package pt.digitalis.siges.entities.model;

import java.io.UnsupportedEncodingException;
import java.util.Map;
import org.apache.batik.util.XMLConstants;
import org.apache.commons.lang.StringEscapeUtils;
import org.springframework.beans.factory.BeanFactory;
import pt.digitalis.dif.controller.interfaces.IDIFContext;
import pt.digitalis.dif.controller.interfaces.IDIFSession;
import pt.digitalis.dif.controller.objects.DIFUserInSession;
import pt.digitalis.dif.dem.annotations.parameter.Parameter;
import pt.digitalis.dif.dem.annotations.stage.Context;
import pt.digitalis.dif.dem.annotations.stage.Init;
import pt.digitalis.dif.exception.controller.InvalidAccessException;
import pt.digitalis.dif.utils.encryption.DIFEncryptator;
import pt.digitalis.utils.common.CollectionUtils;
import pt.digitalis.utils.common.StringUtils;
import pt.digitalis.utils.crypto.exeption.CryptoException;

/* loaded from: input_file:WEB-INF/lib/SIGESApplication-20.0.17-46.jar:pt/digitalis/siges/entities/model/AbstractPrivateDatasets.class */
public abstract class AbstractPrivateDatasets {
    protected static final String SESSION_ID_PART = "SessionID";
    protected static final String USER_ID_PART = "UserID";

    @Context
    protected IDIFContext context;

    @Parameter(id = "ast")
    protected String securityToken;

    /* JADX INFO: Access modifiers changed from: protected */
    public static final String getAjaxEvent(String str, String str2, IDIFContext iDIFContext) throws CryptoException, UnsupportedEncodingException {
        return getAjaxEvent(str, str2, iDIFContext, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static final String getAjaxEvent(String str, String str2, IDIFContext iDIFContext, Map<String, String> map) throws CryptoException, UnsupportedEncodingException {
        String securityToken = getSecurityToken(iDIFContext);
        StringBuilder sb = new StringBuilder();
        sb.append(str);
        sb.append(":" + str2);
        sb.append("?");
        if (map != null && !map.isEmpty()) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                sb.append(entry.getKey() + XMLConstants.XML_EQUAL_SIGN + entry.getValue() + BeanFactory.FACTORY_BEAN_PREFIX);
            }
        }
        sb.append("ast=");
        sb.append(securityToken);
        return sb.toString();
    }

    protected static String getStageID() {
        return null;
    }

    public static final String getSecurityToken(IDIFContext iDIFContext) throws CryptoException, UnsupportedEncodingException {
        DIFUserInSession user;
        IDIFSession session = iDIFContext.getSession();
        String str = "anonymous";
        if (session.isLogged() && (user = session.getUser()) != null) {
            str = user.getID();
        }
        return DIFEncryptator.encode(CollectionUtils.toMap(SESSION_ID_PART, session.getSessionID(), USER_ID_PART, str));
    }

    public static final boolean isSecurityTokenValid(String str, IDIFContext iDIFContext) throws CryptoException, UnsupportedEncodingException {
        DIFUserInSession user;
        if (StringUtils.isBlank(str)) {
            return false;
        }
        Map<String, Object> decodeMap = DIFEncryptator.decodeMap(StringEscapeUtils.unescapeHtml(str));
        IDIFSession session = iDIFContext.getSession();
        String str2 = "anonymous";
        if (session.isLogged() && (user = session.getUser()) != null) {
            str2 = user.getID();
        }
        return session.getSessionID().equals(decodeMap.get(SESSION_ID_PART)) && str2.equals(decodeMap.get(USER_ID_PART));
    }

    @Init
    protected void init() throws InvalidAccessException, CryptoException, UnsupportedEncodingException {
        if (!isSecurityTokenValid(this.securityToken, this.context)) {
            throw new InvalidAccessException("Must provide a valid security token!");
        }
    }
}
