package net.codestory.http.filters.auth;

import java.util.Random;
import java.util.concurrent.TimeUnit;
import java.util.stream.Stream;
import net.codestory.http.Context;
import net.codestory.http.Cookie;
import net.codestory.http.NewCookie;
import net.codestory.http.constants.Headers;
import net.codestory.http.constants.Methods;
import net.codestory.http.convert.TypeConvert;
import net.codestory.http.filters.Filter;
import net.codestory.http.filters.PayloadSupplier;
import net.codestory.http.payload.Payload;
import net.codestory.http.security.SessionIdStore;
import net.codestory.http.security.User;
import net.codestory.http.security.Users;

/* loaded from: input_file:net/codestory/http/filters/auth/CookieAuthFilter.class */
public class CookieAuthFilter implements Filter {
    public static final String[] DEFAULT_EXCLUDE = {".less", ".css", ".map", ".js", ".coffee", ".ico", ".jpeg", ".jpg", ".gif", ".png", ".svg", ".eot", ".ttf", ".woff", "robots.txt"};
    private static final Random RANDOM = new Random();
    private static final int ONE_DAY = (int) TimeUnit.DAYS.toSeconds(1);
    private final String uriPrefix;
    private final Users users;
    private final SessionIdStore sessionIdStore;
    private final String[] ignoreExtensions;

    public CookieAuthFilter(String str, Users users) {
        this(str, users, SessionIdStore.inMemory(), DEFAULT_EXCLUDE);
    }

    public CookieAuthFilter(String str, Users users, SessionIdStore sessionIdStore) {
        this(str, users, sessionIdStore, DEFAULT_EXCLUDE);
    }

    public CookieAuthFilter(String str, Users users, SessionIdStore sessionIdStore, String str2, String... strArr) {
        this(str, users, sessionIdStore, (String[]) Stream.concat(Stream.of(str2), Stream.of((Object[]) strArr)).toArray(i -> {
            return new String[i];
        }));
    }

    private CookieAuthFilter(String str, Users users, SessionIdStore sessionIdStore, String[] strArr) {
        this.uriPrefix = str;
        this.users = users;
        this.sessionIdStore = sessionIdStore;
        this.ignoreExtensions = strArr;
    }

    @Override // net.codestory.http.filters.Filter
    public boolean matches(String str, Context context) {
        if (!str.startsWith("/auth/")) {
            if (str.startsWith(this.uriPrefix)) {
                Stream of = Stream.of((Object[]) this.ignoreExtensions);
                str.getClass();
                if (of.noneMatch(str::endsWith)) {
                }
            }
            return false;
        }
        return true;
    }

    @Override // net.codestory.http.filters.Filter
    public Payload apply(String str, Context context, PayloadSupplier payloadSupplier) throws Exception {
        return str.startsWith("/auth/") ? authenticationUri(str, context, payloadSupplier) : otherUri(str, context, payloadSupplier);
    }

    private Payload authenticationUri(String str, Context context, PayloadSupplier payloadSupplier) throws Exception {
        String method = context.method();
        return (str.startsWith("/auth/signin") && Methods.POST.equals(method)) ? signin(context) : (str.startsWith("/auth/signout") && Methods.GET.equals(method)) ? signout(context) : payloadSupplier.get();
    }

    private Payload otherUri(String str, Context context, PayloadSupplier payloadSupplier) throws Exception {
        String login;
        String readSessionIdInCookie = readSessionIdInCookie(context);
        if (readSessionIdInCookie == null || (login = this.sessionIdStore.getLogin(readSessionIdInCookie)) == null) {
            return Payload.seeOther("/auth/login").withCookie(authCookie(buildCookie(null, str)));
        }
        context.setCurrentUser(this.users.find(login));
        return payloadSupplier.get().withHeader(Headers.CACHE_CONTROL, "must-revalidate");
    }

    private Payload signin(Context context) {
        User find = this.users.find(context.get("login"), context.get("password"));
        return find == null ? Payload.seeOther("/auth/login") : Payload.seeOther(validRedirectUrl(readRedirectUrlInCookie(context))).withCookie(authCookie(buildCookie(find, "/")));
    }

    private Payload signout(Context context) {
        String readSessionIdInCookie = readSessionIdInCookie(context);
        if (readSessionIdInCookie != null) {
            this.sessionIdStore.remove(readSessionIdInCookie);
        }
        return Payload.seeOther("/?signout").withCookie(authCookie(null));
    }

    private String readSessionIdInCookie(Context context) {
        AuthData readAuthCookie = readAuthCookie(context);
        if (readAuthCookie == null) {
            return null;
        }
        return readAuthCookie.sessionId;
    }

    private String readRedirectUrlInCookie(Context context) {
        AuthData readAuthCookie = readAuthCookie(context);
        String str = readAuthCookie == null ? null : readAuthCookie.redirectAfterLogin;
        return str == null ? "/" : str;
    }

    private String newSessionId(String str) {
        String str2 = Long.toHexString(RANDOM.nextLong()) + Long.toHexString(RANDOM.nextLong());
        this.sessionIdStore.put(str2, str);
        return str2;
    }

    private String buildCookie(User user, String str) {
        AuthData authData = new AuthData();
        if (user != null) {
            authData.login = user.login();
            authData.roles = user.roles();
            authData.sessionId = newSessionId(user.login());
        }
        authData.redirectAfterLogin = str;
        return TypeConvert.toJson(authData);
    }

    protected AuthData readAuthCookie(Context context) {
        try {
            return (AuthData) context.cookies().value("auth", AuthData.class);
        } catch (Exception e) {
            return null;
        }
    }

    protected int expiry() {
        return ONE_DAY;
    }

    protected String domain() {
        return null;
    }

    protected Cookie authCookie(String str) {
        NewCookie newCookie = new NewCookie("auth", str, "/", true);
        newCookie.setExpiry(expiry());
        newCookie.setDomain(null);
        newCookie.setSecure(false);
        return newCookie;
    }

    protected String validRedirectUrl(String str) {
        return str.contains("favicon.ico") ? "/" : str;
    }
}
