicingApiKeySaveKey);
        } else {
            getSaTokenDao().setObject(splicingApiKeySaveKey, apiKeyModel, apiKeyModel.expiresIn());
        }
        if (getIsRecordIndex()) {
            SaSession sessionById = this.rawSessionDelegator.getSessionById(apiKeyModel.getLoginId());
            ArrayList arrayList = (ArrayList) sessionById.get(API_KEY_LIST, ArrayList::new);
            if (!arrayList.contains(apiKeyModel.getApiKey())) {
                arrayList.add(apiKeyModel.getApiKey());
                sessionById.set(API_KEY_LIST, (Object) arrayList);
            }
            adjustIndex(apiKeyModel.getLoginId(), sessionById);
        }
    }

    public Object getLoginIdByApiKey(String str) {
        return checkApiKey(str).getLoginId();
    }

    public void deleteApiKey(String str) {
        SaSession sessionById;
        ApiKeyModel apiKeyModelFromCache = getApiKeyModelFromCache(str);
        if (apiKeyModelFromCache == null) {
            return;
        }
        getSaTokenDao().deleteObject(splicingApiKeySaveKey(str));
        if (!getIsRecordIndex() || (sessionById = this.rawSessionDelegator.getSessionById(apiKeyModelFromCache.getLoginId(), false)) == null) {
            return;
        }
        ArrayList arrayList = (ArrayList) sessionById.get(API_KEY_LIST, ArrayList::new);
        if (arrayList.contains(str)) {
            if (arrayList.size() == 1) {
                this.rawSessionDelegator.deleteSessionById(apiKeyModelFromCache.getLoginId());
            } else {
                arrayList.remove(str);
                sessionById.set(API_KEY_LIST, (Object) arrayList);
            }
        }
    }

    public void deleteApiKeyByLoginId(Object obj) {
        if (!getIsRecordIndex()) {
            SaManager.getLog().warn("当前 API Key 模块未开启索引记录功能，无法执行 deleteApiKeyByLoginId 操作", new Object[0]);
            return;
        }
        SaSession sessionById = this.rawSessionDelegator.getSessionById(obj, false);
        if (sessionById == null) {
            return;
        }
        Iterator it = ((ArrayList) sessionById.get(API_KEY_LIST, ArrayList::new)).iterator();
        while (it.hasNext()) {
            getSaTokenDao().deleteObject(splicingApiKeySaveKey((String) it.next()));
        }
        this.rawSessionDelegator.deleteSessionById(obj);
    }

    public ApiKeyModel createApiKeyModel() {
        return new ApiKeyModel().setApiKey(SaStrategy.instance.generateUniqueToken.execute("API Key", SaManager.getConfig().getMaxTryTimes(), this::randomApiKeyValue, str -> {
            return Boolean.valueOf(getApiKey(str) == null);
        }));
    }

    public ApiKeyModel createApiKeyModel(Object obj) {
        long timeout = SaManager.getConfig().getApiKey().getTimeout();
        return createApiKeyModel().setLoginId(obj).setIsValid(true).setExpiresTime(timeout == -1 ? -1L : System.currentTimeMillis() + (timeout * 1000));
    }

    public String randomApiKeyValue() {
        return SaManager.getConfig().getApiKey().getPrefix() + SaFoxUtil.getRandomString(36);
    }

    public boolean hasApiKeyScope(String str, String... strArr) {
        try {
            checkApiKeyScope(str, strArr);
            return true;
        } catch (ApiKeyException e) {
            return false;
        }
    }

    public void checkApiKeyScope(String str, String... strArr) {
        ApiKeyModel checkApiKey = checkApiKey(str);
        if (SaFoxUtil.isEmptyArray(strArr)) {
            return;
        }
        for (String str2 : strArr) {
            if (!checkApiKey.getScopes().contains(str2)) {
                throw new ApiKeyScopeException("该 API Key 不具备 Scope：" + str2).setApiKey(str).setScope(str2).setCode(SaErrorCode.CODE_12311);
            }
        }
    }

    public boolean hasApiKeyScopeOr(String str, String... strArr) {
        try {
            checkApiKeyScopeOr(str, strArr);
            return true;
        } catch (ApiKeyException e) {
            return false;
        }
    }

    public void checkApiKeyScopeOr(String str, String... strArr) {
        ApiKeyModel checkApiKey = checkApiKey(str);
        if (SaFoxUtil.isEmptyArray(strArr)) {
            return;
        }
        for (String str2 : strArr) {
            if (checkApiKey.getScopes().contains(str2)) {
                return;
            }
        }
        throw new ApiKeyScopeException("该 API Key 不具备 Scope：" + strArr[0]).setApiKey(str).setScope(strArr[0]).setCode(SaErrorCode.CODE_12311);
    }

    public boolean isApiKeyLoginId(String str, Object obj) {
        try {
            checkApiKeyLoginId(str, obj);
            return true;
        } catch (ApiKeyException e) {
            return false;
        }
    }

    public void checkApiKeyLoginId(String str, Object obj) {
        ApiKeyModel apiKey = getApiKey(str);
        if (apiKey == null) {
            throw new ApiKeyException("无效 API Key: " + str).setApiKey(str).setCode(SaErrorCode.CODE_12301);
        }
        if (SaFoxUtil.notEquals(String.valueOf(apiKey.getLoginId()), String.valueOf(obj))) {
            throw new ApiKeyException("该 API Key 不属于用户: " + obj).setApiKey(str).setCode(SaErrorCode.CODE_12312);
        }
    }

    public void adjustIndex(Object obj, SaSession saSession) {
        if (!getIsRecordIndex()) {
            SaManager.getLog().warn("当前 API Key 模块未开启索引记录功能，无法执行 adjustIndex 操作", new Object[0]);
            return;
        }
        if (saSession == null) {
            saSession = this.rawSessionDelegator.getSessionById(obj, false);
            if (saSession == null) {
                return;
            }
        }
        ArrayList arrayList = (ArrayList) saSession.get(API_KEY_LIST, ArrayList::new);
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            ApiKeyModel apiKeyModelFromCache = getApiKeyModelFromCache(str);
            if (apiKeyModelFromCache != null && !apiKeyModelFromCache.timeExpired()) {
                arrayList2.add(str);
                arrayList3.add(apiKeyModelFromCache);
            }
        }
        if (arrayList2.isEmpty()) {
            this.rawSessionDelegator.deleteSessionById(obj);
            return;
        }
        saSession.set(API_KEY_LIST, (Object) arrayList2);
        long j = 0;
        Iterator it2 = arrayList3.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            long expiresIn = ((ApiKeyModel) it2.next()).expiresIn();
            if (expiresIn == -1) {
                j = -1;
                break;
            } else if (expiresIn > j) {
                j = expiresIn;
            }
        }
        if (j != 0) {
            saSession.updateTimeout(j);
        }
    }

    public List<ApiKeyModel> getApiKeyList(Object obj) {
        if (!getIsRecordIndex()) {
            SaManager.getLog().warn("当前 API Key 模块未开启索引记录功能，无法执行 getApiKeyList 操作", new Object[0]);
            return new ArrayList();
        }
        ArrayList arrayList = new ArrayList();
        SaSession sessionById = this.rawSessionDelegator.getSessionById(obj, false);
        if (sessionById == null) {
            return arrayList;
        }
        Iterator it = ((ArrayList) sessionById.get(API_KEY_LIST, ArrayList::new)).iterator();
        while (it.hasNext()) {
            ApiKeyModel apiKeyModelFromCache = getApiKeyModelFromCache((String) it.next());
            if (apiKeyModelFromCache != null && !apiKeyModelFromCache.timeExpired()) {
                arrayList.add(apiKeyModelFromCache);
            }
        }
        return arrayList;
    }

    public String readApiKeyValue(SaRequest saRequest) {
        String param = saRequest.getParam(this.namespace);
        if (SaFoxUtil.isNotEmpty(param)) {
            return param;
        }
        String header = saRequest.getHeader(this.namespace);
        if (SaFoxUtil.isNotEmpty(header)) {
            return header;
        }
        String authorizationValue = SaHttpBasicUtil.getAuthorizationValue();
        if (!SaFoxUtil.isNotEmpty(authorizationValue)) {
            return null;
        }
        if (authorizationValue.endsWith(":")) {
            authorizationValue = authorizationValue.substring(0, authorizationValue.length() - 1);
        }
        return authorizationValue;
    }

    public ApiKeyModel currentApiKey() {
        return checkApiKey(readApiKeyValue(SaHolder.getRequest()));
    }

    public String splicingApiKeySaveKey(String str) {
        return getSaTokenConfig().getTokenName() + ":" + this.namespace + ":" + str;
    }

    public SaTokenDao getSaTokenDao() {
        return SaManager.getSaTokenDao();
    }

    public SaTokenConfig getSaTokenConfig() {
        return SaManager.getConfig();
    }

    public boolean getIsRecordIndex() {
        return SaManager.getSaApiKeyDataLoader().getIsRecordIndex().booleanValue();
    }
}
