package org.tio.mg.web.server.controller.base;

import cn.hutool.core.util.RandomUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.symmetric.AES;
import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
import java.io.Serializable;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.tio.core.Tio;
import org.tio.http.common.HttpConfig;
import org.tio.http.common.HttpRequest;
import org.tio.http.common.HttpResponse;
import org.tio.http.server.annotation.RequestPath;
import org.tio.http.server.util.Resps;
import org.tio.mg.service.cache.CacheConfig;
import org.tio.mg.service.cache.Caches;
import org.tio.mg.service.init.PropInit;
import org.tio.mg.service.vo.RequestExt;
import org.tio.mg.web.server.utils.WebUtils;
import org.tio.utils.SystemTimer;
import org.tio.utils.cache.ICache;
import org.tio.utils.crypto.ACEUtils;
import org.tio.utils.crypto.Md5;
import org.tio.utils.jfinal.P;
import org.tio.utils.resp.Resp;

@RequestPath("/a")
/* loaded from: input_file:org/tio/mg/web/server/controller/base/AccessTokenController.class */
public class AccessTokenController {
    private static Logger log = LoggerFactory.getLogger(AccessTokenController.class);
    public static final String androidKey1 = P.get("access.token.android.key1");
    public static final String androidKey2 = P.get("access.token.android.key2");
    public static final String androidKey3 = P.get("access.token.android.key3");
    public static final String iosKey1 = P.get("access.token.ios.key1");
    public static final String iosKey2 = P.get("access.token.ios.key2");
    public static final String iosKey3 = P.get("access.token.ios.key3");
    public static final String pcKey1 = P.get("access.token.pc.key1");
    public static final String pcKey2 = P.get("access.token.pc.key2");
    public static final String pcKey3 = P.get("access.token.pc.key3");
    public static final long MAX_TIME_INTERVAL = 86400000;

    /* loaded from: input_file:org/tio/mg/web/server/controller/base/AccessTokenController$AccessTokenResp1.class */
    public static class AccessTokenResp1 implements Serializable {
        private static final long serialVersionUID = -4042961444820016173L;
        public static final int RANDOM_LEN = 9;
        private String x = RandomUtil.randomString(9);
        private String y = RandomUtil.randomString(9);
        private String z = RandomUtil.randomString(9);
        private String i = RandomUtil.randomString(9);
        private Long t;

        public AccessTokenResp1(Long l) {
            this.t = null;
            this.t = l;
        }

        public String getX() {
            return this.x;
        }

        public void setX(String str) {
            this.x = str;
        }

        public String getY() {
            return this.y;
        }

        public void setY(String str) {
            this.y = str;
        }

        public String getZ() {
            return this.z;
        }

        public void setZ(String str) {
            this.z = str;
        }

        public String getI() {
            return this.i;
        }

        public void setI(String str) {
            this.i = str;
        }

        public Long getT() {
            return this.t;
        }

        public void setT(Long l) {
            this.t = l;
        }
    }

    public static void main(String[] strArr) {
        PropInit.init();
        byte[] encoded = SecureUtil.generateKey(SymmetricAlgorithm.AES.getValue()).getEncoded();
        System.out.println(new String(encoded));
        AES aes = SecureUtil.aes(encoded);
        aes.decrypt(aes.encrypt("test中文"));
        String encryptHex = aes.encryptHex("test中文");
        String decryptStr = aes.decryptStr(encryptHex);
        System.out.println(encryptHex);
        System.out.println(decryptStr);
    }

    private static void error(HttpRequest httpRequest, String str) {
        log.error(httpRequest.getClientIp() + "\r\n" + httpRequest.getRequestLine() + "\r\n" + str);
    }

    @RequestPath("/x")
    public HttpResponse step1(HttpRequest httpRequest, String str, Long l, String str2) throws Exception {
        if (l == null) {
            error(httpRequest, "参数t为空");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (str == null || str.length() != 9) {
            error(httpRequest, "参数r为空或其长度不为9");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (Math.abs(SystemTimer.currTime - l.longValue()) > MAX_TIME_INTERVAL) {
            error(httpRequest, "参数t与服务器时间相隔超过1天");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (StrUtil.isBlank(str2)) {
            error(httpRequest, "参数s为空");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (Objects.equals(Md5.getMD5("${" + getKey1(httpRequest, WebUtils.getRequestExt(httpRequest)) + str + l + "}"), str2)) {
            AccessTokenResp1 accessTokenResp1 = new AccessTokenResp1(l);
            Caches.getCache(CacheConfig.MG_ACCESS_TOKEN_RESP_1).put(accessTokenResp1.getX() + httpRequest.getClientIp() + accessTokenResp1.getY(), accessTokenResp1);
            return Resps.json(httpRequest, Resp.ok(accessTokenResp1));
        }
        error(httpRequest, "验签失败");
        Tio.remove(httpRequest.getChannelContext(), "");
        return null;
    }

    @RequestPath("/y")
    public HttpResponse step2(HttpRequest httpRequest, String str, String str2, String str3, String str4, Long l, String str5) throws Exception {
        if (l == null) {
            error(httpRequest, "参数t为空");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (StrUtil.isBlank(str) || str.length() != 9) {
            error(httpRequest, "参数x为空或长度不对");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (StrUtil.isBlank(str2) || str.length() != 9) {
            error(httpRequest, "参数y为空或长度不对");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (StrUtil.isBlank(str3) || str.length() != 9) {
            error(httpRequest, "参数z为空或长度不对");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (StrUtil.isBlank(str4) || str.length() != 9) {
            error(httpRequest, "参数i为空或长度不对");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (Math.abs(SystemTimer.currTime - l.longValue()) > MAX_TIME_INTERVAL) {
            error(httpRequest, "参数t与服务器时间相隔超过1天");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (StrUtil.isBlank(str5)) {
            error(httpRequest, "参数s为空");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        RequestExt requestExt = WebUtils.getRequestExt(httpRequest);
        if (!Objects.equals(Md5.getMD5("${" + getKey2(httpRequest, requestExt) + str2 + str4 + "}"), str5)) {
            error(httpRequest, "验签失败");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        AccessTokenResp1 accessTokenResp1 = (AccessTokenResp1) Caches.getCache(CacheConfig.MG_ACCESS_TOKEN_RESP_1).get(str2 + httpRequest.getClientIp() + str, AccessTokenResp1.class);
        if (accessTokenResp1 == null) {
            error(httpRequest, "获取不到AccessTokenResp1，也许已经超时，或者这是个非法请求");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        if (!Objects.equals(str4, accessTokenResp1.getZ()) || !Objects.equals(str3, accessTokenResp1.getI())) {
            error(httpRequest, "i和z的值不对");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        long longValue = l.longValue() - accessTokenResp1.getT().longValue();
        if (longValue <= 0 || longValue > 5000) {
            error(httpRequest, "这次传的t和上次的t相隔" + longValue + "毫秒");
            Tio.remove(httpRequest.getChannelContext(), "");
            return null;
        }
        String key3 = getKey3(httpRequest, requestExt);
        String id = httpRequest.getHttpSession().getId();
        ICache cache = Caches.getCache(CacheConfig.MG_TIO_ACCESS_TOKEN_TEMP);
        String str6 = (String) cache.get(id, String.class);
        if (StrUtil.isBlank(str6)) {
            HttpConfig httpConfig = httpRequest.httpConfig;
            str6 = httpConfig.getSessionIdGenerator().sessionId(httpConfig, httpRequest);
            cache.put(id, str6);
        }
        String encrypt = ACEUtils.encrypt(str6, key3, key3);
        Caches.getCache(CacheConfig.MG_TIO_ACCESS_TOKEN).put(httpRequest.getHttpSession().getId(), str6);
        HttpResponse json = Resps.json(httpRequest, Resp.ok(encrypt));
        Caches.getCache(CacheConfig.MG_TIO_ACCESSTOKEN_USERAGENT).put(str6, httpRequest.getUserAgent());
        return json;
    }

    private static String getKey1(HttpRequest httpRequest, RequestExt requestExt) {
        if (requestExt.isFromAppAndroid()) {
            return androidKey1;
        }
        if (requestExt.isFromBrowser()) {
            return pcKey1;
        }
        if (requestExt.isFromAppIos()) {
            return iosKey1;
        }
        Tio.remove(httpRequest.getChannelContext(), "这个http请求不来自pc、ios、android任何一方");
        return null;
    }

    private static String getKey2(HttpRequest httpRequest, RequestExt requestExt) {
        if (requestExt.isFromAppAndroid()) {
            return androidKey2;
        }
        if (requestExt.isFromBrowser()) {
            return pcKey2;
        }
        if (requestExt.isFromAppIos()) {
            return iosKey2;
        }
        Tio.remove(httpRequest.getChannelContext(), "这个http请求不来自pc、ios、android任何一方");
        return null;
    }

    private static String getKey3(HttpRequest httpRequest, RequestExt requestExt) {
        if (requestExt.isFromAppAndroid()) {
            return androidKey3;
        }
        if (requestExt.isFromBrowser()) {
            return pcKey3;
        }
        if (requestExt.isFromAppIos()) {
            return iosKey3;
        }
        Tio.remove(httpRequest.getChannelContext(), "这个http请求不来自pc、ios、android任何一方");
        return null;
    }
}
