package com.yonyou.iuap.tenant.web.cas.util;

import com.yonyou.iuap.tenant.sdk.RedisUtils;
import com.yonyou.iuap.tenant.web.cas.logout.entity.TenantUser;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import uap.web.auth.Constants;
import uap.web.esapi.EncryptException;
import uap.web.utils.CookieUtil;
import uap.web.utils.TokenGenerator;
import uap.web.utils.sign.SignUtils;

/* loaded from: input_file:com/yonyou/iuap/tenant/web/cas/util/CasClientUtils.class */
public class CasClientUtils {
    private static final Logger logger = LoggerFactory.getLogger("CasClientUtils");

    public static void destroyToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String findCookieValue = CookieUtil.findCookieValue(httpServletRequest.getCookies(), "tenant_token");
        String findCookieValue2 = CookieUtil.findCookieValue(httpServletRequest.getCookies(), "tenant_username");
        TenantUser userCache = RedisUtils.getUserCache("user.info.login.tenant:" + findCookieValue2);
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals("tenant_token") || cookie.getName().equals("tenant_username")) {
                    cookie.setValue((String) null);
                    cookie.setMaxAge(-1);
                    cookie.setHttpOnly(true);
                    cookie.setPath("/");
                    httpServletResponse.addCookie(cookie);
                }
            }
        }
        if (userCache != null) {
            try {
                if (TokenGenerator.genToken(userCache.getUserId(), userCache.getLoginTs(), RedisUtils.findSeed()).equalsIgnoreCase(findCookieValue)) {
                    RedisUtils.disCacheUser(findCookieValue2);
                    RedisUtils.removeSessionCacheAttribute(Constants.TENANT_ASSERTION, findCookieValue2);
                }
            } catch (EncryptException e) {
                logger.error("Fail to delete cookie!", e);
            }
        }
    }

    public static String getTicket(String str, String str2, String str3, String str4) {
        notNull(str, "server must not be null");
        notNull(str2, "username must not be null");
        notNull(str3, "password must not be null");
        notNull(str4, "service must not be null");
        return getServiceTicket(str, getTicketGrantingTicket(str, str2, str3), str4);
    }

    private static String getServiceTicket(String str, String str2, String str3) {
        if (str2 == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("service", str3);
        return SignUtils.signAndPost(str + "/" + str2, hashMap);
    }

    private static String getTicketGrantingTicket(String str, String str2, String str3) {
        HashMap hashMap = new HashMap();
        hashMap.put("auto_username", str2);
        hashMap.put("isAutoLogin", "1");
        String signAndPost = SignUtils.signAndPost(str, hashMap);
        info("TGT=" + signAndPost);
        if (signAndPost == null) {
            warning("Invalid response from CAS server!");
            return null;
        }
        Matcher matcher = Pattern.compile(".*action=\".*/(.*?)\".*").matcher(signAndPost);
        if (matcher.matches()) {
            return matcher.group(1);
        }
        warning("Successful ticket granting request, but no ticket found!");
        info("Response (1k): " + signAndPost.substring(0, Math.min(1024, signAndPost.length())));
        return null;
    }

    private static void ticketValidate(String str, String str2, String str3) {
        notNull(str2, "paramter 'serviceTicket' is not null");
        notNull(str3, "paramter 'service' is not null");
        try {
            String signAndPost = SignUtils.signAndPost(str + "?ticket=" + str2 + "&service=" + URLEncoder.encode(str3, "UTF-8"), new HashMap());
            if (signAndPost != null) {
                info(signAndPost);
                info("成功取得用户数据");
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
    }

    private static void notNull(Object obj, String str) {
        if (obj == null) {
            throw new IllegalArgumentException(str);
        }
    }

    private static void warning(String str) {
        logger.warn(str);
    }

    private static void info(String str) {
        logger.info(str);
    }
}
