package org.september.taurus.web.auth;

import com.alibaba.fastjson.JSONObject;
import java.io.Serializable;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.realm.SimpleAccountRealm;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.util.CollectionUtils;
import org.september.taurus.common.BusinessException;
import org.september.taurus.common.log.LogHelper;
import org.september.taurus.shiro.session.SessionWatcher;
import org.september.taurus.util.HttpUtil;
import org.september.taurus.web.exception.LoginException;
import org.september.taurus.web.model.ResponseVo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.context.request.RequestContextHolder;

/* loaded from: input_file:org/september/taurus/web/auth/TaurusCasRealm.class */
public abstract class TaurusCasRealm extends SimpleAccountRealm {
    public static String TGT_KEY = "tgt";
    public static String User_Login_Flag_Key = "User_Login_Flag_Key";

    @Value("${casLoginUrlPrefix}")
    private String casLoginUrlPrefix;
    protected final LogHelper logHelper = LogHelper.getLogger(getClass());

    @Autowired
    private SessionWatcher sessionWatcher;

    public void clearAuthorizationCache(Long l) {
        SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection();
        simplePrincipalCollection.add(l, getName());
        super.clearCachedAuthorizationInfo(simplePrincipalCollection);
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String str;
        try {
            this.casLoginUrlPrefix = this.casLoginUrlPrefix.replace("https", "http");
            TaurusCasToken taurusCasToken = (TaurusCasToken) authenticationToken;
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("serviceSid", SecurityUtils.getSubject().getSession().getId());
            jSONObject.put("bizcode", getBizCode());
            String str2 = (String) SecurityUtils.getSubject().getSession().getAttribute(TGT_KEY);
            if (StringUtils.isEmpty(str2)) {
                throw new BusinessException(ErrorConst.getErrorText(getBizCode(), ErrorConst.SessionTimeout));
            }
            jSONObject.put("loginInfo", getLogInfo());
            if (StringUtils.isEmpty(taurusCasToken.getTgt())) {
                String str3 = (String) authenticationToken.getPrincipal();
                String str4 = new String((char[]) authenticationToken.getCredentials());
                if (StringUtils.isEmpty(str3) || StringUtils.isEmpty(str4)) {
                    throw new BusinessException(ErrorConst.getErrorText(getBizCode(), ErrorConst.UserNammPwdError));
                }
                str = String.valueOf(this.casLoginUrlPrefix) + "/login";
                jSONObject.put("username", str3);
                jSONObject.put("password", str4);
                jSONObject.put("token", str2);
                jSONObject.put("isAvoid", Boolean.valueOf(taurusCasToken.getIsAvoid() == null ? false : taurusCasToken.getIsAvoid().booleanValue()));
            } else {
                str = String.valueOf(this.casLoginUrlPrefix) + "/loginByToken";
                jSONObject.put("token", taurusCasToken.getTgt());
                jSONObject.put("bizCode", getBizCode());
                jSONObject.put("isAvoid", Boolean.valueOf(taurusCasToken.getIsAvoid() == null ? false : taurusCasToken.getIsAvoid().booleanValue()));
                this.logHelper.getBuilder().info("使用token自动登录=" + str2 + ",url=" + str);
            }
            String string = HttpUtil.postForm(str, jSONObject).getString("data");
            this.logHelper.getBuilder().info("login result from cas3:" + string);
            ResponseVo responseVo = (ResponseVo) JSONObject.parseObject(string, ResponseVo.class);
            if (responseVo.getCode().intValue() != 0) {
                throw new LoginException(responseVo.getErrorId(), responseVo.getDesc());
            }
            Serializable serializable = (JSONObject) responseVo.getData();
            this.sessionWatcher.bindSessionWithCasTicket(SecurityUtils.getSubject().getSession().getId().toString(), (String) SecurityUtils.getSubject().getSession().getAttribute(TGT_KEY));
            processUser(serializable);
            for (String str5 : serializable.keySet()) {
                if (serializable.get(str5) != null) {
                    serializable.put(str5, String.valueOf(serializable.get(str5)));
                }
            }
            SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection(CollectionUtils.asList(new Serializable[]{serializable.getLong("id"), serializable}), getName());
            this.logHelper.getBuilder().info("登录成功");
            return new SimpleAuthenticationInfo(simplePrincipalCollection, authenticationToken.getCredentials());
        } catch (Exception e) {
            this.logHelper.getBuilder().error("login result from cas3:", e);
            throw new AuthenticationException(e.getMessage());
        } catch (LoginException e2) {
            throw e2;
        }
    }

    private JSONObject getLogInfo() {
        JSONObject jSONObject = new JSONObject();
        HttpServletRequest request = RequestContextHolder.getRequestAttributes().getRequest();
        if (request != null) {
            jSONObject.put("loginTime", Long.valueOf(System.currentTimeMillis()));
            jSONObject.put("userAgent", request.getHeader("User-Agent"));
        }
        return jSONObject;
    }

    protected void assertCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) throws AuthenticationException {
    }

    protected void processUser(JSONObject jSONObject) {
    }

    protected abstract String getBizCode();

    public String getCasLoginUrlPrefix() {
        return this.casLoginUrlPrefix;
    }

    public void setCasLoginUrlPrefix(String str) {
        if (str != null) {
            str = str.replace("https", "http");
        }
        this.casLoginUrlPrefix = str;
    }
}
