package com.ella.user.service.auth;

import com.alibaba.fastjson.JSONObject;
import com.ella.frame.aop.annotion.EnableValidate;
import com.ella.frame.cache.DistributedCache;
import com.ella.frame.cache.UserDeviceUtils;
import com.ella.frame.common.errorcode.CommonRetCode;
import com.ella.frame.common.response.ResponseParams;
import com.ella.frame.common.util.HeadParamTl;
import com.ella.resource.config.HeadParamUtil;
import com.ella.user.api.auth.SecurityService;
import com.ella.user.auth.dto.MyUserDetails;
import com.ella.user.configure.SecurityProperties;
import com.ella.user.constant.RedisKeyConstants;
import com.ella.user.constant.UserAccountConstant;
import com.ella.user.domain.User;
import com.ella.user.domain.UserExample;
import com.ella.user.dto.RetCodeEnum;
import com.ella.user.dto.VisitorsDto;
import com.ella.user.dto.user.Session;
import com.ella.user.dto.user.UserLoginRequest;
import com.ella.user.mapper.UserMapper;
import com.ella.user.mapper.UserOtsMapper;
import com.ella.user.utils.ResponseParamUtils;
import com.ella.user.utils.SmsUtil;
import java.net.URI;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Resource;
import org.apache.commons.lang.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponentsBuilder;

@RestController
/* loaded from: input_file:BOOT-INF/classes/com/ella/user/service/auth/SecurityServiceImpl.class */
public class SecurityServiceImpl implements SecurityService {
    private static final Logger log = LogManager.getLogger((Class<?>) SecurityServiceImpl.class);

    @Autowired
    private TokenStore tokenStore;

    @Autowired
    private SecurityProperties securityProperties;

    @Resource(name = "restTemplateApp")
    private RestTemplate restAppTemplate;

    @Resource(name = "restTemplateOts")
    private RestTemplate restOtsTemplate;

    @Autowired
    private DistributedCache redisCache;

    @Autowired
    private UserMapper userMapper;

    @Autowired
    private UserOtsMapper userOtsMapper;

    @Override // com.ella.user.api.auth.SecurityService
    @PostMapping({"/v1/login"})
    @EnableValidate
    public ResponseParams<Session> login(@RequestBody UserLoginRequest userLoginRequest) {
        Session buildSession;
        log.info("登陆开始：{}", JSONObject.toJSONString(userLoginRequest));
        HeadParamTl headParamTl = HeadParamUtil.getHeadParamTl();
        String str = userLoginRequest.getCustomerName() + "#" + ((String) Optional.ofNullable(userLoginRequest.getClientRole()).orElse(Optional.ofNullable(headParamTl.getClientRole()).orElse(UserAccountConstant.DEFAULT_DEVICE)));
        userLoginRequest.setCustomerName(str);
        String deviceNo = headParamTl.getDeviceNo();
        ResponseParams<Session> responseParams = null;
        try {
            URI buildParamsURL = buildParamsURL(userLoginRequest.getCustomerName(), userLoginRequest.getPassword(), deviceNo);
            ResponseEntity exchange = UserAccountConstant.CLIENT_ROLE_OTS.equals(userLoginRequest.getClientRole()) ? this.restOtsTemplate.exchange(buildParamsURL, HttpMethod.POST, (HttpEntity<?>) null, OAuth2AccessToken.class) : this.restAppTemplate.exchange(buildParamsURL, HttpMethod.POST, (HttpEntity<?>) null, OAuth2AccessToken.class);
            if (UserAccountConstant.CLIENT_ROLE_OTS.equals(userLoginRequest.getClientRole())) {
                buildSession = buildSession((OAuth2AccessToken) exchange.getBody(), this.userOtsMapper.selectByPhone(str.split("#")[0]).getName());
            } else {
                UserExample userExample = new UserExample();
                userExample.createCriteria().andMobileEqualTo(userLoginRequest.getCustomerName().split("#")[0]);
                buildSession = buildSession((OAuth2AccessToken) exchange.getBody(), this.userMapper.selectByExample(userExample).get(0).getName());
            }
            storeLastLoginSessionInfo(userLoginRequest.getCustomerName(), ((OAuth2AccessToken) exchange.getBody()).getValue(), userLoginRequest.getClientRole());
            new UserDeviceUtils(this.redisCache).storeDeviceInfo(userLoginRequest.getCustomerName().split("#")[0], deviceNo);
            log.info("用户：" + buildSession.getUsername() + " 登录成功！sessionKey:" + buildSession.getSessionKey());
            return ResponseParamUtils.build(CommonRetCode.SUCCESS, buildSession);
        } catch (UsernameNotFoundException e) {
            log.info(userLoginRequest.getCustomerName() + " 用户未注册");
            responseParams = ResponseParamUtils.build(RetCodeEnum.USER_NOT_FOUNT);
            return responseParams;
        } catch (HttpClientErrorException e2) {
            e2.printStackTrace();
            log.error("用户：" + userLoginRequest.getCustomerName() + "登录失败", (Throwable) e2);
            if (HttpStatus.BAD_REQUEST.value() == e2.getRawStatusCode()) {
                responseParams = ResponseParamUtils.build(RetCodeEnum.USERNAME_PASSWORD_INVALID);
            } else if (HttpStatus.UNAUTHORIZED.value() == e2.getRawStatusCode()) {
                responseParams = ResponseParamUtils.build(RetCodeEnum.USERNAME_PASSWORD_INVALID);
            }
            return responseParams;
        }
    }

    @Override // com.ella.user.api.auth.SecurityService
    @RequestMapping({"/v1/verificationCode"})
    public ResponseParams sendVerificationCode(@RequestParam("phone") String str, @RequestParam("type") String str2) {
        int random = (int) (((Math.random() * 9.0d) + 1.0d) * 1000.0d);
        String str3 = this.redisCache.get("MOBILE:CODE:LOSE::" + str2 + str);
        if (StringUtils.isEmpty(str3)) {
            SmsUtil.sendMessage(str, random);
            log.info(str + " 的验证发送成功  {}", Integer.valueOf(random));
            this.redisCache.set(RedisKeyConstants.REDIS_MOBILE_CODE + str, Integer.valueOf(random), 300);
            this.redisCache.set("MOBILE:CODE:LOSE::" + str2 + str, 1, RedisKeyConstants.SMS_CODE_SMS_EXPIRE);
        } else {
            if ("5".equals(this.redisCache.get("MOBILE:CODE:LOSE::" + str2 + str))) {
                return ResponseParamUtils.build(RetCodeEnum.SMS_BUSY);
            }
            SmsUtil.sendMessage(str, random);
            log.info(str + " 的验证发送成功  {}", Integer.valueOf(random));
            this.redisCache.set(RedisKeyConstants.REDIS_MOBILE_CODE + str, Integer.valueOf(random), 300);
            this.redisCache.set("MOBILE:CODE:LOSE::" + str2 + str, Integer.valueOf(Integer.valueOf(str3).intValue() + 1), RedisKeyConstants.SMS_CODE_SMS_EXPIRE);
        }
        return ResponseParamUtils.build(CommonRetCode.SUCCESS);
    }

    @Override // com.ella.user.api.auth.SecurityService
    public ResponseParams<Session> enVisitorsLogin(@RequestBody VisitorsDto visitorsDto) {
        try {
            ResponseEntity exchange = this.restAppTemplate.exchange(buildParamsURL(visitorsDto.getCustomerName() + "#" + UserAccountConstant.CLIENT_ROLE_APP, visitorsDto.getPassword()), HttpMethod.POST, (HttpEntity<?>) null, OAuth2AccessToken.class);
            User user = new User();
            BeanUtils.copyProperties(visitorsDto, user);
            Session buildSession = buildSession((OAuth2AccessToken) exchange.getBody(), user.getName());
            storeLastLoginSessionInfo(visitorsDto.getCustomerName(), ((OAuth2AccessToken) exchange.getBody()).getValue(), UserAccountConstant.CLIENT_ROLE_APP);
            log.info("用户：" + buildSession.getUsername() + " 登录成功！sessionKey:" + buildSession.getSessionKey());
            return ResponseParamUtils.build(CommonRetCode.SUCCESS, buildSession);
        } catch (UsernameNotFoundException e) {
            return ResponseParamUtils.build(RetCodeEnum.USER_NOT_FOUNT);
        }
    }

    private void storeLastLoginSessionInfo(String str, String str2, String str3) {
        try {
            this.redisCache.set(getLastLoginSessionInfoKey(str), str2, UserAccountConstant.CLIENT_ROLE_OTS.equals(str3) ? this.securityProperties.getOtsTokenExpired() : this.securityProperties.getAppTokenExpired());
        } catch (Exception e) {
            log.error("存储上次登录session时出现异常", (Throwable) e);
        }
    }

    private void checkLastLoginSessionInfo(String str, String str2) {
        OAuth2AccessToken readAccessToken;
        try {
            Map map = (Map) this.redisCache.getBytesObject(getLastLoginSessionInfoKey(str));
            if (map != null) {
                String str3 = (String) map.get("deviceId");
                String str4 = (String) map.get("token");
                if (StringUtils.isNotEmpty(str2) && !str2.equals(str3) && str4 != null && (readAccessToken = this.tokenStore.readAccessToken(str4)) != null) {
                    this.tokenStore.removeAccessToken(readAccessToken);
                }
            }
        } catch (Exception e) {
            log.error("检查上次登录session时出现异常", (Throwable) e);
        }
    }

    private Session buildSession(OAuth2AccessToken oAuth2AccessToken, String str) {
        Session session = new Session();
        MyUserDetails myUserDetails = (MyUserDetails) this.tokenStore.readAuthentication(oAuth2AccessToken).getPrincipal();
        log.info("buildSession user :{}", JSONObject.toJSONString(myUserDetails));
        session.setUsername(str);
        session.setUid(myUserDetails.getUid());
        session.setSessionKey(oAuth2AccessToken.getValue());
        session.setExpiration(oAuth2AccessToken.getExpiration());
        return session;
    }

    private String getLastLoginSessionInfoKey(String str) {
        return UserAccountConstant.LAST_LOGIN_KEY + str;
    }

    private URI buildParamsURL(String str, String str2, String str3) {
        return UriComponentsBuilder.fromHttpUrl(this.securityProperties.getAuthTokenUrl()).queryParam("username", str + "#" + str3).queryParam("password", str2).queryParam("grant_type", "password").build().encode().toUri();
    }

    private URI buildParamsURL(String str, String str2) {
        return buildParamsURL(str, str2, HeadParamUtil.getDeviceNo());
    }
}
