package com.tydic.umc.security.controller;

import com.alibaba.fastjson.JSON;
import com.ohaotian.plugin.base.annotation.BusiResponseBody;
import com.ohaotian.plugin.base.exception.ZTBusinessException;
import com.ohaotian.plugin.cache.CacheClient;
import com.ohaotian.plugin.common.util.IPUtils;
import com.tydic.dyc.authority.service.user.bo.AuthCustInfoBo;
import com.tydic.dyc.authority.service.user.bo.AuthUserInfoBo;
import com.tydic.dyc.authority.service.user.bo.AuthUserTagRelBo;
import com.tydic.umc.general.ability.bo.UmcGetPicVfCodeAbilityReqBO;
import com.tydic.umc.security.base.SecurityCommConstant;
import com.tydic.umc.security.base.SecurityRspConstant;
import com.tydic.umc.security.entity.UserInfo;
import com.tydic.umc.security.jwt.UmcJwt;
import com.tydic.umc.security.service.AutzQueryService;
import com.tydic.umc.security.service.LoginServcie;
import com.tydic.umc.security.service.PicVfCodeService;
import com.tydic.umc.security.service.VerifyCodeService;
import com.tydic.umc.security.service.bo.GetPicVfCodeReqBO;
import com.tydic.umc.security.service.bo.LoginExpTimeReqBO;
import com.tydic.umc.security.service.bo.LoginExpTimeRspBO;
import com.tydic.umc.security.service.bo.LoginReqBo;
import com.tydic.umc.security.service.bo.LoginRspBo;
import com.tydic.umc.security.service.bo.VerifyCodeReqBo;
import com.tydic.umc.security.service.bo.VerifyCodeRspBo;
import java.util.Date;
import java.util.HashMap;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.util.CollectionUtils;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@RestController
/* loaded from: input_file:com/tydic/umc/security/controller/PermissionsController.class */
public class PermissionsController {
    private static final Logger log = LoggerFactory.getLogger(PermissionsController.class);

    @Autowired
    private CacheClient cacheService;

    @Value("${login.expTime:7200}")
    private int expTime;

    @Value("${login.loginNum:3}")
    private Integer loginNum;

    @Value("${login.lockTime:86400}")
    private int loginLockTime;

    @Value("${login.vfType:1}")
    private String vfType;

    @Value("${login.defaultVfFlag:true}")
    private Boolean defaultVfFlag;

    @Value("${login.defaultVfCode:1111}")
    private String defaultVfCode;

    @Value("${login.topDomainCookieFlag:false}")
    private Boolean topDomainCookieFlag;

    @Value("${login.topDomain:a.com}")
    private String topDomain;

    @Value("${login.originalKey:12345678901234561234567890123456}")
    private String ORIGINAL_KEY;

    @Value("${login.checkSessionJwt:false}")
    private Boolean checkSessionJwt;
    private static final int OFFSET = 4;
    private static final String MOBILE_CODE_LOGIN = "2";
    private static final String ACCOUNT_PWD_LOGIN = "1";

    @Autowired
    private PicVfCodeService picVfCodeService;

    @Autowired
    private AutzQueryService autzQueryService;

    @Autowired
    private LoginServcie loginServcie;
    private static final String sendVfCodePcLogin = "login_vf_code";

    @Value("${sendVfCode.pc.login.rate:180}")
    private int pcLoginVfCodeRate;

    @Autowired
    VerifyCodeService verifyCodeService;

    @RequestMapping(value = {"/umc/users/signup/getVfcode"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object getPicVfCode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody GetPicVfCodeReqBO getPicVfCodeReqBO) {
        String id = httpServletRequest.getSession().getId();
        Cookie cookie = new Cookie("VF_CODE_SESSION_ID", id);
        if (this.topDomainCookieFlag.booleanValue()) {
            cookie.setDomain(this.topDomain);
        }
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
        getPicVfCodeReqBO.setSessionId(id);
        getPicVfCodeReqBO.setIp(IPUtils.getIp(httpServletRequest));
        return this.picVfCodeService.getPicVfCode(getPicVfCodeReqBO);
    }

    @RequestMapping(value = {"/umc/users/signup/login"}, method = {RequestMethod.POST})
    @BusiResponseBody
    public Object getIToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody LoginReqBo loginReqBo) {
        LoginRspBo loginRspBo = new LoginRspBo();
        HashMap hashMap = new HashMap();
        log.debug("登录入参:{}", JSON.toJSONString(loginReqBo));
        Cookie[] cookies = httpServletRequest.getCookies();
        String str = null;
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals("VF_CODE_SESSION_ID")) {
                    str = cookie.getValue();
                }
            }
        }
        log.debug("sessionId:{}", str);
        UserInfo userInfo = new UserInfo();
        GetPicVfCodeReqBO getPicVfCodeReqBO = new GetPicVfCodeReqBO();
        getPicVfCodeReqBO.setIp(str);
        getPicVfCodeReqBO.setVfCode(loginReqBo.getVfCode());
        loginReqBo.setAgent(httpServletRequest.getHeader("user-agent").trim().replaceAll(" ", "").replaceAll("like", ""));
        loginReqBo.setIp(IPUtils.getIp(httpServletRequest));
        LoginRspBo login = this.loginServcie.login(loginReqBo);
        if (SecurityRspConstant.RESP_CODE_SUCCESS.equals(login.getRespCode())) {
            AuthUserInfoBo userInfo2 = login.getUserInfo();
            AuthCustInfoBo custInfo = login.getCustInfo();
            hashMap.put("userId", userInfo2.getUserId());
            if (CollectionUtils.isEmpty(userInfo2.getUserTagRelList())) {
                hashMap.put("tagId", ((AuthUserTagRelBo) userInfo2.getUserTagRelList().get(0)).getTagId());
            }
            BeanUtils.copyProperties(login, userInfo);
            userInfo.setUsername(custInfo.getLoginName());
        }
        if (StringUtils.isNoneBlank(new CharSequence[]{loginReqBo.getAppCode()})) {
            hashMap.put("appCode", loginReqBo.getAppCode());
        }
        hashMap.put("iat", Long.valueOf(new Date().getTime()));
        hashMap.put("referer", httpServletRequest.getHeader("referer"));
        if (this.checkSessionJwt.booleanValue()) {
            hashMap.put("sessionId", httpServletRequest.getSession().getId());
        }
        String loginSource = !StringUtils.isEmpty(loginReqBo.getLoginSource()) ? loginReqBo.getLoginSource() : "defaltSource";
        hashMap.put(SecurityCommConstant.LOGIN.LOGIN_SOURCE, loginSource);
        String createToken = UmcJwt.createToken(hashMap);
        if (StringUtils.isBlank(createToken)) {
            throw new ZTBusinessException("授权失败");
        }
        LoginExpTimeReqBO loginExpTimeReqBO = new LoginExpTimeReqBO();
        loginExpTimeReqBO.setToken(createToken);
        loginExpTimeReqBO.setUserId(userInfo.getUserId());
        loginExpTimeReqBO.setLoginSource(loginSource);
        LoginExpTimeRspBO updateLoginExpTime = this.loginServcie.updateLoginExpTime(loginExpTimeReqBO);
        this.loginServcie.uniqueLogin(loginExpTimeReqBO);
        this.cacheService.set(createToken + SecurityCommConstant.LOGIN.LOGIN_SOURCE, loginSource, this.expTime);
        loginRspBo.setToken(createToken);
        loginRspBo.setLoginExpTime(updateLoginExpTime.getExpTime());
        loginRspBo.setRespCode(SecurityRspConstant.RESP_CODE_SUCCESS);
        loginRspBo.setRespDesc(SecurityRspConstant.RESP_DESC_SUCCESS);
        Cookie cookie2 = new Cookie("auth-token", createToken);
        if (this.topDomainCookieFlag.booleanValue()) {
            cookie2.setDomain(this.topDomain);
        }
        cookie2.setPath("/");
        httpServletResponse.addCookie(cookie2);
        return loginRspBo;
    }

    @RequestMapping(value = {"/umc/users/signup/logout"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody UmcGetPicVfCodeAbilityReqBO umcGetPicVfCodeAbilityReqBO) {
        String header = httpServletRequest.getHeader("auth-token");
        LoginExpTimeReqBO loginExpTimeReqBO = new LoginExpTimeReqBO();
        loginExpTimeReqBO.setToken(header);
        LoginExpTimeRspBO logOut = this.loginServcie.logOut(loginExpTimeReqBO);
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals("auth-token")) {
                    Cookie cookie2 = new Cookie(cookie.getName(), (String) null);
                    if (this.topDomainCookieFlag.booleanValue()) {
                        cookie2.setDomain(this.topDomain);
                    }
                    cookie2.setPath("/");
                    cookie2.setMaxAge(0);
                    httpServletResponse.addCookie(cookie2);
                }
            }
        }
        return logOut;
    }

    @RequestMapping(value = {"/umc/users/signup/getPcLoginMobileVfCode"}, method = {RequestMethod.GET, RequestMethod.POST})
    @BusiResponseBody
    public Object getPcLoginMobileVfCode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody VerifyCodeReqBo verifyCodeReqBo) {
        if (null != this.cacheService.get(sendVfCodePcLogin + verifyCodeReqBo.getVerifyValue())) {
            throw new ZTBusinessException(this.pcLoginVfCodeRate + "秒只能发送一次验证码");
        }
        String id = httpServletRequest.getSession().getId();
        Cookie cookie = new Cookie("VF_CODE_SESSION_ID", id);
        if (this.topDomainCookieFlag.booleanValue()) {
            cookie.setDomain(this.topDomain);
        }
        cookie.setPath("/");
        httpServletResponse.addCookie(cookie);
        if (null != this.cacheService.get(sendVfCodePcLogin + id)) {
            throw new ZTBusinessException(this.pcLoginVfCodeRate + "秒只能发送一次验证码");
        }
        this.cacheService.set(sendVfCodePcLogin + verifyCodeReqBo.getVerifyValue(), verifyCodeReqBo.getVerifyValue(), this.pcLoginVfCodeRate);
        this.cacheService.set(sendVfCodePcLogin + id, id, this.pcLoginVfCodeRate);
        verifyCodeReqBo.setVerifyValue(verifyCodeReqBo.getVerifyValue());
        verifyCodeReqBo.setBusiKey(sendVfCodePcLogin);
        verifyCodeReqBo.setMobilePhone(verifyCodeReqBo.getMobilePhone());
        verifyCodeReqBo.setVerifyCodeExpireTime(Integer.valueOf(this.pcLoginVfCodeRate));
        VerifyCodeRspBo verifyCodeForTemp = this.verifyCodeService.getVerifyCodeForTemp(verifyCodeReqBo);
        if (SecurityRspConstant.RESP_CODE_SUCCESS.equals(verifyCodeForTemp.getRespCode())) {
            return verifyCodeForTemp;
        }
        throw new ZTBusinessException(verifyCodeForTemp.getRespDesc());
    }

    @RequestMapping(value = {"/umc/users/signup/login/pc/mobile"}, method = {RequestMethod.POST})
    @BusiResponseBody
    public Object getPcTokenByMobile(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody LoginReqBo loginReqBo) {
        loginReqBo.setVfCode(this.defaultVfCode);
        loginReqBo.setLoginType("2");
        return getIToken(httpServletRequest, httpServletResponse, loginReqBo);
    }
}
