package org.september.taurus.web.security;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.september.taurus.common.BusinessException;

/* loaded from: input_file:org/september/taurus/web/security/CsrfTokenManager.class */
public class CsrfTokenManager {
    private static String Csrf_Token_Count = "csrf_token_count";
    private static String Csrf_Token_Bucket_Refresh_Time = "csrf_token_bucket_refresh_time";
    private static String Session_Csrf_Token_Prefix = "csrf-token-";
    public static final Integer TokenNotFound = -201;
    public static final Integer TokenError = -202;
    public static final Integer TokenRequestTooFast = -203;
    public static final Integer RefererNotValid = -204;

    public void checkTokenBucket(HttpServletRequest httpServletRequest) {
        Long l = (Long) httpServletRequest.getSession().getAttribute(Csrf_Token_Bucket_Refresh_Time);
        Long valueOf = Long.valueOf(System.currentTimeMillis() / 1000);
        if (l == null || valueOf.longValue() > l.longValue()) {
            httpServletRequest.getSession().setAttribute(Csrf_Token_Count, 10);
            httpServletRequest.getSession().setAttribute(Csrf_Token_Bucket_Refresh_Time, valueOf);
        }
    }

    public void checkToken(HttpServletRequest httpServletRequest) {
        String str;
        String header = httpServletRequest.getHeader("referer");
        if (StringUtils.isEmpty(header)) {
            str = "index";
        } else {
            str = header.split(";")[0];
            try {
                str = new URL(str).getPath();
            } catch (MalformedURLException e) {
                throw new BusinessException("refer格式不是合法的url:" + str, RefererNotValid.toString());
            }
        }
        String str2 = (String) httpServletRequest.getSession().getAttribute(Session_Csrf_Token_Prefix + str);
        String parameter = httpServletRequest.getParameter("csrfToken");
        if (StringUtils.isEmpty(parameter)) {
            parameter = httpServletRequest.getHeader("csrfToken");
        }
        if (StringUtils.isEmpty(parameter)) {
            throw new BusinessException("csrf-token不能为空", TokenNotFound.toString());
        }
        if (!parameter.equals(str2)) {
            throw new BusinessException("csrf-token不正确", TokenError.toString());
        }
    }

    public String generateToken(HttpServletRequest httpServletRequest) {
        Integer num = (Integer) httpServletRequest.getSession().getAttribute(Csrf_Token_Count);
        if (num.intValue() <= 0) {
            throw new BusinessException("您的访问速度过快", TokenRequestTooFast.toString());
        }
        String servletPath = httpServletRequest.getServletPath();
        String str = (String) httpServletRequest.getSession().getAttribute(Session_Csrf_Token_Prefix + servletPath);
        if (StringUtils.isEmpty(str)) {
            str = UUID.randomUUID().toString();
            httpServletRequest.getSession().setAttribute("csrf-token-" + servletPath, str);
            httpServletRequest.getSession().setAttribute(Csrf_Token_Count, Integer.valueOf(num.intValue() - 1));
        }
        return str;
    }
}
