package com.tydic.nicc.user.service.impl;

import com.alibaba.fastjson.JSONObject;
import com.baomidou.dynamic.datasource.annotation.DS;
import com.tydic.nicc.common.bo.user.OtherUserAuthReqBO;
import com.tydic.nicc.common.bo.user.UserAuthInfo;
import com.tydic.nicc.common.bo.user.UserJoinInfoBO;
import com.tydic.nicc.common.constants.RedisCacheKeyConstant;
import com.tydic.nicc.common.eums.EntityValidType;
import com.tydic.nicc.common.eums.SystemModelType;
import com.tydic.nicc.common.eums.im.ImOnlineStatus;
import com.tydic.nicc.common.eums.user.UserTypeField;
import com.tydic.nicc.dc.base.bo.Rsp;
import com.tydic.nicc.dc.boot.starter.redis.RedisHelper;
import com.tydic.nicc.dc.boot.starter.util.BaseRspUtils;
import com.tydic.nicc.framework.utils.DesensitizationUtil;
import com.tydic.nicc.framework.utils.NiccCommonUtil;
import com.tydic.nicc.user.api.UserAuthService;
import com.tydic.nicc.user.config.NiccUserConfigPropertiesBean;
import com.tydic.nicc.user.mapper.ImUserInfoMapper;
import com.tydic.nicc.user.mapper.UserAuthMapper;
import com.tydic.nicc.user.mapper.po.ImUserInfo;
import com.tydic.nicc.user.mapper.po.UserAuthConfig;
import com.tydic.nicc.user.service.AuthStrategyFactory;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import javax.annotation.Resource;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.dubbo.config.annotation.DubboService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;

@DS("nicc-user")
@DubboService(version = "${nicc-dc-config.dubbo-provider.version}", group = "${nicc-dc-config.dubbo-provider.group}", timeout = 10000)
/* loaded from: input_file:com/tydic/nicc/user/service/impl/UserAuthServiceImpl.class */
public class UserAuthServiceImpl implements UserAuthService {
    private static final Logger log = LoggerFactory.getLogger(UserAuthServiceImpl.class);

    @Resource
    private NiccUserConfigPropertiesBean niccUserConfigPropertiesBean;

    @Resource
    private UserAuthMapper userAuthMapper;

    @Resource
    private ImUserInfoMapper imUserInfoMapper;

    @Resource
    private AuthStrategyFactory authStrategyFactory;

    @Resource
    private RedisHelper redisHelper;

    public UserAuthConfig initUserAuthConfig(String str, String str2) {
        String str3 = "user:auth-config:" + str + str2;
        UserAuthConfig userAuthConfig = new UserAuthConfig();
        userAuthConfig.setTenantCode(str);
        try {
            UserAuthConfig userAuthConfig2 = (UserAuthConfig) this.redisHelper.get(str3);
            if (userAuthConfig2 == null) {
                userAuthConfig2 = this.userAuthMapper.selectByTenantCode(userAuthConfig);
                if (userAuthConfig2 != null) {
                    this.redisHelper.set(str3, userAuthConfig2, TimeUnit.MINUTES.toSeconds(10L));
                    return userAuthConfig2;
                }
            }
            return userAuthConfig2;
        } catch (Exception e) {
            log.error("查询用户认证配置异常:{}", e.getMessage());
            return this.userAuthMapper.selectByTenantCode(userAuthConfig);
        }
    }

    public Rsp<UserAuthInfo> authUser(String str) {
        try {
            UserJoinInfoBO userJoinInfoBO = (UserJoinInfoBO) JSONObject.parseObject(URLDecoder.decode(str, "UTF-8"), UserJoinInfoBO.class);
            log.info("用户参数:{}", userJoinInfoBO);
            if (SystemModelType.TENANT.getCode().equals(this.niccUserConfigPropertiesBean.getSystemModel()) && StringUtils.isEmpty(userJoinInfoBO.getTenantCode())) {
                return BaseRspUtils.createErrorRsp("租户模式下tenantCode不得为空!");
            }
            if (StringUtils.isEmpty(userJoinInfoBO.getUserId())) {
                if (!this.niccUserConfigPropertiesBean.getAllowGuest().booleanValue()) {
                    log.warn("当前系统不允许游客访问，请传入用户ID!");
                    return BaseRspUtils.createErrorRsp("当前系统不允许游客访问，请传入用户ID!");
                }
                UserAuthInfo userAuthInfo = new UserAuthInfo();
                userAuthInfo.setTenantCode(userJoinInfoBO.getTenantCode());
                userAuthInfo.setChannelCode(userJoinInfoBO.getChannelCode());
                userAuthInfo.setUserId(NiccCommonUtil.createGuestUID(this.niccUserConfigPropertiesBean.getUidMaskEnable().booleanValue()));
                userAuthInfo.setNickName(NiccCommonUtil.createGuestNickName());
                userAuthInfo.setUserType(UserTypeField.GUEST.getCode());
                userAuthInfo.setUserAvatar(this.niccUserConfigPropertiesBean.getGuestAvatar());
                userAuthInfo.setOnlineStatus(ImOnlineStatus.ONLINE.getCode());
                return BaseRspUtils.createSuccessRsp(userAuthInfo, "游客访问认证通过!");
            }
            long currentTimeMillis = System.currentTimeMillis();
            if (this.niccUserConfigPropertiesBean.getAuthEnable().booleanValue() && !userJoinInfoBO.getUserId().startsWith("guest_")) {
                UserAuthConfig initUserAuthConfig = initUserAuthConfig(userJoinInfoBO.getTenantCode(), userJoinInfoBO.getChannelCode());
                if (initUserAuthConfig == null) {
                    return BaseRspUtils.createErrorRsp("用户认证失败,鉴权配置异常!");
                }
                OtherUserAuthReqBO otherUserAuthReqBO = new OtherUserAuthReqBO();
                otherUserAuthReqBO.setExtraData(userJoinInfoBO.getExtraData());
                otherUserAuthReqBO.setExtUid(userJoinInfoBO.getExtUid());
                otherUserAuthReqBO.setTenantCode(userJoinInfoBO.getTenantCode());
                otherUserAuthReqBO.setChannelCode(userJoinInfoBO.getChannelCode());
                otherUserAuthReqBO.setUserId(userJoinInfoBO.getUserId());
                log.info("用户认证-开始:{}", JSONObject.toJSONString(otherUserAuthReqBO));
                Rsp handlerAuthMethod = this.authStrategyFactory.handlerAuthMethod(initUserAuthConfig.getAuthType(), otherUserAuthReqBO, initUserAuthConfig);
                log.info("用户认证-完成:{}|{}", JSONObject.toJSONString(otherUserAuthReqBO), handlerAuthMethod);
                if (!handlerAuthMethod.isSuccess()) {
                    log.warn("用户认证-失败:{}", handlerAuthMethod);
                    return BaseRspUtils.createErrorRsp("用户认证失败,非法用户!");
                }
                userJoinInfoBO.setUserId(((UserAuthInfo) handlerAuthMethod.getData()).getUserId());
                userJoinInfoBO.setExtUid(((UserAuthInfo) handlerAuthMethod.getData()).getExtUid());
            }
            if (!checkSign(userJoinInfoBO)) {
                log.error("用户签名认证失败:{}", userJoinInfoBO);
                return BaseRspUtils.createErrorRsp("签名认证失败!");
            }
            ImUserInfo imUserInfo = new ImUserInfo();
            imUserInfo.setTenantCode(userJoinInfoBO.getTenantCode());
            imUserInfo.setUserId(userJoinInfoBO.getUserId());
            ImUserInfo selectByUserIdAndTCode = this.imUserInfoMapper.selectByUserIdAndTCode(imUserInfo);
            if (selectByUserIdAndTCode == null) {
                return BaseRspUtils.createErrorRsp("未查询到用户!");
            }
            if (checkUserDeny(selectByUserIdAndTCode.getUserId())) {
                log.warn("用户已被禁止连接im: userId = {}", selectByUserIdAndTCode.getUserId());
                return BaseRspUtils.createErrorRsp("用户已被禁止连接im!");
            }
            UserAuthInfo userAuthInfo2 = new UserAuthInfo();
            BeanUtils.copyProperties(selectByUserIdAndTCode, userAuthInfo2);
            userAuthInfo2.setUserId(userJoinInfoBO.getUserId());
            userAuthInfo2.setTenantCode(userJoinInfoBO.getTenantCode());
            userAuthInfo2.setChannelCode(userJoinInfoBO.getChannelCode());
            userAuthInfo2.setUserType(String.valueOf(selectByUserIdAndTCode.getUserType()));
            userAuthInfo2.setCallNum(selectByUserIdAndTCode.getCallNum1());
            userAuthInfo2.setUserSource(selectByUserIdAndTCode.getCreateSource());
            if (StringUtils.isEmpty(selectByUserIdAndTCode.getUserAvatar())) {
                userAuthInfo2.setUserAvatar(this.niccUserConfigPropertiesBean.getDefaultAvatar());
            }
            userAuthInfo2.setOnlineStatus(ImOnlineStatus.ONLINE.getCode());
            this.redisHelper.set(RedisCacheKeyConstant.getUserInfoCacheKey("", userAuthInfo2.getUserId()), userAuthInfo2, RedisCacheKeyConstant.USER_INFO_CACHE_TIME.intValue());
            if (!EntityValidType.NORMAL.matchCode(selectByUserIdAndTCode.getStatus())) {
                return BaseRspUtils.createErrorRsp("用户已被禁用或已删除!");
            }
            if (selectByUserIdAndTCode.getExpTime() == null || selectByUserIdAndTCode.getExpTime().getTime() < currentTimeMillis) {
                return BaseRspUtils.createErrorRsp("用户身份已过期!");
            }
            userInfoMasking(userAuthInfo2);
            saveLastLogin(userAuthInfo2);
            return BaseRspUtils.createSuccessRsp(userAuthInfo2, "用户认证通过");
        } catch (UnsupportedEncodingException e) {
            return BaseRspUtils.createErrorRsp("连接参数解码错误:" + e.getMessage());
        }
    }

    private void saveLastLogin(UserAuthInfo userAuthInfo) {
        if (this.niccUserConfigPropertiesBean.getSaveLastLogin().booleanValue()) {
            ImUserInfo imUserInfo = new ImUserInfo();
            imUserInfo.setUserId(userAuthInfo.getUserId());
            if (UserTypeField.USER.getCode().equals(userAuthInfo.getUserType())) {
                imUserInfo.setChannelCode(userAuthInfo.getChannelCode());
            }
            imUserInfo.setLastLogin(new Date());
            this.imUserInfoMapper.updateByPrimaryKeySelective(imUserInfo);
        }
    }

    private boolean checkUserDeny(String str) {
        return ObjectUtils.anyNotNull(new Object[]{this.redisHelper.get(RedisCacheKeyConstant.getUserDenyStateKey(str))});
    }

    private boolean checkSign(UserJoinInfoBO userJoinInfoBO) {
        return true;
    }

    private void userInfoMasking(UserAuthInfo userAuthInfo) {
        if (this.niccUserConfigPropertiesBean.getUserDataMaskEnable().booleanValue() && UserTypeField.USER.getCode().equals(userAuthInfo.getUserType())) {
            if (!userAuthInfo.getNickName().startsWith(this.niccUserConfigPropertiesBean.getGuestStartName())) {
                userAuthInfo.setNickName(DesensitizationUtil.markName(userAuthInfo.getNickName()));
                userAuthInfo.setUserName(DesensitizationUtil.markName(userAuthInfo.getUserName()));
            }
            userAuthInfo.setCallNum(DesensitizationUtil.commonDisplay(userAuthInfo.getCallNum()));
        }
    }
}
