package com.supermap.services.security;

import com.supermap.services.rest.resources.SecurityManageResource;
import com.supermap.services.rest.util.HttpUtil;
import com.supermap.services.util.LogUtil;
import com.supermap.services.util.ResourceManager;
import com.supermap.services.util.Tool;
import java.io.File;
import java.util.Iterator;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.mgt.RealmSecurityManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.subject.WebSubject;
import org.apache.shiro.web.subject.support.WebDelegatingSubject;
import org.slf4j.cal10n.LocLogger;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/security/ShiroUtil.class */
public class ShiroUtil {
    public static final String ATTRIBUTE_NAME_ANOTHER_PLACE_LOGIN = "anotherPlaceLogin";
    public static final String SHIRO_INI_RESOURCENAME = "shiro.ini";
    public static final String SHIRO_URLS_INI_RESOURCENAME = "shiroUrls.ini";
    public static final String SHIRO_CUSTOM_URLS_INI_RESOURCENAME = "shiroCustomUrls.ini";
    private static SecurityManager a;
    public static final String SHIRO_REQUEST_REFERER = "shiro_request_referer";
    private static final String b = "com.supermap.logoutwhenrequestcompleted";
    private static final String c = "com.supermap.subjectofcurrentrequest";
    private static final String d = "/logout";
    private static final String e = "/login";
    private static ResourceManager f = new ResourceManager((Class<? extends Enum<?>>) SecurityManageResource.class);
    private static LocLogger g = LogUtil.getLocLogger(ShiroUtil.class, f);

    public static SecurityManager getShiroSecurityManager() {
        return a;
    }

    public static void setShiroSecurityManager(SecurityManager securityManager) {
        a = securityManager;
    }

    public static Subject getSubject(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Subject subject = ThreadContext.getSubject();
        if (subject != null) {
            return subject;
        }
        if (a == null) {
            throw new IllegalStateException("shiroSecurityManager does not initizlized yet");
        }
        WebSubject buildWebSubject = new WebSubject.Builder(a, httpServletRequest, httpServletResponse).buildWebSubject();
        ThreadContext.bind(buildWebSubject);
        return buildWebSubject;
    }

    public static void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, UsernamePasswordToken usernamePasswordToken) {
        a(getSubject(httpServletRequest, httpServletResponse), httpServletRequest, usernamePasswordToken);
    }

    public static boolean anotherPlaceLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Optional<IServerSessionManager> a2 = a(httpServletRequest, httpServletResponse);
        if (!a2.isPresent()) {
            return false;
        }
        return a2.get().anotherPlaceLogin(str, httpServletRequest.getRemoteAddr());
    }

    public static void recordLoginInfo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Optional<IServerSessionManager> a2 = a(httpServletRequest, httpServletResponse);
        if (a2.isPresent()) {
            a2.get().addLoginInfo(str, httpServletRequest, httpServletResponse);
        }
    }

    private static Optional<IServerSessionManager> a(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        WebDelegatingSubject subject = getSubject(httpServletRequest, httpServletResponse);
        if (!(subject instanceof WebDelegatingSubject)) {
            return Optional.empty();
        }
        DefaultWebSecurityManager securityManager = subject.getSecurityManager();
        if (!(securityManager instanceof DefaultWebSecurityManager)) {
            return Optional.empty();
        }
        IServerSessionManager sessionManager = securityManager.getSessionManager();
        return !(sessionManager instanceof IServerSessionManager) ? Optional.empty() : Optional.of(sessionManager);
    }

    private static void a(Subject subject, HttpServletRequest httpServletRequest, UsernamePasswordToken usernamePasswordToken) {
        subject.login(usernamePasswordToken);
        httpServletRequest.setAttribute(c, subject);
        String str = (String) subject.getPrincipal();
        if (subject.isPermitted(SecurityConstants.PERMISSION_GUEST_ONLY)) {
            return;
        }
        HttpUtil.putCurrentUserName(str, httpServletRequest);
    }

    public static void logoutTokenAuthentication(HttpServletRequest httpServletRequest) {
        Subject subject = (Subject) httpServletRequest.getAttribute(c);
        if (subject != null) {
            subject.logout();
        }
    }

    public static boolean isLogoutFlag(HttpServletRequest httpServletRequest) {
        return Boolean.valueOf((String) httpServletRequest.getAttribute(b)).booleanValue();
    }

    public static void removeLogoutFlag(HttpServletRequest httpServletRequest) {
        httpServletRequest.removeAttribute(b);
    }

    public static String getCurrentUserName() {
        Subject subject = ThreadContext.getSubject();
        if (subject != null) {
            return (String) subject.getPrincipal();
        }
        return null;
    }

    public static void loginAsGuest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, WebSubject webSubject) {
        a(webSubject, httpServletRequest, new BuiltInToken(SecurityConstants.USER_GUEST, SecurityConstants.ROLE_EVERYONE, SecurityConstants.PERMISSION_GUEST_ONLY).lookupPermission(true));
        ThreadContext.bind(webSubject);
        httpServletRequest.setAttribute(c, webSubject);
        httpServletRequest.setAttribute(b, "true");
    }

    public static String getReferer(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getSession().getAttribute(SHIRO_REQUEST_REFERER);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void a(HttpServletRequest httpServletRequest) {
        if (d(httpServletRequest) || b(httpServletRequest) || c(httpServletRequest)) {
            return;
        }
        StringBuilder sb = new StringBuilder(httpServletRequest.getRequestURI());
        String queryString = httpServletRequest.getQueryString();
        if (StringUtils.isNotEmpty(queryString)) {
            sb.append("?").append(queryString);
        }
        httpServletRequest.getSession().setAttribute(SHIRO_REQUEST_REFERER, sb.toString());
    }

    private static boolean b(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().contains("/logout");
    }

    private static boolean c(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().contains(e);
    }

    private static boolean d(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().contains("shiro-cas");
    }

    public static boolean isCasRealmEnabled() {
        CasRealm casRealm;
        Manager manager = Manager.getInstance();
        return (manager == null || manager.isSecurityEnabled()) && (casRealm = getCasRealm()) != null && casRealm.isEnabled();
    }

    public static boolean isLdapRealmEnabled() {
        LdapRealm ldapRealm;
        Manager manager = Manager.getInstance();
        return (manager == null || manager.isSecurityEnabled()) && (ldapRealm = getLdapRealm()) != null && ldapRealm.getLdapConfig().enabled;
    }

    public static CasRealm getCasRealm() {
        return (CasRealm) getRealm(CasRealm.class);
    }

    public static LdapRealm getLdapRealm() {
        return (LdapRealm) getRealm(LdapRealm.class);
    }

    public static <T> T getRealm(Class<T> cls) {
        RealmSecurityManager securityManager = ThreadContext.getSecurityManager();
        if (!(securityManager instanceof RealmSecurityManager)) {
            return null;
        }
        Iterator it = securityManager.getRealms().iterator();
        while (it.hasNext()) {
            T t = (T) ((Realm) it.next());
            if (cls.isInstance(t)) {
                return t;
            }
        }
        return null;
    }

    public static AuthenticationInfo authenticateToken(AuthenticationToken authenticationToken) {
        AuthenticationInfo authenticationInfo;
        RealmSecurityManager securityManager = ThreadContext.getSecurityManager();
        if (!(securityManager instanceof RealmSecurityManager)) {
            return null;
        }
        for (Realm realm : securityManager.getRealms()) {
            try {
                if (realm.supports(authenticationToken) && (authenticationInfo = realm.getAuthenticationInfo(authenticationToken)) != null) {
                    return authenticationInfo;
                }
            } catch (RuntimeException e2) {
                g.debug(e2.getMessage(), e2);
            }
        }
        return null;
    }

    public static File getShiroIniFile(String str) {
        String str2 = str;
        if (str == null) {
            str2 = "shiro.ini";
        }
        return new File(Tool.getConfigPath(), str2);
    }
}
