package com.geoway.design.biz.service.impl;

import cn.hutool.core.util.ObjectUtil;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.geoway.design.base.base.dto.ResponseDataBase;
import com.geoway.design.biz.config.ProjectConfig;
import com.geoway.design.biz.dto.ExternalParamDTO;
import com.geoway.design.biz.service.ExternalBaseService;
import com.geoway.design.biz.service.ExternalUserService;
import com.geoway.design.biz.service.ISsoAppService;
import com.geoway.design.biz.service.ISysUserRoleService;
import com.geoway.design.biz.vo.SysNormalUserVO;
import com.geoway.sso.client.rpc.Result;
import com.geoway.sso.client.rpc.RpcAccessToken;
import com.geoway.sso.client.rpc.SsoUser;
import com.geoway.sso.client.util.Oauth2Utils;
import com.geoway.sso.client.util.SessionUtils;
import com.geoway.sso.server.common.AccessTokenContent;
import com.geoway.sso.server.common.CodeContent;
import com.geoway.sso.server.session.AccessTokenManager;
import com.geoway.sso.server.session.RefreshTokenManager;
import com.geoway.sso.server.session.TicketGrantingTicketManager;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/geoway/design/biz/service/impl/ExternalUserServiceImpl.class */
public class ExternalUserServiceImpl implements ExternalUserService {

    @Value("${sso.server.url:''}")
    private String serverUrl;

    @Value("${External:normal}")
    private String external;

    @Resource
    private ISsoAppService ssoAppService;

    @Resource
    private TicketGrantingTicketManager ticketGrantingTicketManager;

    @Resource
    private ProjectConfig projectConfig;

    @Resource
    private AccessTokenManager accessTokenManager;

    @Resource
    private RefreshTokenManager refreshTokenManager;

    @Resource
    private RedisTemplate redisTemplate;

    @Resource
    private ExternalBaseService externalBaseService;

    @Autowired
    private ISysUserRoleService sysUserRoleService;

    @Override // com.geoway.design.biz.service.ExternalUserService
    public String getExternal() {
        return this.external;
    }

    @Override // com.geoway.design.biz.service.ExternalUserService
    public ResponseDataBase login(HttpServletRequest httpServletRequest, ExternalParamDTO externalParamDTO) throws Exception {
        return getResult(httpServletRequest, getAccessToken(externalParamDTO), new ResponseDataBase());
    }

    @Override // com.geoway.design.biz.service.ExternalUserService
    public ResponseDataBase loginByToken(HttpServletRequest httpServletRequest, ExternalParamDTO externalParamDTO) throws Exception {
        return getResult(httpServletRequest, getAccessToken(this.externalBaseService.queryUserByToken(externalParamDTO), externalParamDTO), new ResponseDataBase());
    }

    @Override // com.geoway.design.biz.service.ExternalUserService
    public void captchaIMG(HttpServletResponse httpServletResponse, ExternalParamDTO externalParamDTO) throws Exception {
        this.externalBaseService.captchaIMG(httpServletResponse, externalParamDTO);
    }

    @Override // com.geoway.design.biz.service.ExternalUserService
    public SsoUser queryUser(HttpServletRequest httpServletRequest, ExternalParamDTO externalParamDTO) throws Exception {
        String str = (String) this.redisTemplate.boundValueOps("EX_TOKEN:" + ((RpcAccessToken) Oauth2Utils.queryAccessToken(this.serverUrl, httpServletRequest.getHeader("access_token")).getData()).getUser().getId()).get();
        if (StringUtils.isNotBlank(str)) {
            externalParamDTO.setToken(str);
        }
        return this.externalBaseService.queryUserByToken(externalParamDTO);
    }

    @Override // com.geoway.design.biz.service.ExternalUserService
    public IPage<SysNormalUserVO> queryUserAll(HttpServletRequest httpServletRequest, ExternalParamDTO externalParamDTO) throws Exception {
        IPage<SysNormalUserVO> queryUserAll = this.externalBaseService.queryUserAll(externalParamDTO);
        List records = queryUserAll.getRecords();
        Map<String, String> queryRoleByIds = this.sysUserRoleService.queryRoleByIds((List) records.stream().map(sysNormalUserVO -> {
            return sysNormalUserVO.getId();
        }).collect(Collectors.toList()));
        records.stream().forEach(sysNormalUserVO2 -> {
            sysNormalUserVO2.setRoles((String) queryRoleByIds.get(sysNormalUserVO2.getId()));
        });
        return queryUserAll;
    }

    private ResponseDataBase getResult(HttpServletRequest httpServletRequest, Result<RpcAccessToken> result, ResponseDataBase responseDataBase) {
        if (!ObjectUtil.isNotNull(result) || !result.isSuccess()) {
            return ResponseDataBase.error(result.getMessage());
        }
        RpcAccessToken rpcAccessToken = (RpcAccessToken) result.getData();
        SessionUtils.setAccessToken(httpServletRequest, rpcAccessToken);
        SsoUser user = rpcAccessToken.getUser();
        responseDataBase.put("token", rpcAccessToken.getAccessToken());
        responseDataBase.put("userId", user.getId());
        responseDataBase.put("username", user.getLoginName());
        responseDataBase.put("alisname", user.getUserName());
        responseDataBase.put("status", "OK");
        responseDataBase.put("validateType", "sso");
        return responseDataBase;
    }

    private Result getAccessToken(ExternalParamDTO externalParamDTO) throws Exception {
        Result<AccessTokenContent> validateAuth = validateAuth(externalParamDTO, this.projectConfig.getSsoAppId());
        return !validateAuth.isSuccess() ? validateAuth : getTokenResult(validateAuth);
    }

    private Result getAccessToken(SsoUser ssoUser, ExternalParamDTO externalParamDTO) throws Exception {
        Result<AccessTokenContent> validateAuth = validateAuth(ssoUser, externalParamDTO, this.projectConfig.getSsoAppId());
        return !validateAuth.isSuccess() ? validateAuth : getTokenResult(validateAuth);
    }

    private Result getTokenResult(Result<AccessTokenContent> result) {
        Result<Void> validate = this.ssoAppService.validate(this.projectConfig.getSsoAppId(), this.projectConfig.getSsoAppSecret());
        return !validate.isSuccess() ? validate : Result.createSuccess(genereateRpcAccessToken((AccessTokenContent) result.getData(), null));
    }

    private Result<AccessTokenContent> validateAuth(ExternalParamDTO externalParamDTO, String str) throws Exception {
        JSONObject login = this.externalBaseService.login(externalParamDTO);
        externalParamDTO.setToken(login.getString("access_token"));
        SsoUser queryUserByToken = this.externalBaseService.queryUserByToken(externalParamDTO);
        this.redisTemplate.boundValueOps("EX_TOKEN:" + queryUserByToken.getId()).set(login.getString("access_token"), 1L, TimeUnit.HOURS);
        return Result.createSuccess(new AccessTokenContent(new CodeContent(this.ticketGrantingTicketManager.generate(queryUserByToken), false, (String) null), queryUserByToken, str));
    }

    private Result<AccessTokenContent> validateAuth(SsoUser ssoUser, ExternalParamDTO externalParamDTO, String str) throws Exception {
        this.redisTemplate.boundValueOps("EX_TOKEN:" + ssoUser.getId()).set(externalParamDTO.getToken(), 2L, TimeUnit.HOURS);
        return Result.createSuccess(new AccessTokenContent(new CodeContent(this.ticketGrantingTicketManager.generate(ssoUser), false, (String) null), ssoUser, str));
    }

    private RpcAccessToken genereateRpcAccessToken(AccessTokenContent accessTokenContent, String str) {
        String str2 = str;
        if (str2 == null || !this.accessTokenManager.refresh(str2)) {
            str2 = this.accessTokenManager.generate(accessTokenContent);
        }
        return new RpcAccessToken(str2, this.accessTokenManager.getExpiresIn(), this.refreshTokenManager.generate(accessTokenContent, str2), accessTokenContent.getUser());
    }
}
