package com.seeyon.ctp.login.interceptor;

import com.seeyon.ctp.common.AppContext;
import com.seeyon.ctp.common.authenticate.LockLoginInfoFactory;
import com.seeyon.ctp.common.authenticate.sso.SSOTicketManager;
import com.seeyon.ctp.common.config.IConfigPublicKey;
import com.seeyon.ctp.common.config.SystemConfig;
import com.seeyon.ctp.common.constants.LoginConstants;
import com.seeyon.ctp.common.constants.LoginResult;
import com.seeyon.ctp.common.shareMap.V3xShareMap;
import com.seeyon.ctp.login.AbstractLoginInterceptor;
import com.seeyon.ctp.organization.principal.PrincipalManager;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/seeyon/ctp/login/interceptor/LockLoginInterceptor.class */
public class LockLoginInterceptor extends AbstractLoginInterceptor {
    private static final Log log = LogFactory.getLog(LockLoginInterceptor.class);
    private PrincipalManager principalManager;
    private SystemConfig systemConfig;

    public LockLoginInterceptor() {
        this.principalManager = null;
        this.systemConfig = null;
        this.principalManager = (PrincipalManager) AppContext.getBean("principalManager");
        this.systemConfig = (SystemConfig) AppContext.getBean("systemConfig");
    }

    @Override // com.seeyon.ctp.login.AbstractLoginInterceptor, com.seeyon.ctp.login.LoginInterceptor
    public LoginResult afterComplete(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Date pwdExpirationDate;
        String currentUserLoginName = AppContext.currentUserLoginName();
        LockLoginInfoFactory.getInstance().remove(currentUserLoginName);
        if (Integer.parseInt(this.systemConfig.get(IConfigPublicKey.PWD_EXPIRATION_TIME)) > 0 && ((pwdExpirationDate = this.principalManager.getPwdExpirationDate(currentUserLoginName)) == null || pwdExpirationDate.getTime() < System.currentTimeMillis())) {
            V3xShareMap.put("PwdExpirationInfo-" + AppContext.currentUserLoginName(), new Object[]{pwdExpirationDate, pwdExpirationDate == null ? null : this.principalManager.getCredentialUpdateDate(currentUserLoginName)});
        }
        Object attribute = httpServletRequest.getAttribute("__LoginAuthenticationClassSimpleName");
        if (attribute != null) {
            V3xShareMap.put("LoginAuthentication-" + AppContext.currentUserLoginName(), attribute);
        }
        return LoginResult.OK;
    }

    @Override // com.seeyon.ctp.login.AbstractLoginInterceptor, com.seeyon.ctp.login.LoginInterceptor
    public LoginResult afterFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        LoginResult loginResult = null;
        int parseInt = Integer.parseInt(this.systemConfig.get(IConfigPublicKey.USER_LOGIN_COUNT));
        int parseInt2 = Integer.parseInt(this.systemConfig.get(IConfigPublicKey.FORBIDDEN_LOGIN_TIME));
        String parameter = httpServletRequest.getParameter(LoginConstants.USERNAME);
        if (parseInt > 0 && parseInt2 > 0) {
            if (StringUtils.isBlank(parameter)) {
                parameter = getUserNameWithTicket(httpServletRequest);
            }
            if (StringUtils.isNotBlank(parameter) && this.principalManager.isExist(parameter)) {
                int count = parseInt - LockLoginInfoFactory.getInstance().add(parameter, httpServletRequest.getRemoteAddr()).getCount();
                loginResult = count <= 0 ? LoginResult.ERROR_LOCK : LoginResult.ERROR_UNKNOWN_USER_Opportunity.setParameters(String.valueOf(count));
            }
        }
        log.error(String.valueOf(parameter) + "@" + httpServletRequest.getRemoteAddr() + " 登录失败。");
        return loginResult;
    }

    @Override // com.seeyon.ctp.login.AbstractLoginInterceptor, com.seeyon.ctp.login.LoginInterceptor
    public LoginResult preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int parseInt = Integer.parseInt(this.systemConfig.get(IConfigPublicKey.USER_LOGIN_COUNT));
        int parseInt2 = Integer.parseInt(this.systemConfig.get(IConfigPublicKey.FORBIDDEN_LOGIN_TIME));
        if (parseInt > 0 && parseInt2 > 0) {
            String parameter = httpServletRequest.getParameter(LoginConstants.USERNAME);
            if (StringUtils.isBlank(parameter)) {
                parameter = getUserNameWithTicket(httpServletRequest);
            }
            LockLoginInfoFactory.LockLoginInfo lockLoginInfo = LockLoginInfoFactory.getInstance().get(parameter);
            if (lockLoginInfo != null && lockLoginInfo.getCount() >= parseInt && System.currentTimeMillis() - lockLoginInfo.getLockTime() < parseInt2 * 3600000) {
                return LoginResult.ERROR_LOCK;
            }
        }
        return LoginResult.OK;
    }

    private String getUserNameWithTicket(HttpServletRequest httpServletRequest) {
        SSOTicketManager.TicketInfo ticketInfo = SSOTicketManager.getInstance().getTicketInfo(httpServletRequest.getParameter("ticket"));
        if (ticketInfo == null || !ticketInfo.isAvailable()) {
            return null;
        }
        return ticketInfo.getUsername();
    }
}
