package com.codingapi.sso.bus.utils;

import com.codingapi.security.component.cache.base.LocalCache;
import com.codingapi.security.sso.bus.client.ao.VerifyReq;
import com.codingapi.security.sso.bus.client.ao.VerifyRes;
import com.codingapi.security.sso.client.ao.AuthenticationInfo;
import com.codingapi.security.sso.client.ao.AuthenticationResult;
import com.codingapi.sso.bus.SsoBusException;
import com.codingapi.sso.bus.ao.token.CheckUserPasswordReq;
import com.codingapi.sso.bus.db.domain.ApiFlowLimit;
import com.codingapi.sso.bus.db.domain.SsoClient;
import com.codingapi.sso.bus.db.domain.TokenConfig;
import com.codingapi.sso.bus.db.mapper.SsoClientMapper;
import com.codingapi.sso.bus.db.redis.ApiFlowLimitCheckCounter;
import com.codingapi.sso.bus.discovery.LoadBalancedSsoClientFetcher;
import com.codingapi.sso.bus.discovery.ServerInfo;
import com.codingapi.sso.bus.service.UserSessionService;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.lang.NonNull;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:com/codingapi/sso/bus/utils/SsoUtil.class */
public class SsoUtil implements ApplicationContextAware {
    private static LocalCache tokenConfigCache;
    private static LocalCache apiFlowLimitCache;
    private static AntPathMatcher antPathMatcher;
    private static ApiFlowLimitCheckCounter apiFlowLimitCheckCounter;
    private static SsoClientMapper ssoClientMapper;
    private static UserSessionService userSessionService;
    private static LoadBalancedSsoClientFetcher ssoClientFetcher;

    public static boolean masterDeviceLeading(String str) {
        Assert.notNull(tokenConfigCache, "SSO配置出错");
        TokenConfig tokenConfig = (TokenConfig) tokenConfigCache.get(str, TokenConfig.class);
        return tokenConfig.getEnableMasterLeader() == 1 && tokenConfig.getMaxLoginCount().longValue() == 1;
    }

    public static TokenConfig tokenConfig(String str) {
        Assert.notNull(tokenConfigCache, "SSO配置出错");
        return (TokenConfig) tokenConfigCache.get(str, TokenConfig.class);
    }

    public static ServerInfo ssoNodeInfo(String str) throws SsoBusException {
        if (Objects.isNull(str)) {
            SsoBusException.raise("不识别的用户类型");
        }
        SsoClient byType = ssoClientMapper.getByType(str);
        if (Objects.isNull(byType)) {
            SsoBusException.raise("不识别的用户类型(CheckSsoNode)");
        }
        ServerInfo serverInfo = new ServerInfo();
        BeanUtils.copyProperties(byType, serverInfo);
        serverInfo.setLoadBalanced(byType.getLoadBalanced().intValue() == 1);
        return serverInfo;
    }

    public static VerifyRes verifyToken(String str) throws SsoBusException {
        Assert.notNull(userSessionService, "SSO用户会话服务出错");
        VerifyReq verifyReq = new VerifyReq();
        verifyReq.setToken(str);
        VerifyRes verify = userSessionService.verify(verifyReq);
        Assert.isTrue(verify.isPass(), verify.getMessage());
        return verify;
    }

    public static void checkUserApiFlowLimit(String str, String str2, String str3, String str4) throws SsoBusException {
        if (apiFlowLimitCache.contains(str)) {
            String str5 = str + ":" + str2 + ":" + str3 + " " + str4;
            for (ApiFlowLimit apiFlowLimit : (List) apiFlowLimitCache.get(str, List.class)) {
                if (!StringUtils.hasText(apiFlowLimit.getHttpMethod()) || apiFlowLimit.getHttpMethod().equals(str3)) {
                    if (!antPathMatcher.match(apiFlowLimit.getApiPattern(), str4)) {
                        continue;
                    } else {
                        if (apiFlowLimitCheckCounter.count(str5) >= apiFlowLimit.getCountLimit().longValue()) {
                            throw new SsoBusException(40102, String.format("触发用户最大限流：%s次/%sms", apiFlowLimit.getCountLimit(), apiFlowLimit.getTiming()));
                        }
                        apiFlowLimitCheckCounter.increment(str5, apiFlowLimit.getTiming().longValue());
                    }
                }
            }
        }
    }

    public static AuthenticationResult doAuthenticate(String str, String str2, String str3) throws SsoBusException {
        AuthenticationResult checkUserPassword = ssoClientFetcher.checkUserPassword(new CheckUserPasswordReq(ssoNodeInfo(str), new AuthenticationInfo(str2, str3)));
        if (!((Boolean) Optional.ofNullable(checkUserPassword.getPass()).orElse(false)).booleanValue()) {
            SsoBusException.raise(checkUserPassword.getMessage());
        }
        return checkUserPassword;
    }

    public void setApplicationContext(@NonNull ApplicationContext applicationContext) throws BeansException {
        tokenConfigCache = (LocalCache) applicationContext.getBean("token-configs", LocalCache.class);
        ssoClientMapper = (SsoClientMapper) applicationContext.getBean(SsoClientMapper.class);
        userSessionService = (UserSessionService) applicationContext.getBean(UserSessionService.class);
        antPathMatcher = (AntPathMatcher) applicationContext.getBean(AntPathMatcher.class);
        apiFlowLimitCache = (LocalCache) applicationContext.getBean("flow-limit-cache", LocalCache.class);
        apiFlowLimitCheckCounter = (ApiFlowLimitCheckCounter) applicationContext.getBean(ApiFlowLimitCheckCounter.class);
        ssoClientFetcher = (LoadBalancedSsoClientFetcher) applicationContext.getBean(LoadBalancedSsoClientFetcher.class);
    }
}
