package com.chinaunicom.number.security.realm;

import com.chinaunicom.function.bo.ReqInfoBO;
import com.chinaunicom.user.busi.constant.MenuLevelConstants;
import com.chinaunicom.user.function.CommonMenuFunService;
import com.chinaunicom.user.function.bo.RspCommonMenuBO;
import com.chinaunicom.user.function.bo.RspUsedMenuDataBO;
import com.ohaotian.base.cache.CacheService;
import com.tydic.esb.sysmgr.domain.SysPermission;
import com.tydic.esb.sysmgr.domain.UserDetails;
import com.tydic.esb.sysmgr.po.AuthMenu;
import com.tydic.esb.sysmgr.po.ChannelPO;
import com.tydic.esb.sysmgr.po.OrgDepart;
import com.tydic.esb.sysmgr.service.AuthMenuService;
import com.tydic.esb.sysmgr.service.UserAccountRelationService;
import com.tydic.esb.sysmgr.service.UserService;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cas.CasAuthenticationException;
import org.apache.shiro.cas.CasRealm;
import org.apache.shiro.cas.CasToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.util.StringUtils;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.validation.TicketValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/chinaunicom/number/security/realm/MyCasRealm.class */
public class MyCasRealm extends CasRealm {
    private static Logger log = LoggerFactory.getLogger(MyCasRealm.class);
    private UserService userService;
    private UserAccountRelationService userAccountRelationService;
    private CacheService cacheService;
    private AuthMenuService menuService;
    private CommonMenuFunService commonMenuFunService;

    /* loaded from: input_file:com/chinaunicom/number/security/realm/MyCasRealm$miTM.class */
    static class miTM implements TrustManager, X509TrustManager {
        miTM() {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }

        public boolean isServerTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }

        public boolean isClientTrusted(X509Certificate[] x509CertificateArr) {
            return true;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        }
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        CasToken casToken = (CasToken) authenticationToken;
        if (authenticationToken == null) {
            return null;
        }
        String str = (String) casToken.getCredentials();
        if (!StringUtils.hasText(str)) {
            return null;
        }
        try {
            AttributePrincipal principal = ensureTicketValidator().validate(str, getCasService()).getPrincipal();
            String name = principal.getName();
            String substring = name.substring(3);
            if (this.userService.checkVerifyByUsername(substring)) {
                name = substring;
            }
            log.debug("Validate ticket : {} in CAS server : {} to retrieve user : {}", new Object[]{str, getCasServerUrlPrefix(), name});
            Map attributes = principal.getAttributes();
            casToken.setUserId(name);
            String str2 = (String) attributes.get(getRememberMeAttributeName());
            SecurityUtils.getSubject().getSession().setAttribute("lastLoginTM", (String) attributes.get("lastLoginTM"));
            SecurityUtils.getSubject().getSession().setAttribute("loginId", name);
            if (str2 != null && Boolean.parseBoolean(str2)) {
                casToken.setRememberMe(true);
            }
            log.debug("========获取的用户ID为：" + name);
            UserDetails queryUserByUsername = this.userService.queryUserByUsername(name, true);
            ReqInfoBO reqInfoBO = new ReqInfoBO();
            reqInfoBO.setStaffId(queryUserByUsername.getUsername());
            reqInfoBO.setProvinceCode(queryUserByUsername.getProvince_code());
            reqInfoBO.setCityCode(queryUserByUsername.getEparchy_code());
            reqInfoBO.setDistrictCode(queryUserByUsername.getCounty_code());
            reqInfoBO.setChannelId(queryUserByUsername.getChnlCode());
            OrgDepart orgDepart = queryUserByUsername.getOrgDepart();
            if (orgDepart != null) {
                reqInfoBO.setDepartId(orgDepart.getDepartCode());
                reqInfoBO.setDepartLevel(orgDepart.getDepartLevel());
            }
            ChannelPO channelPO = queryUserByUsername.getChannelPO();
            if (log.isDebugEnabled()) {
                log.debug("用户登录：" + reqInfoBO);
            }
            List<AuthMenu> permMenus = this.menuService.getPermMenus(reqInfoBO.getStaffId());
            List<AuthMenu> allSecondMenus = this.menuService.getAllSecondMenus();
            MenuLayOut menuLayOut = new MenuLayOut();
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            HashMap hashMap = new HashMap();
            ArrayList arrayList3 = new ArrayList();
            for (AuthMenu authMenu : permMenus) {
                if (authMenu.getParentId() != null && !authMenu.getAutoId().equals(authMenu.getRootId())) {
                    if (authMenu.getParentId().equals(authMenu.getRootId())) {
                        MenuInfo menuInfo = new MenuInfo();
                        menuInfo.setMenuId(authMenu.getAutoId());
                        menuInfo.setClassName(authMenu.getMenuCss());
                        menuInfo.setModuleType(authMenu.getMenuCode());
                        menuInfo.setFlag(authMenu.getMenuUrl());
                        menuInfo.setLabel(authMenu.getMenuName());
                        menuInfo.setState(authMenu.getMenuCode());
                        menuInfo.setTargetNewWindow(true);
                        arrayList.add(menuInfo);
                        hashMap.put(authMenu.getAutoId(), menuInfo);
                        arrayList3.add(authMenu.getAutoId());
                    }
                }
            }
            List homePage = this.menuService.getHomePage(arrayList3);
            String str3 = null;
            if (homePage != null && homePage.size() > 0) {
                str3 = (String) ((Map) homePage.get(0)).get("HOME_PAGE");
            }
            reqInfoBO.setHomePage(str3);
            ArrayList arrayList4 = new ArrayList();
            Iterator it = homePage.iterator();
            while (it.hasNext()) {
                arrayList4.add(((Map) it.next()).get("CENTER_CODE"));
            }
            reqInfoBO.setCenterCodes(arrayList4);
            for (AuthMenu authMenu2 : allSecondMenus) {
                if (authMenu2.getParentId() != null && !authMenu2.getAutoId().equals(authMenu2.getRootId())) {
                    if (authMenu2.getParentId().equals(authMenu2.getRootId())) {
                        MenuInfo menuInfo2 = new MenuInfo();
                        menuInfo2.setMenuId(authMenu2.getAutoId());
                        menuInfo2.setClassName(authMenu2.getMenuCss());
                        menuInfo2.setModuleType(authMenu2.getMenuCode());
                        menuInfo2.setFlag(authMenu2.getMenuUrl());
                        menuInfo2.setLabel(authMenu2.getMenuName());
                        menuInfo2.setState(authMenu2.getMenuCode());
                        menuInfo2.setTargetNewWindow(true);
                        arrayList2.add(menuInfo2);
                    }
                }
            }
            HashMap hashMap2 = new HashMap();
            HashMap hashMap3 = new HashMap();
            for (AuthMenu authMenu3 : permMenus) {
                if (hashMap.containsKey(authMenu3.getParentId())) {
                    MenuInfo menuInfo3 = new MenuInfo();
                    menuInfo3.setMenuId(authMenu3.getAutoId());
                    menuInfo3.setClassName(authMenu3.getMenuCss());
                    menuInfo3.setFlag(authMenu3.getMenuUrl());
                    menuInfo3.setLabel(authMenu3.getMenuName());
                    menuInfo3.setState(authMenu3.getMenuCode());
                    menuInfo3.setTargetNewWindow(false);
                    List list = (List) hashMap2.get(((MenuInfo) hashMap.get(authMenu3.getParentId())).getState());
                    if (list == null) {
                        list = new ArrayList();
                        hashMap2.put(((MenuInfo) hashMap.get(authMenu3.getParentId())).getState(), list);
                    }
                    list.add(menuInfo3);
                    hashMap3.put(authMenu3.getAutoId(), menuInfo3);
                }
            }
            ReqInfoBO reqInfoBO2 = new ReqInfoBO();
            reqInfoBO2.setStaffId(reqInfoBO.getStaffId());
            RspUsedMenuDataBO queryUserMenuList = this.commonMenuFunService.queryUserMenuList(reqInfoBO2);
            HashMap hashMap4 = new HashMap();
            for (AuthMenu authMenu4 : permMenus) {
                if (authMenu4.getDeep() == MenuLevelConstants.MENU_LEVEL_3 && "常用菜单".equals(authMenu4.getMenuName())) {
                    ArrayList arrayList5 = new ArrayList();
                    for (RspCommonMenuBO rspCommonMenuBO : queryUserMenuList.getCommonMenu()) {
                        MenuInfo menuInfo4 = new MenuInfo();
                        menuInfo4.setMenuId(Long.valueOf(Long.parseLong(rspCommonMenuBO.getMenuId())));
                        menuInfo4.setClassName("");
                        menuInfo4.setFlag(rspCommonMenuBO.getFlag());
                        menuInfo4.setLabel(rspCommonMenuBO.getLabel());
                        menuInfo4.setState(rspCommonMenuBO.getState());
                        arrayList5.add(menuInfo4);
                    }
                    hashMap4.put(authMenu4.getAutoId(), arrayList5);
                }
                if (hashMap3.containsKey(authMenu4.getParentId())) {
                    MenuInfo menuInfo5 = new MenuInfo();
                    menuInfo5.setMenuId(authMenu4.getAutoId());
                    menuInfo5.setClassName(authMenu4.getMenuCss());
                    menuInfo5.setFlag(authMenu4.getMenuUrl());
                    menuInfo5.setLabel(authMenu4.getMenuName());
                    menuInfo5.setState(authMenu4.getMenuCode());
                    List list2 = (List) hashMap4.get(authMenu4.getParentId());
                    if (list2 == null) {
                        list2 = new ArrayList();
                        hashMap4.put(authMenu4.getParentId(), list2);
                    }
                    list2.add(menuInfo5);
                }
            }
            for (MenuInfo menuInfo6 : hashMap3.values()) {
                List list3 = (List) hashMap4.get(menuInfo6.getMenuId());
                if (list3 != null) {
                    MenuInfo[] menuInfoArr = new MenuInfo[list3.size()];
                    list3.toArray(menuInfoArr);
                    menuInfo6.setSubMenu(menuInfoArr);
                }
            }
            MenuInfo[] menuInfoArr2 = new MenuInfo[arrayList.size()];
            arrayList.toArray(menuInfoArr2);
            menuLayOut.setNavMenu(menuInfoArr2);
            MenuInfo[] menuInfoArr3 = new MenuInfo[arrayList2.size()];
            arrayList2.toArray(menuInfoArr3);
            menuLayOut.setAllNavMenu(menuInfoArr3);
            HashMap hashMap5 = new HashMap();
            for (Map.Entry entry : hashMap2.entrySet()) {
                MenuInfo[] menuInfoArr4 = new MenuInfo[((List) entry.getValue()).size()];
                ((List) entry.getValue()).toArray(menuInfoArr4);
                hashMap5.put(entry.getKey(), menuInfoArr4);
            }
            menuLayOut.setLeftMenu(hashMap5);
            SecurityUtils.getSubject().getSession().setAttribute(MenuLayOut.MENU_LAY_OUT, menuLayOut);
            SecurityUtils.getSubject().getSession().setAttribute(MenuLayOut.MENU_LAY_OUT_AS_STRING, menuLayOut.toString());
            SecurityUtils.getSubject().getSession().setAttribute("USER_PERMS", queryUserByUsername.getPermissions());
            HashMap hashMap6 = new HashMap();
            String[] split = reqInfoBO.getStaffId().split("_");
            if (split.length >= 2) {
                hashMap6.put("staffId", reqInfoBO.getStaffId().substring(split[0].length() + 1, reqInfoBO.getStaffId().length()));
            } else {
                hashMap6.put("staffId", reqInfoBO.getStaffId());
            }
            hashMap6.put("staffName", queryUserByUsername.getName());
            if (orgDepart != null) {
                hashMap6.put("departName", orgDepart.getDepartName());
                hashMap6.put("departCode", orgDepart.getDepartCode());
                hashMap6.put("departLevel", orgDepart.getDepartLevel());
            }
            if (channelPO != null) {
                hashMap6.put("departName", channelPO.getChnlName());
                hashMap6.put("departCode", channelPO.getChnlCode());
            }
            Map queryUserAccountByAccountChangLog = this.userAccountRelationService.queryUserAccountByAccountChangLog(name);
            hashMap6.put("isChange", queryUserAccountByAccountChangLog.get("isChange").toString());
            hashMap6.put("userRelationList", queryUserAccountByAccountChangLog.get("userRelationList"));
            SecurityUtils.getSubject().getSession().setAttribute("LOGINED_INFO", hashMap6);
            log.debug("=========获取的用户信息是：" + reqInfoBO);
            this.cacheService.delete("PERMISSION_CACHE_INFO_");
            return new SimpleAuthenticationInfo(new SimplePrincipalCollection(reqInfoBO, getName()), str);
        } catch (Throwable th) {
            log.error("单点登录失败", th);
            if (th instanceof TicketValidationException) {
                throw new CasAuthenticationException("Unable to validate ticket [" + str + "]", th);
            }
            throw new CasAuthenticationException("单点登录失败 [" + str + "]", th);
        }
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        log.debug("----doGetAuthorizationInfo start ------");
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        Set set = (Set) SecurityUtils.getSubject().getSession().getAttribute("USER_PERMS");
        if (set != null) {
            Iterator it = set.iterator();
            while (it.hasNext()) {
                simpleAuthorizationInfo.addStringPermission(((SysPermission) it.next()).getValue());
            }
        }
        log.debug("----doGetAuthorizationInfo end ------");
        return simpleAuthorizationInfo;
    }

    public void setUserService(UserService userService) {
        this.userService = userService;
    }

    public void setMenuService(AuthMenuService authMenuService) {
        this.menuService = authMenuService;
    }

    public void setCommonMenuFunService(CommonMenuFunService commonMenuFunService) {
        this.commonMenuFunService = commonMenuFunService;
    }

    public UserAccountRelationService getUserAccountRelationService() {
        return this.userAccountRelationService;
    }

    public void setUserAccountRelationService(UserAccountRelationService userAccountRelationService) {
        this.userAccountRelationService = userAccountRelationService;
    }

    public void setCacheService(CacheService cacheService) {
        this.cacheService = cacheService;
    }

    static {
        TrustManager[] trustManagerArr = {new miTM()};
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, trustManagerArr, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
            HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { // from class: com.chinaunicom.number.security.realm.MyCasRealm.1
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }
            });
        } catch (Throwable th) {
            throw new IllegalStateException("创建SSL工厂失败", th);
        }
    }
}
