package com.xforceplus.bi.commons.authority.encryptions.internal;

import com.alibaba.fastjson.JSONObject;
import com.xforceplus.bi.commons.authority.encryptions.AuthEncryptionInterface;
import com.xforceplus.bi.commons.authority.encryptions.internal.beans.InternalUserBean;
import com.xforceplus.bi.commons.integration.platform.AuthSource;
import com.xforceplus.bi.commons.integration.user.beans.UserInfo;
import com.xforceplus.tenantsecurity.domain.UserType;
import com.xforceplus.tenantsecurity.jwt.JwtUtils;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.util.Assert;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:com/xforceplus/bi/commons/authority/encryptions/internal/InternalAuthEncryption.class */
public class InternalAuthEncryption implements AuthEncryptionInterface {
    private static final Logger log = LoggerFactory.getLogger(InternalAuthEncryption.class);

    @Value("${xforce.platforms.usercenter.secret:my_sessionjw_tsecret_xdfdffdsdfdfs}")
    private String secret;

    @Value("${xforce.platforms.internal.whitelist}")
    private String whitelist;

    @Override // com.xforceplus.bi.commons.authority.encryptions.AuthEncryptionInterface
    public String tokenKey() {
        return UserType.APPID.tokenKey();
    }

    @Override // com.xforceplus.bi.commons.authority.encryptions.AuthEncryptionInterface
    public String token(HttpServletRequest httpServletRequest) {
        Cookie cookie = WebUtils.getCookie(httpServletRequest, tokenKey());
        if (cookie != null) {
            return cookie.getValue();
        }
        String header = httpServletRequest.getHeader(tokenKey());
        return StringUtils.isNotEmpty(header) ? header : WebUtils.findParameterValue(httpServletRequest, tokenKey());
    }

    @Override // com.xforceplus.bi.commons.authority.encryptions.AuthEncryptionInterface
    public UserInfo decode(HttpServletRequest httpServletRequest) throws Exception {
        Map verifyAndDecodeToken = JwtUtils.verifyAndDecodeToken(this.secret, token(httpServletRequest));
        log.info(JSONObject.toJSONString(verifyAndDecodeToken));
        InternalUserBean internalUserBean = (InternalUserBean) JSONObject.parseObject((String) verifyAndDecodeToken.get("userinfo"), InternalUserBean.class);
        String valueOf = String.valueOf(internalUserBean.getClientAppId());
        Assert.isTrue(System.currentTimeMillis() < Long.parseLong((String) verifyAndDecodeToken.get("expireTime")), "该Token已过期");
        checkWhitelist(valueOf);
        UserInfo userInfo = new UserInfo();
        userInfo.setId(valueOf);
        userInfo.setName(internalUserBean.getClientId());
        userInfo.setAuthSource(AuthSource.XFORCEPLUS_INTERNAL);
        return userInfo;
    }

    private void checkWhitelist(String str) {
        if (StringUtils.isEmpty(this.whitelist)) {
            throw new RuntimeException("白名单未设置");
        }
        for (String str2 : this.whitelist.split(",")) {
            if (str2.trim().equals(str)) {
                return;
            }
        }
        throw new RuntimeException(str + "不在白名单内, 白名单为:" + this.whitelist);
    }
}
