package com.seeyon.ctp.services;

import com.seeyon.ctp.common.authenticate.TrustAddressManager;
import com.seeyon.ctp.common.constants.SystemProperties;
import com.seeyon.ctp.services.security.ServiceManager;
import com.seeyon.ctp.util.Strings;
import java.security.MessageDigest;
import javax.servlet.http.HttpServletRequest;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/seeyon/ctp/services/AuthorityServiceImpl.class */
public class AuthorityServiceImpl implements AuthorityService {
    private static final Logger logger = Logger.getLogger(AuthorityServiceImpl.class);
    private boolean inited = false;
    private boolean encode = false;
    private String pwd = "123456";
    private boolean enabledWeakPassword = false;

    @Override // com.seeyon.ctp.services.AuthorityService
    public UserToken authenticate(String str, String str2) throws ServiceException {
        MessageContext currentMessageContext = MessageContext.getCurrentMessageContext();
        if (currentMessageContext != null) {
            if (!TrustAddressManager.getInstance().isTrustPass((HttpServletRequest) currentMessageContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST))) {
                throw new ServiceException(-1L, "客户端ip认证不通过");
            }
        }
        return ("service-admin".equals(str) && auth(str2)) ? ServiceManager.getInstance().getToken(str) : ServiceManager.getInstance().getNullToken();
    }

    @Override // com.seeyon.ctp.services.AuthorityService
    public UserToken getUserToken(String str, String str2) {
        return ServiceManager.getInstance().getToken(str);
    }

    private void init() {
        this.pwd = SystemProperties.getInstance().getProperty("webservice.password");
        this.encode = "1".equals(SystemProperties.getInstance().getProperty("webservice.password.encode"));
        this.enabledWeakPassword = "1".equals(SystemProperties.getInstance().getProperty("webservice.weakpassword.enabled"));
        this.inited = true;
    }

    private boolean auth(String str) {
        boolean z = false;
        if (!this.inited) {
            init();
        }
        try {
            if (Strings.isEmpty(str)) {
                logger.error("您使用了弱口令，不允许调用webservice。");
                z = false;
            } else {
                String str2 = str;
                if (this.encode) {
                    str2 = getMD5(str.getBytes());
                    z = str2.equalsIgnoreCase(this.pwd);
                } else {
                    z = str.equals(this.pwd);
                }
                if (!this.enabledWeakPassword && (str2.equals("123456") || str2.equals("mustchange"))) {
                    logger.error("您使用了弱口令，不允许调用webservice。");
                    z = false;
                }
            }
        } catch (Exception e) {
            logger.error(e.getLocalizedMessage(), e);
        }
        return z;
    }

    private static String getMD5(byte[] bArr) {
        String str = null;
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            char[] cArr2 = new char[32];
            int i = 0;
            for (int i2 = 0; i2 < 16; i2++) {
                byte b = digest[i2];
                int i3 = i;
                int i4 = i + 1;
                cArr2[i3] = cArr[(b >>> 4) & 15];
                i = i4 + 1;
                cArr2[i4] = cArr[b & 15];
            }
            str = new String(cArr2);
        } catch (Exception e) {
            logger.error(e.getLocalizedMessage(), e);
        }
        return str;
    }
}
