package bingo.security;

import bingo.common.core.utils.StringUtils;
import bingo.security.authentication.ISecurityAuthenticator;
import bingo.security.authorization.ISecurityAuthorizer;
import bingo.security.exceptions.UserNotFoundException;
import bingo.security.principal.IUser;
import bingo.security.store.IAuthStore;
import bingo.security.store.IUserStore;
import bingo.security.utils.Util;
import com.raizlabs.android.dbflow.sql.language.Condition;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class SecurityProvider implements ISecurityProvider {
    protected IAuthStore authStore;
    protected ISecurityAuthenticator authenticator;
    protected ISecurityAuthorizer authorizer;
    protected IUserStore userStore;
    private static final Logger log = LoggerFactory.getLogger(SecurityProvider.class);
    public static final String TRUSTED_LOGIN_ID = SecurityProvider.class.getName() + "$loginId";
    private static final String SESSION_CACHE = SecurityProvider.class.getName() + "$cache";
    private static final String SIGNIN_USER = SecurityProvider.class.getName() + "$user";

    @Override // bingo.security.ISecurityProvider
    public boolean authenticate(HttpServletRequest httpServletRequest) {
        String trustedLoginIdFromRequest;
        IUser signedInUserFromSession = getSignedInUserFromSession(httpServletRequest);
        if (signedInUserFromSession == null && (trustedLoginIdFromRequest = getTrustedLoginIdFromRequest(httpServletRequest)) != null && !"".equals(trustedLoginIdFromRequest.trim())) {
            signedInUserFromSession = signIn(httpServletRequest, trustedLoginIdFromRequest);
        }
        return signedInUserFromSession != null;
    }

    @Override // bingo.security.ISecurityProvider
    public boolean authorize(HttpServletRequest httpServletRequest) {
        return hasPermissionOfRequest(httpServletRequest);
    }

    @Override // bingo.security.ISecurityProvider
    public String encryptPassword(String str) {
        return getAuthenticator().encryptPassword(str);
    }

    public IAuthStore getAuthStore() {
        return this.authStore;
    }

    public ISecurityAuthenticator getAuthenticator() {
        return this.authenticator;
    }

    public ISecurityAuthorizer getAuthorizer() {
        return this.authorizer;
    }

    @Override // bingo.security.ISecurityProvider
    public IUser getCurrentUser(HttpServletRequest httpServletRequest) {
        return getSignedInUserFromSession(httpServletRequest);
    }

    @Override // bingo.security.ISecurityProvider
    public String getPermissionRule(IUser iUser, String str) {
        String str2 = "PermissionRule:" + str;
        if (!isCurrentUser(iUser)) {
            return getAuthorizer().getUserPermissionRule(iUser, str);
        }
        ConcurrentHashMap<String, Object> sessionCache = getSessionCache(SecurityContext.getRequest());
        Object obj = sessionCache.get(str2);
        if (obj == null && (obj = getAuthorizer().getUserPermissionRule(iUser, str)) != null) {
            sessionCache.put(str2, obj);
        }
        return (String) obj;
    }

    @Override // bingo.security.ISecurityProvider
    public String getPermissionRule(String str) {
        return getPermissionRule(getCurrentUser(SecurityContext.getRequest()), str);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: RegionMakerVisitor
        jadx.core.utils.exceptions.JadxRuntimeException: Can't find top splitter block for handler:B:18:0x001d
        	at jadx.core.utils.BlockUtils.getTopSplitterForHandler(BlockUtils.java:1166)
        	at jadx.core.dex.visitors.regions.RegionMaker.processTryCatchBlocks(RegionMaker.java:1022)
        	at jadx.core.dex.visitors.regions.RegionMakerVisitor.visit(RegionMakerVisitor.java:55)
        */
    protected java.util.concurrent.ConcurrentHashMap<java.lang.String, java.lang.Object> getSessionCache(javax.servlet.http.HttpServletRequest r5) {
        /*
            r4 = this;
            r3 = 1
            javax.servlet.http.HttpSession r2 = r5.getSession(r3)
            java.lang.String r3 = bingo.security.SecurityProvider.SESSION_CACHE
            java.lang.Object r0 = r2.getAttribute(r3)
            java.util.concurrent.ConcurrentHashMap r0 = (java.util.concurrent.ConcurrentHashMap) r0
            if (r0 != 0) goto L1c
            monitor-enter(r2)
            java.util.concurrent.ConcurrentHashMap r1 = new java.util.concurrent.ConcurrentHashMap     // Catch: java.lang.Throwable -> L1d
            r1.<init>()     // Catch: java.lang.Throwable -> L1d
            java.lang.String r3 = bingo.security.SecurityProvider.SESSION_CACHE     // Catch: java.lang.Throwable -> L20
            r2.setAttribute(r3, r1)     // Catch: java.lang.Throwable -> L20
            monitor-exit(r2)     // Catch: java.lang.Throwable -> L20
            r0 = r1
        L1c:
            return r0
        L1d:
            r3 = move-exception
        L1e:
            monitor-exit(r2)     // Catch: java.lang.Throwable -> L1d
            throw r3
        L20:
            r3 = move-exception
            r0 = r1
            goto L1e
        */
        throw new UnsupportedOperationException("Method not decompiled: bingo.security.SecurityProvider.getSessionCache(javax.servlet.http.HttpServletRequest):java.util.concurrent.ConcurrentHashMap");
    }

    protected IUser getSignedInUserFromSession(HttpServletRequest httpServletRequest) {
        return (IUser) httpServletRequest.getSession(true).getAttribute(SIGNIN_USER);
    }

    protected String getTrustedLoginIdFromRequest(HttpServletRequest httpServletRequest) {
        return (String) httpServletRequest.getAttribute(TRUSTED_LOGIN_ID);
    }

    @Override // bingo.security.ISecurityProvider
    public IUser getUser(String str) {
        IUser userByLoginId = getUserStore().getUserByLoginId(str);
        if (userByLoginId == null) {
            return null;
        }
        userByLoginId.setRoles(getAuthStore().getAllUserRoles(userByLoginId));
        return userByLoginId;
    }

    public IUserStore getUserStore() {
        return this.userStore;
    }

    @Override // bingo.security.ISecurityProvider
    public boolean hasPermission(IUser iUser, String str) {
        String str2 = "OperationPermission:" + str;
        if (!isCurrentUser(iUser)) {
            return getAuthorizer().isUserHasPermission(iUser, str);
        }
        ConcurrentHashMap<String, Object> sessionCache = getSessionCache(SecurityContext.getRequest());
        Object obj = sessionCache.get(str2);
        if (obj == null && (obj = Boolean.valueOf(getAuthorizer().isUserHasPermission(iUser, str))) != null) {
            sessionCache.put(str2, obj);
        }
        return ((Boolean) obj).booleanValue();
    }

    @Override // bingo.security.ISecurityProvider
    public boolean hasPermission(String str) {
        return hasPermission(getCurrentUser(SecurityContext.getRequest()), str);
    }

    @Override // bingo.security.ISecurityProvider
    public boolean hasPermissionOfRequest(IUser iUser, HttpServletRequest httpServletRequest) {
        return hasPermissionOfUrl(iUser, Util.getRequestPath(httpServletRequest), httpServletRequest.getQueryString());
    }

    @Override // bingo.security.ISecurityProvider
    public boolean hasPermissionOfRequest(HttpServletRequest httpServletRequest) {
        return hasPermissionOfRequest(getCurrentUser(httpServletRequest), httpServletRequest);
    }

    @Override // bingo.security.ISecurityProvider
    public boolean hasPermissionOfUrl(IUser iUser, String str, String str2) {
        String str3 = "UrlPermission:" + str + (StringUtils.isEmpty(str2) ? "" : Condition.Operation.EMPTY_PARAM + str2);
        if (!isCurrentUser(iUser)) {
            return getAuthorizer().isUserHasPermissionOfUrl(iUser, str, str2);
        }
        ConcurrentHashMap<String, Object> sessionCache = getSessionCache(SecurityContext.getRequest());
        Object obj = sessionCache.get(str3);
        if (obj == null && (obj = Boolean.valueOf(getAuthorizer().isUserHasPermissionOfUrl(iUser, str, str2))) != null) {
            sessionCache.put(str3, obj);
        }
        return ((Boolean) obj).booleanValue();
    }

    @Override // bingo.security.ISecurityProvider
    public boolean hasPermissionOfUrl(String str, String str2) {
        return hasPermissionOfUrl(getCurrentUser(SecurityContext.getRequest()), str, str2);
    }

    @Override // bingo.security.ISecurityProvider
    public boolean isCurrentUser(IUser iUser) {
        return getSignedInUserFromSession(SecurityContext.getRequest()) == iUser;
    }

    protected void removeSignedInUserInSession(HttpServletRequest httpServletRequest) {
        httpServletRequest.getSession(true).removeAttribute(SIGNIN_USER);
        httpServletRequest.getSession().invalidate();
    }

    public void setAuthStore(IAuthStore iAuthStore) {
        this.authStore = iAuthStore;
    }

    public void setAuthenticator(ISecurityAuthenticator iSecurityAuthenticator) {
        this.authenticator = iSecurityAuthenticator;
    }

    public void setAuthorizer(ISecurityAuthorizer iSecurityAuthorizer) {
        this.authorizer = iSecurityAuthorizer;
    }

    public void setUserStore(IUserStore iUserStore) {
        this.userStore = iUserStore;
    }

    @Override // bingo.security.ISecurityProvider
    public IUser signIn(HttpServletRequest httpServletRequest, String str) {
        IUser user = getUser(str);
        if (user == null) {
            throw new UserNotFoundException(Messages.getString("UserNotFoundMessage", str));
        }
        storeSignedInUserInSession(httpServletRequest, user);
        log.info("User '{}' signed in", user.getLoginId());
        return user;
    }

    @Override // bingo.security.ISecurityProvider
    public void signOut(HttpServletRequest httpServletRequest) {
        IUser signedInUserFromSession;
        if (log.isDebugEnabled() && (signedInUserFromSession = getSignedInUserFromSession(httpServletRequest)) != null) {
            log.debug("User '{}' signed out", signedInUserFromSession.getLoginId());
        }
        removeSignedInUserInSession(httpServletRequest);
    }

    protected void storeSignedInUserInSession(HttpServletRequest httpServletRequest, IUser iUser) {
        httpServletRequest.getSession(true).setAttribute(SIGNIN_USER, iUser);
    }

    @Override // bingo.security.ISecurityProvider
    public boolean validateUser(String str, String str2) {
        return getAuthenticator().validateUser(str, str2);
    }
}
