package org.apache.dubbo.admin.controller;

import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import org.apache.commons.lang3.StringUtils;
import org.apache.dubbo.admin.annotation.Authority;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.security.oauth2.client.OAuth2SsoProperties;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@RequestMapping({"/api/{env}/user"})
@RestController
/* loaded from: input_file:BOOT-INF/classes/org/apache/dubbo/admin/controller/UserController.class */
public class UserController {
    public static Map<String, User> tokenMap = new ConcurrentHashMap();

    @Value("${admin.root.user.name:}")
    private String rootUserName;

    @Value("${admin.root.user.password:}")
    private String rootUserPassword;

    @Value("${admin.check.sessionTimeoutMilli:3600000}")
    private long sessionTimeoutMilli;

    /* loaded from: input_file:BOOT-INF/classes/org/apache/dubbo/admin/controller/UserController$User.class */
    public static class User {
        private String userName;
        private long lastUpdateTime;

        public String getUserName() {
            return this.userName;
        }

        public void setUserName(String str) {
            this.userName = str;
        }

        public long getLastUpdateTime() {
            return this.lastUpdateTime;
        }

        public void setLastUpdateTime(long j) {
            this.lastUpdateTime = j;
        }
    }

    @RequestMapping(value = {OAuth2SsoProperties.DEFAULT_LOGIN_PATH}, method = {RequestMethod.GET})
    public String login(@RequestParam String str, @RequestParam String str2) {
        if (!StringUtils.isBlank(this.rootUserName) && (!this.rootUserName.equals(str) || !this.rootUserPassword.equals(str2))) {
            return null;
        }
        String uuid = UUID.randomUUID().toString();
        User user = new User();
        user.setUserName(str);
        user.setLastUpdateTime(System.currentTimeMillis());
        tokenMap.put(uuid, user);
        return uuid;
    }

    @RequestMapping(value = {"/logout"}, method = {RequestMethod.DELETE})
    @Authority(needLogin = true)
    public boolean logout() {
        return null != tokenMap.remove(((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest().getHeader("Authorization"));
    }

    @Scheduled(cron = "0 5 * * * ?")
    public void clearExpiredToken() {
        tokenMap.entrySet().removeIf(entry -> {
            return entry.getValue() == null || System.currentTimeMillis() - ((User) entry.getValue()).getLastUpdateTime() > this.sessionTimeoutMilli;
        });
    }
}
