package cn.leancloud;

import com.avos.avoscloud.AVUtils;
import com.avos.avoscloud.internal.impl.JavaRequestSignImplementation;
import javax.servlet.http.HttpServletRequest;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:cn/leancloud/RequestAuth.class */
class RequestAuth {
    private static final Logger logger = LogManager.getLogger(RequestAuth.class);
    public static final String ATTRIBUTE_KEY = "requestAuth";
    public static final String USER_KEY = "authUser";
    private String appId;
    private String appKey;
    private String masterKey;
    private String prod;
    private String sessionToken;
    private String sign;

    public static void auth(HttpServletRequest httpServletRequest) throws UnauthException {
        RequestAuth requestAuth = new RequestAuth(httpServletRequest);
        logger.debug("request auth: {}", new Object[]{requestAuth});
        if (requestAuth.getAppId() == null) {
            throw new UnauthException();
        }
        if (LeanEngine.getAppId().equals(requestAuth.getAppId()) && (LeanEngine.getAppKey().equals(requestAuth.getAppKey()) || LeanEngine.getMasterKey().equals(requestAuth.getAppKey()) || LeanEngine.getMasterKey().equals(requestAuth.getMasterKey()))) {
            if (LeanEngine.getMasterKey().equals(requestAuth.getMasterKey())) {
                httpServletRequest.setAttribute("authMasterKey", true);
            }
            httpServletRequest.setAttribute(ATTRIBUTE_KEY, requestAuth);
            return;
        }
        if (requestAuth.getSign() != null) {
            String[] split = requestAuth.getSign().split(",");
            String str = split[0];
            String str2 = split[1];
            String str3 = null;
            if (split.length > 2) {
                str3 = split[2];
            }
            if (requestAuth.getSign().equals(JavaRequestSignImplementation.requestSign(Long.parseLong(str2), "master".equals(str3)))) {
                httpServletRequest.setAttribute(ATTRIBUTE_KEY, requestAuth);
                return;
            }
        }
        throw new UnauthException();
    }

    private RequestAuth(HttpServletRequest httpServletRequest) {
        if (httpServletRequest.getContentType() == null || !httpServletRequest.getContentType().startsWith("text/plain")) {
            this.appId = getHeaders(httpServletRequest, "x-lc-id", "x-avoscloud-application-id", "x-uluru-application-id");
            this.appKey = getHeaders(httpServletRequest, "x-lc-key", "x-avoscloud-application-key", "x-uluru-application-key");
            this.masterKey = getHeaders(httpServletRequest, "x-avoscloud-master-key", "x-uluru-master-key");
            if (this.appKey != null && this.appKey.indexOf(",master") > 0) {
                this.masterKey = this.appKey.substring(0, this.appKey.indexOf(",master"));
                this.appKey = null;
            }
            this.prod = getHeaders(httpServletRequest, "x-lc-prod", "x-avoscloud-application-production", "x-uluru-application-production");
            if ("false".equals(this.prod)) {
                this.prod = "0";
            }
            this.sessionToken = getHeaders(httpServletRequest, "x-lc-session", "x-uluru-session-token", "x-avoscloud-session-token");
            this.sign = getHeaders(httpServletRequest, "x-lc-sign", "x-avoscloud-request-sign");
            String headers = getHeaders(httpServletRequest, "x-real-ip", "x-forwarded-for");
            EngineRequestContext.setRemoteAddress(AVUtils.isBlankString(headers) ? httpServletRequest.getRemoteAddr() : headers);
        }
    }

    private String getHeaders(HttpServletRequest httpServletRequest, String... strArr) {
        for (String str : strArr) {
            String header = httpServletRequest.getHeader(str);
            if (header != null) {
                return header;
            }
        }
        return null;
    }

    public String getAppId() {
        return this.appId;
    }

    public String getAppKey() {
        return this.appKey;
    }

    public String getMasterKey() {
        return this.masterKey;
    }

    public String getProd() {
        return this.prod;
    }

    public String getSessionToken() {
        return this.sessionToken;
    }

    public String getSign() {
        return this.sign;
    }

    public String toString() {
        return "RequestAuth [appId=" + this.appId + ", appKey=" + (this.appKey != null ? this.appKey.substring(0, 2) + "..." : null) + ", masterKey=" + (this.masterKey != null ? this.masterKey.substring(0, 2) + "..." : null) + ", prod=" + this.prod + ", sessionToken=" + this.sessionToken + ", sign=" + this.sign + "]";
    }
}
