package com.ohaotian.plugin.security.controller;

import com.alibaba.boot.hsf.annotation.HSFConsumer;
import com.alibaba.fastjson.JSON;
import com.ohaotian.authority.application.bo.ApplicationBO;
import com.ohaotian.authority.application.bo.SelectApplicationByUserReqBO;
import com.ohaotian.authority.application.bo.SelectByApplicationCodeReqBO;
import com.ohaotian.authority.application.bo.SelectByApplicationCodeRspBO;
import com.ohaotian.authority.application.service.SelectApplicationByUserBusiService;
import com.ohaotian.authority.application.service.SelectByApplicationCodeBusiService;
import com.ohaotian.authority.logger.bo.SaveLoginLogReqBO;
import com.ohaotian.authority.logger.service.SaveLoginLogBusiService;
import com.ohaotian.authority.login.bo.LoginExpTimeReqBO;
import com.ohaotian.authority.login.bo.LoginGetPicVfCodeReqBO;
import com.ohaotian.authority.login.bo.LoginGetPicVfCodeRspBO;
import com.ohaotian.authority.login.service.LoginGetPicVfCodeService;
import com.ohaotian.authority.login.service.LoginService;
import com.ohaotian.authority.organisation.bo.OrganisationIdReqBO;
import com.ohaotian.authority.organisation.bo.RspOrganisationBO;
import com.ohaotian.authority.organisation.service.SelectOrganisationByOrgIdService;
import com.ohaotian.authority.tenant.bo.TenantIdBO;
import com.ohaotian.authority.tenant.bo.TenantRspBO;
import com.ohaotian.authority.tenant.service.SelectTenantByIdService;
import com.ohaotian.authority.user.bo.SelectUserByLoginNameReqBO;
import com.ohaotian.authority.user.bo.SelectUserByLoginNameRspBO;
import com.ohaotian.authority.user.service.SelectUserByLoginNameService;
import com.ohaotian.plugin.base.annotation.BusiResponseBody;
import com.ohaotian.plugin.base.bo.RspMapInfoBO;
import com.ohaotian.plugin.base.exception.ZTBusinessException;
import com.ohaotian.plugin.cache.CacheClient;
import com.ohaotian.plugin.common.util.IPUtils;
import com.ohaotian.plugin.security.entity.LoginReqBO;
import com.ohaotian.plugin.security.entity.MenuInfo;
import com.ohaotian.plugin.security.entity.UserInfo;
import com.ohaotian.plugin.security.jwt.Jwt;
import com.ohaotian.plugin.security.service.AutzQueryService;
import com.ohaotian.plugin.security.utils.AesUtil;
import com.ohaotian.plugin.security.utils.SecurityHelper;
import com.ohaotian.plugin.security.utils.UserAgent;
import com.ohaotian.plugin.security.utils.UserAgentUtil;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
/* loaded from: input_file:com/ohaotian/plugin/security/controller/PermissionsController.class */
public class PermissionsController {
    private static final Logger LOGGER = LoggerFactory.getLogger(PermissionsController.class);

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private SelectApplicationByUserBusiService selectApplicationByUserBusiService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private SelectByApplicationCodeBusiService selectByApplicationCodeBusiService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private SelectUserByLoginNameService selectUserByLoginNameService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private SelectTenantByIdService selectTenantByIdService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private SelectOrganisationByOrgIdService selectOrganisationByOrgIdService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private SaveLoginLogBusiService saveLoginLogBusiService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private LoginService loginService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private LoginGetPicVfCodeService loginGetPicVfCodeService;

    @Autowired
    private AutzQueryService autzQueryService;

    @Autowired
    private CacheClient cacheService;

    @Value("${login.expTime:7200}")
    private int expTime;

    @Value("${login.loginNum:3}")
    private Integer loginNum;

    @Value("${login.lockTime:86400}")
    private int loginLockTime;

    @Value("${login.vfType:1}")
    private int vfType;

    @Value("${login.defaultVfCode:true}")
    private Boolean defaultVfFlag;

    @Value("${login.defaultVfCode:1111}")
    private String defaultVfCode;

    @Value("${login.originalKey:1234567890123456}")
    private String ORIGINAL_KEY;
    private static final int OFFSET = 4;

    @RequestMapping(value = {"/auth/getUserMenus"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object getUserMenus(@RequestParam(required = false) String str) {
        UserInfo currentUser = SecurityHelper.getCurrentUser();
        if (currentUser == null) {
            throw new ZTBusinessException("未获取到当前用户对应菜单");
        }
        HashMap hashMap = new HashMap();
        LOGGER.debug("getUserMenus" + str);
        if (StringUtils.isNoneEmpty(new CharSequence[]{str})) {
            Map<String, List<MenuInfo>> menus = currentUser.getMenus();
            SelectByApplicationCodeReqBO selectByApplicationCodeReqBO = new SelectByApplicationCodeReqBO();
            selectByApplicationCodeReqBO.setApplicationCode(str);
            SelectByApplicationCodeRspBO selectByApplicationCode = this.selectByApplicationCodeBusiService.selectByApplicationCode(selectByApplicationCodeReqBO);
            hashMap.put("menus", menus.get(str));
            if (selectByApplicationCode != null) {
                hashMap.put("appName", selectByApplicationCode.getApplicationBO().getApplicationName());
            }
        } else {
            SelectApplicationByUserReqBO selectApplicationByUserReqBO = new SelectApplicationByUserReqBO();
            selectApplicationByUserReqBO.setUserId(currentUser.getUserId());
            selectApplicationByUserReqBO.setOrgPath(currentUser.getOrgPath());
            List applicationBOS = this.selectApplicationByUserBusiService.selectApplicationByUser(selectApplicationByUserReqBO).getApplicationBOS();
            if (applicationBOS != null && applicationBOS.size() > 0) {
                ApplicationBO applicationBO = (ApplicationBO) applicationBOS.get(0);
                hashMap.put("appName", applicationBO.getApplicationName());
                hashMap.put("isExt", applicationBO.getIsExt());
                hashMap.put("menus", currentUser.getMenus().get(applicationBO.getApplicationCode()));
            }
        }
        RspMapInfoBO rspMapInfoBO = new RspMapInfoBO();
        rspMapInfoBO.setData(hashMap);
        return rspMapInfoBO;
    }

    @RequestMapping(value = {"/auth/havePerms"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object havePerms(@RequestParam String[] strArr) {
        UserInfo currentUser = SecurityHelper.getCurrentUser();
        if (currentUser == null) {
            throw new ZTBusinessException("未获取到当前用户对应菜单");
        }
        RspMapInfoBO rspMapInfoBO = new RspMapInfoBO();
        HashMap hashMap = new HashMap();
        for (String str : strArr) {
            hashMap.put(str, Boolean.valueOf(currentUser.hasAuthority(str)));
        }
        rspMapInfoBO.setData(hashMap);
        return rspMapInfoBO;
    }

    @RequestMapping(value = {"/auth/getUserPerms"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object getUserPerms(HttpServletResponse httpServletResponse) {
        UserInfo currentUser = SecurityHelper.getCurrentUser();
        if (currentUser == null) {
            throw new ZTBusinessException("未获取到当前用户对应菜单");
        }
        HashSet hashSet = new HashSet();
        currentUser.getPermission().forEach(authorityInfo -> {
            hashSet.add(authorityInfo.getKey());
        });
        if (hashSet != null) {
            Cookie cookie = null;
            try {
                cookie = new Cookie("permission", URLEncoder.encode(JSON.toJSONString(hashSet), "utf-8"));
                cookie.setPath("/");
            } catch (UnsupportedEncodingException e) {
                LOGGER.error("生成cookie异常", e);
                e.printStackTrace();
            }
            LOGGER.debug("写入cookie" + JSON.toJSONString(cookie));
            httpServletResponse.addCookie(cookie);
            LOGGER.debug("写入cookie结束" + JSON.toJSONString(cookie));
        }
        return hashSet;
    }

    @RequestMapping(value = {"/auth/getUserInfo"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object getUserInfo() {
        UserInfo currentUser = SecurityHelper.getCurrentUser();
        LOGGER.debug(JSON.toJSONString(currentUser));
        if (currentUser == null) {
            throw new ZTBusinessException("未获取到当前用户登录信息");
        }
        UserInfo userInfo = new UserInfo();
        BeanUtils.copyProperties(currentUser, userInfo);
        if (StringUtils.isNotBlank(userInfo.getCellphone()) && userInfo.getCellphone().length() == 11) {
            userInfo.setCellphone(userInfo.getCellphone().substring(0, 3) + "*****" + userInfo.getCellphone().substring(8, 11));
        }
        return userInfo;
    }

    @RequestMapping(value = {"/auth/getFullUserInfo"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object getFullUserInfo() {
        UserInfo currentUser = SecurityHelper.getCurrentUser();
        if (currentUser != null) {
            return currentUser;
        }
        throw new ZTBusinessException("未获取到当前用户登录信息");
    }

    @RequestMapping(value = {"/auth/users/signup/login"}, method = {RequestMethod.POST})
    @BusiResponseBody
    public Object getToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody LoginReqBO loginReqBO) {
        HashMap hashMap = new HashMap();
        Date date = new Date();
        UserInfo userInfo = new UserInfo();
        if (StringUtils.isNoneBlank(new CharSequence[]{loginReqBO.getLoginName()}) && StringUtils.isNoneBlank(new CharSequence[]{loginReqBO.getPassWord()})) {
            Integer num = (Integer) this.cacheService.get("cas" + loginReqBO.getLoginName());
            if (num != null && num.equals(this.loginNum)) {
                throw new ZTBusinessException("您已连续输入错误" + this.loginNum + "次，禁止当前用户登录");
            }
            if (num == null) {
                num = 0;
            }
            LoginGetPicVfCodeReqBO loginGetPicVfCodeReqBO = new LoginGetPicVfCodeReqBO();
            String id = httpServletRequest.getSession().getId();
            loginGetPicVfCodeReqBO.setIp(id);
            loginGetPicVfCodeReqBO.setVfCode(loginReqBO.getVfCode());
            if (this.vfType == 1 && (!this.defaultVfCode.equals(loginReqBO.getVfCode()) || !this.defaultVfFlag.booleanValue())) {
                LoginGetPicVfCodeRspBO checkVfCode = this.loginGetPicVfCodeService.checkVfCode(loginGetPicVfCodeReqBO);
                if (!"0".equals(checkVfCode.getCode())) {
                    throw new ZTBusinessException(checkVfCode.getMessage());
                }
            } else if (this.vfType == 2 && (!this.defaultVfCode.equals(loginReqBO.getVfCode()) || !this.defaultVfFlag.booleanValue())) {
                Integer currentIdCaptcha = this.autzQueryService.getCurrentIdCaptcha(id);
                if (Integer.valueOf(loginReqBO.getVfCode()).intValue() >= currentIdCaptcha.intValue() + OFFSET || Integer.valueOf(loginReqBO.getVfCode()).intValue() <= currentIdCaptcha.intValue() - OFFSET) {
                    throw new ZTBusinessException("授权失败，缺少必要的参数");
                }
                this.autzQueryService.putCurrentIpCode(id);
            }
            LOGGER.debug("密文:{}", loginReqBO.getPassWord());
            LOGGER.debug("密钥:{}", this.ORIGINAL_KEY);
            String decryptStr = AesUtil.decryptStr(loginReqBO.getPassWord(), this.ORIGINAL_KEY);
            LOGGER.debug("明文:{}", decryptStr);
            loginReqBO.setPassWord(decryptStr);
            SelectUserByLoginNameReqBO selectUserByLoginNameReqBO = new SelectUserByLoginNameReqBO();
            selectUserByLoginNameReqBO.setUsername(loginReqBO.getLoginName());
            selectUserByLoginNameReqBO.setPassword(loginReqBO.getPassWord());
            selectUserByLoginNameReqBO.setType((String) null);
            SelectUserByLoginNameRspBO selectUserByLoginNameService = this.selectUserByLoginNameService.selectUserByLoginNameService(selectUserByLoginNameReqBO);
            if (selectUserByLoginNameService == null) {
                Integer valueOf = Integer.valueOf(num.intValue() + 1);
                this.cacheService.set("cas" + loginReqBO.getLoginName(), valueOf, this.loginLockTime);
                Integer valueOf2 = Integer.valueOf(this.loginNum.intValue() - valueOf.intValue());
                throw new ZTBusinessException(valueOf2.intValue() > 0 ? "用户或密码错误,您还有" + valueOf2 + "次机会！" : "您已连续输入错误" + this.loginNum + "次，禁止当前用户登录");
            }
            hashMap.put("userId", selectUserByLoginNameService.getUserId());
            BeanUtils.copyProperties(selectUserByLoginNameService, userInfo);
            userInfo.setUsername(selectUserByLoginNameService.getLoginName());
            if (selectUserByLoginNameService.getStatus().intValue() == 1) {
                throw new ZTBusinessException("用户状态无效，无法登陆！");
            }
            selectUserByLoginNameService.getUserId();
            if (selectUserByLoginNameService.getTenantId() != null) {
                TenantIdBO tenantIdBO = new TenantIdBO();
                tenantIdBO.setTenantId(selectUserByLoginNameService.getTenantId());
                TenantRspBO selectTenantById = this.selectTenantByIdService.selectTenantById(tenantIdBO);
                if (selectTenantById != null && selectTenantById.getStatus().intValue() != 0) {
                    throw new ZTBusinessException("用户所属租户无效，无法登陆！");
                }
            }
            if (selectUserByLoginNameService.getOrgId() != null) {
                OrganisationIdReqBO organisationIdReqBO = new OrganisationIdReqBO();
                organisationIdReqBO.setOrganisationId(selectUserByLoginNameService.getOrgId());
                RspOrganisationBO selectOrganisationByOrgId = this.selectOrganisationByOrgIdService.selectOrganisationByOrgId(organisationIdReqBO);
                if (selectOrganisationByOrgId != null && selectOrganisationByOrgId.getStatus().intValue() != 0) {
                    throw new ZTBusinessException("用户所属机构无效，无法登陆！");
                }
            }
            try {
                SaveLoginLogReqBO saveLoginLogReqBO = new SaveLoginLogReqBO();
                saveLoginLogReqBO.setLoginName(selectUserByLoginNameService.getLoginName());
                UserAgent userAgent = UserAgentUtil.getUserAgent(httpServletRequest.getHeader("user-agent"));
                saveLoginLogReqBO.setMacOs(userAgent.getPlatformType());
                saveLoginLogReqBO.setBrowser(userAgent.getBrowserType());
                saveLoginLogReqBO.setHost(IPUtils.getIp(httpServletRequest));
                saveLoginLogReqBO.setTenantId(selectUserByLoginNameService.getTenantId());
                this.saveLoginLogBusiService.saveLoginLog(saveLoginLogReqBO);
                saveLoginLogReqBO.setMacInfo("登录成功");
            } catch (Exception e) {
                LOGGER.error("记录登录日志错误信息", e);
            }
            this.cacheService.delete("cas" + loginReqBO.getLoginName());
        } else {
            if (loginReqBO.getUserId() == null || loginReqBO.getUserId().longValue() == 0) {
                throw new ZTBusinessException("授权失败，缺少必要的参数");
            }
            if (this.defaultVfCode.equals(loginReqBO.getVfCode()) && this.defaultVfFlag.booleanValue()) {
                hashMap.put("userId", loginReqBO.getUserId());
            } else {
                if (!((String) this.cacheService.get("loginVfCode" + loginReqBO.getUserId())).equals(loginReqBO.getVfCode())) {
                    throw new ZTBusinessException("验证过期，用户ID授权失败");
                }
                hashMap.put("userId", loginReqBO.getUserId());
                this.cacheService.delete("loginVfCode" + loginReqBO.getUserId());
            }
        }
        SaveLoginLogReqBO saveLoginLogReqBO2 = new SaveLoginLogReqBO();
        saveLoginLogReqBO2.setLoginName(loginReqBO.getLoginName());
        UserAgent userAgent2 = UserAgentUtil.getUserAgent(httpServletRequest.getHeader("user-agent"));
        saveLoginLogReqBO2.setMacOs(userAgent2.getPlatformType());
        saveLoginLogReqBO2.setBrowser(userAgent2.getBrowserType());
        saveLoginLogReqBO2.setHost(IPUtils.getIp(httpServletRequest));
        saveLoginLogReqBO2.setTenantId(userInfo.getTenantId());
        LOGGER.debug("调用权限中心保存登陆日志入参为" + JSON.toJSONString(saveLoginLogReqBO2));
        this.saveLoginLogBusiService.saveLoginLog(saveLoginLogReqBO2);
        hashMap.put("iat", Long.valueOf(date.getTime()));
        String loginSource = !StringUtils.isEmpty(loginReqBO.getLoginSource()) ? loginReqBO.getLoginSource() : "defaltSource";
        hashMap.put("loginSource", loginSource);
        String createToken = Jwt.createToken(hashMap);
        if (StringUtils.isBlank(createToken)) {
            throw new ZTBusinessException("授权失败");
        }
        LoginExpTimeReqBO loginExpTimeReqBO = new LoginExpTimeReqBO();
        loginExpTimeReqBO.setToken(createToken);
        loginExpTimeReqBO.setUserId(userInfo.getUserId());
        loginExpTimeReqBO.setLoginSource(loginSource);
        this.loginService.uniqueLogin(loginExpTimeReqBO);
        this.loginService.updateLoginExpTime(loginExpTimeReqBO);
        this.loginService.logIn(loginExpTimeReqBO);
        RspMapInfoBO rspMapInfoBO = new RspMapInfoBO();
        HashMap hashMap2 = new HashMap();
        Cookie cookie = new Cookie("auth-token", createToken);
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
        hashMap2.put("token", createToken);
        rspMapInfoBO.setData(hashMap2);
        return rspMapInfoBO;
    }

    @RequestMapping(value = {"/auth/users/signup/getVfcode"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object getPicVfCode(HttpServletRequest httpServletRequest, @RequestBody LoginGetPicVfCodeReqBO loginGetPicVfCodeReqBO) {
        loginGetPicVfCodeReqBO.setIp(httpServletRequest.getSession().getId());
        return this.loginGetPicVfCodeService.getPicVfCode(loginGetPicVfCodeReqBO);
    }

    @RequestMapping(value = {"/auth/users/signup/logout"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object logout(HttpServletRequest httpServletRequest, @RequestBody LoginExpTimeReqBO loginExpTimeReqBO) {
        String header = httpServletRequest.getHeader("auth-token");
        LoginExpTimeReqBO loginExpTimeReqBO2 = new LoginExpTimeReqBO();
        loginExpTimeReqBO2.setToken(header);
        return this.loginService.logOut(loginExpTimeReqBO2);
    }
}
