package com.aisec.idas.alice.security.impl;

import com.aisec.idas.alice.config.impl.ConfigMgrFactory;
import com.aisec.idas.alice.security.bean.SecurityBean;
import com.aisec.idas.alice.security.util.SecurityUtils;
import java.util.Map;
import java.util.UUID;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public class Security {
    private static final String PHW_SECURITY_ENCRYPTOR = "PhwSecurityEncryptor";
    private static final String PHW_SECURITY_STOREABLE = "PhwSecurityStoreable";
    private static Logger logger = LoggerFactory.getLogger((Class<?>) Security.class);

    private static void checkSafeKey(String[] strArr, SecurityBean securityBean) {
        if (StringUtils.isNotEmpty(securityBean.getBinding()) && !strArr[0].equals(securityBean.getBinding())) {
            throw new SecurityException("业务信息不一致，获取敏感信息失败！");
        }
        String fromAction = securityBean.getFromAction();
        if (StringUtils.isNotEmpty(fromAction) && !strArr[1].equals(fromAction)) {
            throw new SecurityException("上一步骤校验失败，获取敏感信息失败！");
        }
        if (strArr[2].equals(securityBean.getIp())) {
            if (!strArr[3].equals(securityBean.getDomain())) {
                throw new SecurityException("域名校验失败，获取敏感信息失败！");
            }
            if (Long.valueOf(strArr[4]).longValue() < System.currentTimeMillis()) {
                throw new SecurityException("敏感信息已过期，获取敏感信息失败！");
            }
            return;
        }
        throw new SecurityException("IP校验失败，获取敏感信息失败！,上次IP:" + strArr[2] + ", 本次IP：" + securityBean.getIp());
    }

    private static String decryptSafeKey(SecurityBean securityBean) {
        String securityToken = securityBean.getSecurityToken();
        logger.info("页面传递的token:  {}", securityToken);
        String decrypt = SecurityUtils.decrypt(securityBean.getSecuritySafekey(), ConfigMgrFactory.getSimpleConfigMgr().getString(PHW_SECURITY_ENCRYPTOR), securityToken);
        logger.info("根据页面传递token和加密safeKey解密后的safeKey为:  {}", decrypt);
        return decrypt;
    }

    private static String generateSafeKey(SecurityBean securityBean, String str) {
        String binding = securityBean.getBinding() == null ? "" : securityBean.getBinding();
        String stepAction = securityBean.getStepAction() == null ? "" : securityBean.getStepAction();
        String ip = securityBean.getIp() == null ? "" : securityBean.getIp();
        String domain = securityBean.getDomain() != null ? securityBean.getDomain() : "";
        long currentTimeMillis = System.currentTimeMillis() + (securityBean.getMinituesToLive() == 0 ? 3600000L : securityBean.getMinituesToLive() * 60 * 1000);
        securityBean.setExpiredTime(currentTimeMillis);
        String str2 = binding + '^' + stepAction + '^' + ip + '^' + domain + '^' + currentTimeMillis + '^' + str;
        logger.info("未加密的safekey:  {}", str2);
        return str2;
    }

    public static SecurityBean getPhwSecurity(SecurityBean securityBean) {
        logger.info("====开始读取敏感信息====");
        if (securityBean.getSecurityToken() != null) {
            String[] split = decryptSafeKey(securityBean).split("\\^");
            checkSafeKey(split, securityBean);
            String str = split[5];
            Map readSecurity = SecurityUtils.getStoreableInstance(ConfigMgrFactory.getSimpleConfigMgr().getString(PHW_SECURITY_STOREABLE)).readSecurity(str);
            securityBean.setSecurityContent(readSecurity);
            logger.info("返回key:{}敏感信息:  {}", str, readSecurity);
        }
        return securityBean;
    }

    public static SecurityBean putPhwSecurity(SecurityBean securityBean) {
        logger.info("====开始写入敏感信息====");
        String uuid = UUID.randomUUID().toString();
        logger.info("随机生成的token:  {}", uuid);
        String uuid2 = UUID.randomUUID().toString();
        logger.info("随机生成的敏感信息明文key:  {}", uuid2);
        String generateSafeKey = generateSafeKey(securityBean, uuid2);
        SecurityUtils.getStoreableInstance(ConfigMgrFactory.getSimpleConfigMgr().getString(PHW_SECURITY_STOREABLE)).writeSecurity(uuid2, securityBean);
        logger.info("写入key:{}的敏感信息:  {}", uuid2, securityBean.getSecurityContent());
        String encrypt = SecurityUtils.encrypt(generateSafeKey, ConfigMgrFactory.getSimpleConfigMgr().getString(PHW_SECURITY_ENCRYPTOR), uuid);
        securityBean.setSecurityToken(uuid);
        securityBean.setSecuritySafekey(encrypt);
        return securityBean;
    }
}
