package com.jeesuite.security;

import com.jeesuite.common.model.AuthUser;
import com.jeesuite.security.model.AccessToken;
import com.jeesuite.security.model.UserSession;
import com.jeesuite.spring.InstanceFactory;
import com.jeesuite.springweb.CurrentRuntimeContext;
import com.jeesuite.springweb.exception.ForbiddenAccessException;
import com.jeesuite.springweb.exception.UnauthorizedException;
import java.io.Serializable;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/jeesuite/security/SecurityDelegating.class */
public class SecurityDelegating {
    private SecurityOauth2Manager oauth2Manager;
    private static volatile SecurityDelegating instance;
    private SecurityDecisionProvider decisionProvider = (SecurityDecisionProvider) InstanceFactory.getInstance(SecurityDecisionProvider.class);
    private SecuritySessionManager sessionManager = new SecuritySessionManager(this.decisionProvider);
    private SecurityTicketManager ticketManager = new SecurityTicketManager(this.decisionProvider);
    private SecurityResourceManager resourceManager = new SecurityResourceManager(this.decisionProvider);

    private SecurityDelegating() {
        if (this.decisionProvider.oauth2Enabled()) {
            this.oauth2Manager = new SecurityOauth2Manager(this.decisionProvider);
        }
    }

    public static SecurityDelegating getInstance() {
        if (instance != null) {
            return instance;
        }
        synchronized (SecurityDelegating.class) {
            if (instance != null) {
                return instance;
            }
            instance = new SecurityDelegating();
            return instance;
        }
    }

    public static UserSession doAuthentication(String str, String str2) {
        UserSession loginSessionByUserId;
        AuthUser validateUser = getInstance().decisionProvider.validateUser(str, str2);
        UserSession currentSession = getCurrentSession(false);
        currentSession.update(validateUser, Integer.valueOf(getInstance().decisionProvider.sessionExpireIn()));
        if (getInstance().decisionProvider.ssoEnabled() && (loginSessionByUserId = getInstance().sessionManager.getLoginSessionByUserId(validateUser.getId())) != null && !loginSessionByUserId.getSessionId().equals(currentSession.getSessionId())) {
            getInstance().sessionManager.removeLoginSession(loginSessionByUserId.getSessionId());
        }
        getInstance().sessionManager.storageLoginSession(currentSession);
        return currentSession;
    }

    public static String doAuthenticationForOauth2(String str, String str2) {
        return getInstance().oauth2Manager.createOauth2AuthCode(getInstance().decisionProvider.validateUser(str, str2).getId());
    }

    public static String oauth2AuthCode2UserId(String str) {
        return getInstance().oauth2Manager.authCode2UserId(str);
    }

    public static AccessToken createOauth2AccessToken(AuthUser authUser) {
        return getInstance().oauth2Manager.createAccessToken(authUser);
    }

    public static UserSession updateSession(AuthUser authUser) {
        UserSession loginSessionByUserId;
        UserSession currentSession = getCurrentSession();
        currentSession.update(authUser, Integer.valueOf(getInstance().decisionProvider.sessionExpireIn()));
        if (getInstance().decisionProvider.ssoEnabled() && (loginSessionByUserId = getInstance().sessionManager.getLoginSessionByUserId(authUser.getId())) != null && !loginSessionByUserId.getSessionId().equals(currentSession.getSessionId())) {
            getInstance().sessionManager.removeLoginSession(loginSessionByUserId.getSessionId());
        }
        getInstance().sessionManager.storageLoginSession(currentSession);
        return currentSession;
    }

    public static UserSession doAuthorization() throws UnauthorizedException, ForbiddenAccessException {
        UserSession currentSession = getCurrentSession();
        String requestURI = CurrentRuntimeContext.getRequest().getRequestURI();
        if (!((currentSession == null || currentSession.getUserInfo() == null || !getInstance().decisionProvider.superAdminName().equals(currentSession.getUserInfo().getName())) ? false : true) && !getInstance().resourceManager.isAnonymous(requestURI)) {
            if (currentSession == null || currentSession.isAnonymous()) {
                throw new UnauthorizedException();
            }
            String permssionCode = getInstance().resourceManager.getPermssionCode(requestURI);
            if (StringUtils.isNotBlank(permssionCode) && !getInstance().resourceManager.getUserPermissionCodes(currentSession).contains(permssionCode)) {
                throw new ForbiddenAccessException();
            }
        }
        if (currentSession != null && !currentSession.isAnonymous()) {
            getInstance().decisionProvider.authorizedPostHandle(currentSession);
        }
        CurrentRuntimeContext.setAuthUser(currentSession.getUserInfo());
        if (StringUtils.isNotBlank(currentSession.getTenantId())) {
            CurrentRuntimeContext.setTenantId(currentSession.getTenantId());
        }
        return currentSession;
    }

    public static UserSession getCurrentSession() {
        return getCurrentSession(true);
    }

    public static UserSession getAndValidateCurrentSession() {
        UserSession currentSession = getCurrentSession(true);
        if (currentSession == null || currentSession.isAnonymous()) {
            throw new UnauthorizedException();
        }
        return currentSession;
    }

    private static UserSession getCurrentSession(boolean z) {
        UserSession sessionIfNotCreateAnonymous = getInstance().sessionManager.getSessionIfNotCreateAnonymous(CurrentRuntimeContext.getRequest(), CurrentRuntimeContext.getResponse(), z);
        String currentProfile = getInstance().sessionManager.getCurrentProfile(CurrentRuntimeContext.getRequest());
        if (StringUtils.isBlank(currentProfile)) {
            currentProfile = getInstance().decisionProvider.getCurrentProfile(CurrentRuntimeContext.getRequest());
            getInstance().sessionManager.setCurrentProfile(currentProfile);
        }
        sessionIfNotCreateAnonymous.setProfile(currentProfile);
        return sessionIfNotCreateAnonymous;
    }

    public static UserSession genUserSession(String str) {
        return getInstance().sessionManager.getLoginSession(str);
    }

    public static boolean validateSessionId(String str) {
        UserSession loginSession = getInstance().sessionManager.getLoginSession(str);
        return (loginSession == null || loginSession.isAnonymous()) ? false : true;
    }

    public static void refreshUserPermssion(Serializable... serializableArr) {
        if (serializableArr == null || serializableArr.length <= 0 || serializableArr[1] == null) {
            getInstance().resourceManager.refreshUserPermssions();
            return;
        }
        for (Serializable serializable : serializableArr) {
            getInstance().resourceManager.refreshUserPermssions(serializable);
        }
    }

    public static SecurityDecisionProvider getSecurityDecision() {
        return getInstance().decisionProvider;
    }

    public static void refreshResources() {
        getInstance().resourceManager.refreshResources();
    }

    public static void doLogout() {
        getInstance().sessionManager.destroySessionAndCookies(CurrentRuntimeContext.getRequest(), CurrentRuntimeContext.getResponse());
    }

    public static String objectToTicket(Object obj) {
        return getInstance().ticketManager.setTicketObject(obj);
    }

    public static <T> T ticketToObject(String str) {
        return (T) getInstance().ticketManager.getTicketObject(str);
    }
}
