package com.kdgc.framework.core.support;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.kdgc.framework.web.common.ResponseData;
import java.io.IOException;
import java.util.Map;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.ehcache.CacheManager;
import net.sf.ehcache.Ehcache;
import net.sf.ehcache.Element;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:com/kdgc/framework/core/support/TokenInterceptor.class */
public class TokenInterceptor extends HandlerInterceptorAdapter {
    private static Logger logger = LoggerFactory.getLogger(TokenInterceptor.class);
    private static final String TOKEN_NAMESPACE = "kdgc.tokens";
    private static final String TOKEN_NAME_FIELD = "kdgc.token.name";
    protected final ObjectMapper mapper = new ObjectMapper();
    protected final Ehcache cache = CacheManager.create().getEhcache(TOKEN_NAMESPACE);

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        TokenAnnotation tokenAnnotation;
        httpServletResponse.addHeader("P3P", "CP=CAO PSA OUR");
        if (!(obj instanceof HandlerMethod) || (tokenAnnotation = (TokenAnnotation) ((HandlerMethod) obj).getMethod().getAnnotation(TokenAnnotation.class)) == null) {
            return true;
        }
        if (tokenAnnotation.saveToken()) {
            setToken(httpServletRequest);
            return true;
        }
        if (tokenAnnotation.removeToken()) {
            return handleToken(httpServletRequest, httpServletResponse, obj);
        }
        return true;
    }

    protected boolean handleToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        synchronized (this) {
            if (validToken(httpServletRequest)) {
                return true;
            }
            writeMessageUtf8(httpServletResponse, ResponseData.warn("请不要重复提交!"));
            return false;
        }
    }

    protected void writeMessageUtf8(HttpServletResponse httpServletResponse, ResponseData responseData) throws IOException {
        try {
            String writeValueAsString = this.mapper.writeValueAsString(responseData);
            httpServletResponse.setContentType("text/html;charset=UTF-8");
            httpServletResponse.getWriter().write(writeValueAsString);
        } catch (Exception e) {
            logger.error(e.getMessage(), e);
        }
    }

    protected String setToken(HttpServletRequest httpServletRequest) {
        return setToken(httpServletRequest, UUID.randomUUID().toString());
    }

    protected String setToken(HttpServletRequest httpServletRequest, String str) {
        String uuid = UUID.randomUUID().toString();
        setCacheToken(httpServletRequest, str, uuid);
        return uuid;
    }

    protected void setCacheToken(HttpServletRequest httpServletRequest, String str, String str2) {
        this.cache.put(new Element(str, str2));
        httpServletRequest.setAttribute(TOKEN_NAME_FIELD, str);
        httpServletRequest.setAttribute(str, str2);
    }

    protected String getToken(HttpServletRequest httpServletRequest, String str) {
        if (str == null) {
            return null;
        }
        String[] strArr = (String[]) httpServletRequest.getParameterMap().get(str);
        if (strArr != null && strArr.length >= 1) {
            return strArr[0];
        }
        logger.warn("Could not find token mapped to token name " + str);
        return null;
    }

    protected String getTokenName(HttpServletRequest httpServletRequest) {
        Map parameterMap = httpServletRequest.getParameterMap();
        if (!parameterMap.containsKey(TOKEN_NAME_FIELD)) {
            logger.warn("Could not find token name in params.");
            return null;
        }
        String[] strArr = (String[]) parameterMap.get(TOKEN_NAME_FIELD);
        if (strArr != null && strArr.length >= 1) {
            return strArr[0];
        }
        logger.warn("Got a null or empty token name.");
        return null;
    }

    protected boolean validToken(HttpServletRequest httpServletRequest) {
        String tokenName = getTokenName(httpServletRequest);
        if (tokenName == null) {
            logger.debug("no token name found -> Invalid token ");
            return false;
        }
        String token = getToken(httpServletRequest, tokenName);
        if (token == null) {
            return false;
        }
        Element element = this.cache.get(tokenName);
        String str = null;
        if (element != null) {
            str = (String) element.getObjectValue();
        }
        if (token.equals(str)) {
            this.cache.remove(tokenName);
            return true;
        }
        logger.warn("xxx.internal.invalid.token Form token " + token + " does not match the session token " + str + ".");
        return false;
    }
}
