package com.mendmix.security;

import com.mendmix.common.CurrentRuntimeContext;
import com.mendmix.common.async.RetryAsyncTaskExecutor;
import com.mendmix.common.async.RetryTask;
import com.mendmix.common.constants.PermissionLevel;
import com.mendmix.common.exception.ForbiddenAccessException;
import com.mendmix.common.exception.UnauthorizedException;
import com.mendmix.common.model.AuthUser;
import com.mendmix.common.util.LogMessageFormat;
import com.mendmix.security.event.SessionEventType;
import com.mendmix.security.event.SessionLifeCycleEvent;
import com.mendmix.security.model.ApiPermission;
import com.mendmix.security.model.UserSession;
import com.mendmix.security.util.ApiPermssionHelper;
import com.mendmix.spring.InstanceFactory;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/mendmix/security/SecurityDelegating.class */
public class SecurityDelegating {
    private static Logger logger = LoggerFactory.getLogger("com.mendmix.security");
    private static final int SESSION_INTERVAL_MILLS = 60000;
    private static final String TMP_STATUS_CACHE_NAME = "tmpStatus";
    private static volatile SecurityDelegating instance;
    private SecurityDecisionProvider decisionProvider = (SecurityDecisionProvider) InstanceFactory.getInstance(SecurityDecisionProvider.class);
    private SecurityStorageManager storageManager = new SecurityStorageManager(this.decisionProvider.cacheType());
    private SecuritySessionManager sessionManager = new SecuritySessionManager(this.decisionProvider, this.storageManager);

    private SecurityDelegating() {
        this.storageManager.addCahe(TMP_STATUS_CACHE_NAME, 60);
        logger.info("MENDMIX-TRACE-LOGGGING-->> SecurityDelegating inited !!,sessisonStorageType:{}", this.decisionProvider.cacheType());
    }

    private static SecurityDelegating getInstance() {
        if (instance != null) {
            return instance;
        }
        synchronized (SecurityDelegating.class) {
            if (instance != null) {
                return instance;
            }
            instance = new SecurityDelegating();
            return instance;
        }
    }

    public static void init() {
        getInstance();
    }

    public static SecurityDecisionProvider decisionProvider() {
        return getInstance().decisionProvider;
    }

    public static UserSession doAuthentication(String str, String str2) {
        UserSession updateSession = updateSession(getInstance().decisionProvider.validateUser(str, str2), true);
        InstanceFactory.getContext().publishEvent(new SessionLifeCycleEvent(SessionEventType.create, updateSession));
        return updateSession;
    }

    public static UserSession updateSession(final AuthUser authUser, boolean z) {
        UserSession loginSessionByUserId;
        UserSession currentSession = getCurrentSession();
        if (currentSession == null) {
            currentSession = UserSession.create();
        }
        if (currentSession.getSystemId() == null) {
            currentSession.setSystemId(CurrentRuntimeContext.getSystemId());
        }
        currentSession.setTenanId(CurrentRuntimeContext.getTenantId());
        currentSession.setClientType(CurrentRuntimeContext.getClientType());
        currentSession.setUser(authUser);
        if (getInstance().decisionProvider.kickOff() && (loginSessionByUserId = getInstance().sessionManager.getLoginSessionByUserId(authUser)) != null && !loginSessionByUserId.getSessionId().equals(currentSession.getSessionId())) {
            getInstance().sessionManager.removeLoginSession(loginSessionByUserId.getSessionId());
        }
        getInstance().sessionManager.storageLoginSession(currentSession);
        if (z) {
            final UserSession userSession = currentSession;
            if (!authUser.isAdmin() && getInstance().decisionProvider.apiAuthzEnabled()) {
                CurrentRuntimeContext.setAuthUser(authUser);
                CurrentRuntimeContext.setSystemId(currentSession.getSystemId());
                CurrentRuntimeContext.setTenantId(currentSession.getTenanId());
                RetryAsyncTaskExecutor.execute(new RetryTask() { // from class: com.mendmix.security.SecurityDelegating.1
                    public String traceId() {
                        return LogMessageFormat.buildLogHeader("fetchUserPermissions", authUser.getName());
                    }

                    public boolean process() throws Exception {
                        SecurityDelegating.access$000().fetchUserPermissions(userSession);
                        return true;
                    }
                });
            }
        }
        return currentSession;
    }

    public static UserSession doAuthorization(String str, String str2) throws UnauthorizedException, ForbiddenAccessException {
        UserSession currentSession = getCurrentSession();
        if (currentSession != null && System.currentTimeMillis() - getInstance().sessionManager.getUpdateTime(currentSession) > 60000) {
            getInstance().sessionManager.storageLoginSession(currentSession);
            InstanceFactory.getContext().publishEvent(new SessionLifeCycleEvent(SessionEventType.renewal, currentSession));
        }
        boolean z = (currentSession == null || currentSession.getUser() == null || !currentSession.getUser().isAdmin()) ? false : true;
        ApiPermission matchPermissionObject = ApiPermssionHelper.matchPermissionObject(str, str2);
        if ((currentSession == null || currentSession.isAnonymous()) && PermissionLevel.Anonymous != matchPermissionObject.getPermissionLevel()) {
            throw new UnauthorizedException();
        }
        if (currentSession != null) {
            currentSession.setSystemId(CurrentRuntimeContext.getSystemId());
        }
        if (z || !getInstance().decisionProvider.apiAuthzEnabled() || matchPermissionObject.getPermissionLevel() != PermissionLevel.PermissionRequired || getInstance().getUserPermissions(currentSession).contains(matchPermissionObject.getPermissionKey())) {
            return currentSession;
        }
        throw new ForbiddenAccessException();
    }

    public static UserSession getAndValidateCurrentSession() {
        UserSession currentSession = getCurrentSession();
        if (currentSession == null || currentSession.isAnonymous()) {
            throw new UnauthorizedException();
        }
        return currentSession;
    }

    public static UserSession getCurrentSession() {
        return getInstance().sessionManager.getSession();
    }

    public static String getCurrentSessionId() {
        return getInstance().sessionManager.getSessionId();
    }

    public static UserSession genUserSession(String str) {
        return getInstance().sessionManager.getLoginSession(str);
    }

    public static boolean validateSessionId(String str) {
        UserSession loginSession = getInstance().sessionManager.getLoginSession(str);
        return (loginSession == null || loginSession.isAnonymous()) ? false : true;
    }

    public static void refreshUserPermssion(Serializable... serializableArr) {
        if (serializableArr == null || serializableArr.length <= 0 || serializableArr[1] != null) {
        }
    }

    public static void doLogout() {
        UserSession currentSession = getCurrentSession();
        if (currentSession == null) {
            return;
        }
        InstanceFactory.getContext().publishEvent(new SessionLifeCycleEvent(SessionEventType.destory, currentSession));
        getInstance().sessionManager.destroySessionAndCookies(currentSession);
    }

    public static void setSessionAttribute(String str, Object obj) {
        getInstance().sessionManager.setSessionAttribute(str, obj);
    }

    public static <T> T getSessionAttribute(String str) {
        return (T) getInstance().sessionManager.getSessionAttribute(str);
    }

    public static void setTemporaryState(String str, String str2) {
        getInstance().storageManager.getCache(TMP_STATUS_CACHE_NAME).setString(str, str2);
    }

    public static String getTemporaryState(String str) {
        return getInstance().storageManager.getCache(TMP_STATUS_CACHE_NAME).getString(str);
    }

    private List<String> getUserPermissions(UserSession userSession) {
        List<String> fetchUserPermissions;
        List<String> userPermissions = this.sessionManager.getUserPermissions(userSession);
        if (userPermissions != null) {
            return userPermissions;
        }
        synchronized (getInstance()) {
            fetchUserPermissions = fetchUserPermissions(userSession);
        }
        return fetchUserPermissions;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<String> fetchUserPermissions(UserSession userSession) {
        ArrayList arrayList;
        List<ApiPermission> userApiPermissions = this.decisionProvider.getUserApiPermissions(userSession.getUser().getId());
        if (userApiPermissions == null || userApiPermissions.isEmpty()) {
            arrayList = new ArrayList(0);
        } else {
            arrayList = new ArrayList(userApiPermissions.size());
            for (ApiPermission apiPermission : userApiPermissions) {
                arrayList.add(ApiPermssionHelper.buildPermissionKey(apiPermission.getMethod(), apiPermission.getUri()));
            }
        }
        this.sessionManager.updateUserPermissions(userSession, arrayList);
        return arrayList;
    }

    static /* synthetic */ SecurityDelegating access$000() {
        return getInstance();
    }
}
