package cn.com.duiba.user.server.api.request;

import cn.com.duiba.boot.exception.BizException;
import cn.com.duiba.user.server.api.dto.consumer.ConsumerCookieDTO;
import cn.com.duiba.user.server.api.dto.consumer.ConsumerDTO;
import cn.com.duiba.user.server.api.dto.consumer.TimeBasedRollingKeyDTO;
import cn.com.duiba.wolf.perf.timeprofile.RequestTool;
import cn.com.duiba.wolf.utils.NumberUtils;
import cn.com.duiba.wolf.utils.SecurityUtils;
import com.alibaba.fastjson.JSON;
import java.nio.charset.Charset;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/com/duiba/user/server/api/request/DuibaConsumerCookieClient.class */
public class DuibaConsumerCookieClient {
    private static final Logger log = LoggerFactory.getLogger(DuibaConsumerCookieClient.class);
    protected static final String CONSUMER_WDATA4_COOKIE = "zy_wdata4";
    protected static final String LOGIN_TIME_COOKIE = "zy_w_ts";
    private final KmsClient kmsClient;

    public DuibaConsumerCookieClient(KmsClient kmsClient) {
        this.kmsClient = kmsClient;
    }

    public ConsumerCookieDTO getConsumerCookieDto(HttpServletRequest httpServletRequest) throws BizException {
        String cookie = RequestTool.getCookie(httpServletRequest, CONSUMER_WDATA4_COOKIE);
        if (cookie == null || cookie.isEmpty()) {
            return null;
        }
        long parseLong = NumberUtils.parseLong(RequestTool.getCookie(httpServletRequest, LOGIN_TIME_COOKIE), -1L);
        if (parseLong == -1 || !isValidTime(parseLong)) {
            return null;
        }
        TimeBasedRollingKeyDTO timeBasedRollingKey = getTimeBasedRollingKey(parseLong);
        log.info("登陆拦截器:tbrk:{},ts:{}", JSON.toJSONString(timeBasedRollingKey), Long.valueOf(parseLong));
        try {
            ConsumerCookieDTO consumerCookieDTO = (ConsumerCookieDTO) JSON.parseObject(decrypt(cookie, timeBasedRollingKey), ConsumerCookieDTO.class);
            if (isValidTime(consumerCookieDTO.getTime())) {
                return consumerCookieDTO;
            }
            return null;
        } catch (Exception e) {
            log.warn("登录拦截，cookie解析异常, wdata4:{}, ts:{}", new Object[]{cookie, Long.valueOf(parseLong), e});
            throw new BizException("登录异常，请重新登录");
        }
    }

    public ConsumerCookieDTO injectConsumerInfoIntoCookie(ConsumerDTO consumerDTO, HttpServletResponse httpServletResponse) {
        long currentTimeMillis = System.currentTimeMillis();
        ConsumerCookieDTO makeConsumerCookieDto = makeConsumerCookieDto(consumerDTO, currentTimeMillis);
        String jSONString = JSON.toJSONString(makeConsumerCookieDto);
        TimeBasedRollingKeyDTO timeBasedRollingKey = getTimeBasedRollingKey(currentTimeMillis);
        String encrypt = encrypt(jSONString, timeBasedRollingKey);
        log.info("登陆拦截器:tbrk:{},ts:{}", JSON.toJSONString(timeBasedRollingKey), Long.valueOf(currentTimeMillis));
        Cookie cookie = new Cookie(CONSUMER_WDATA4_COOKIE, encrypt);
        cookie.setHttpOnly(true);
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
        Cookie cookie2 = new Cookie(LOGIN_TIME_COOKIE, String.valueOf(currentTimeMillis));
        cookie2.setHttpOnly(true);
        cookie2.setPath("/");
        httpServletResponse.addCookie(cookie2);
        return makeConsumerCookieDto;
    }

    private boolean isValidTime(long j) {
        long currentTimeMillis = System.currentTimeMillis();
        return j > currentTimeMillis - 86400000 && j < currentTimeMillis + 300000;
    }

    private TimeBasedRollingKeyDTO getTimeBasedRollingKey(long j) {
        return this.kmsClient.getCachedTimeBasedRollingKey(j);
    }

    public String encrypt(String str, TimeBasedRollingKeyDTO timeBasedRollingKeyDTO) {
        if (timeBasedRollingKeyDTO == null) {
            throw new NullPointerException("keyDto must not be null");
        }
        return SecurityUtils.encode2StringByBase64(SecurityUtils.encodeByAes(str, timeBasedRollingKeyDTO.getSecretKey()));
    }

    public String decrypt(String str, TimeBasedRollingKeyDTO timeBasedRollingKeyDTO) {
        if (timeBasedRollingKeyDTO == null) {
            throw new NullPointerException("keyDto must not be null");
        }
        return new String(SecurityUtils.decodeByAes(SecurityUtils.decodeBase64(str), timeBasedRollingKeyDTO.getSecretKey()), Charset.forName("UTF-8"));
    }

    private ConsumerCookieDTO makeConsumerCookieDto(ConsumerDTO consumerDTO, long j) {
        if (consumerDTO.getId() == null) {
            throw new IllegalArgumentException("consumer's id must not be null");
        }
        if (consumerDTO.getPartnerUserId() == null) {
            throw new IllegalArgumentException("consumer's partnerUserId must not be null");
        }
        ConsumerCookieDTO consumerCookieDTO = new ConsumerCookieDTO();
        consumerCookieDTO.setCid(consumerDTO.getId());
        consumerCookieDTO.setPartnerUserId(consumerDTO.getPartnerUserId());
        consumerCookieDTO.setTime(j);
        consumerCookieDTO.setOpenId(consumerDTO.getOpenId());
        consumerCookieDTO.setType(consumerDTO.getUserType());
        return consumerCookieDTO;
    }
}
