package com.geoway.design.biz.service.login.impl;

import cn.org.bjca.client.security.SecurityEngineDeal;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.baomidou.mybatisplus.core.toolkit.support.SFunction;
import com.geoway.design.base.base.dto.ResponseDataBase;
import com.geoway.design.base.support.StringUtils;
import com.geoway.design.biz.config.ProjectConfig;
import com.geoway.design.biz.constatn.DynamicParameterConst;
import com.geoway.design.biz.entity.SysRegion;
import com.geoway.design.biz.entity.SysUser;
import com.geoway.design.biz.entity.SysUserRole;
import com.geoway.design.biz.mapper.SysRegionMapper;
import com.geoway.design.biz.service.login.ICaLoginService;
import com.geoway.design.biz.service.sys.ISysUserRoleService;
import com.geoway.design.biz.service.sys.ISysUserService;
import com.geoway.sso.client.rpc.Result;
import com.geoway.sso.client.rpc.RpcAccessToken;
import com.geoway.sso.client.rpc.SsoUser;
import com.geoway.sso.client.util.SessionUtils;
import com.geoway.sso.server.common.AccessTokenContent;
import com.geoway.sso.server.common.CodeContent;
import com.geoway.sso.server.session.AccessTokenManager;
import com.geoway.sso.server.session.RefreshTokenManager;
import com.geoway.sso.server.session.TicketGrantingTicketManager;
import java.lang.invoke.SerializedLambda;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;

@Service
/* loaded from: input_file:com/geoway/design/biz/service/login/impl/CaLoginServiceImpl.class */
public class CaLoginServiceImpl implements ICaLoginService {

    @Autowired
    private ISysUserService sysUserService;

    @Autowired
    private SysRegionMapper sysRegionMapper;

    @Autowired
    private AccessTokenManager accessTokenManager;

    @Autowired
    private ProjectConfig projectConfig;

    @Autowired
    private RefreshTokenManager refreshTokenManager;

    @Autowired
    private TicketGrantingTicketManager ticketGrantingTicketManager;

    @Autowired
    private ISysUserRoleService sysUserRoleService;

    @Override // com.geoway.design.biz.service.login.ICaLoginService
    public ResponseDataBase checkLogin(String str, String str2) {
        ResponseDataBase responseDataBase = new ResponseDataBase();
        if (str2 == null) {
            return ResponseDataBase.error("缺少参数oauthName");
        }
        try {
            Result<SsoUser> validate = validate(str);
            if (validate == null) {
                return ResponseDataBase.error("证书验证失败请联系管理员");
            }
            if (validate.getCode() == 9999) {
                return ResponseDataBase.error(validate.getMessage());
            }
            SsoUser ssoUser = (SsoUser) validate.getData();
            Result createSuccess = Result.createSuccess(new AccessTokenContent(new CodeContent(this.ticketGrantingTicketManager.generate((SsoUser) validate.getData()), false, (String) null), ssoUser, this.projectConfig.getSsoAppId(), (String) null));
            HttpServletRequest request = RequestContextHolder.currentRequestAttributes().getRequest();
            String generate = this.accessTokenManager.generate((AccessTokenContent) createSuccess.getData());
            String generate2 = this.refreshTokenManager.generate((AccessTokenContent) createSuccess.getData(), generate);
            AccessTokenContent accessTokenContent = this.accessTokenManager.get(generate);
            accessTokenContent.setRefreshToken(generate2);
            this.accessTokenManager.create(generate, accessTokenContent);
            RpcAccessToken rpcAccessToken = new RpcAccessToken(generate, this.accessTokenManager.getExpiresIn(), generate2, ((AccessTokenContent) createSuccess.getData()).getUser());
            SessionUtils.setAccessToken(request, rpcAccessToken);
            responseDataBase.put(DynamicParameterConst.TOKEN, rpcAccessToken.getAccessToken());
            responseDataBase.put("userId", ssoUser.getId());
            responseDataBase.put("username", ssoUser.getLoginName());
            responseDataBase.put("alisname", ssoUser.getUserName());
            responseDataBase.put("role", this.sysUserRoleService.listObjs(((LambdaQueryWrapper) Wrappers.lambdaQuery(SysUserRole.class).eq((v0) -> {
                return v0.getUserid();
            }, ssoUser.getId())).select(new SFunction[]{(v0) -> {
                return v0.getRoleid();
            }}), obj -> {
                return (String) obj;
            }));
            responseDataBase.put("status", "OK");
            responseDataBase.put("validateType", "ca");
            responseDataBase.put("passwordPolicy", ssoUser.getPasswordPolicy());
            responseDataBase.put("userCatalog", ssoUser.getCatalog());
            return responseDataBase;
        } catch (Exception e) {
            e.printStackTrace();
            return ResponseDataBase.error(e.getMessage());
        }
    }

    public Result<SsoUser> validate(String str) {
        try {
            SecurityEngineDeal securityEngineDeal = SecurityEngineDeal.getInstance("SVSDefault");
            int validateCert = securityEngineDeal.validateCert(str);
            if (validateCert != 1) {
                if (validateCert == 0) {
                    return Result.createError("验证时，发生未知错误，请联系管理员");
                }
                if (validateCert == -1) {
                    return Result.createError("登录证书的根不被信任，请联系管理员");
                }
                if (validateCert == -2) {
                    return Result.createError("登录证书超过有效期，请联系管理员");
                }
                if (validateCert == -3) {
                    return Result.createError("登录证书为作废证书，请联系管理员");
                }
                if (validateCert == -4) {
                    return Result.createError("登录证书被临时冻结，请联系管理员");
                }
                return null;
            }
            String certInfoByOid = securityEngineDeal.getCertInfoByOid(str, "2.16.840.1.113732.2");
            if (StringUtils.isNotEmpty(certInfoByOid)) {
                List<SysUser> queryList = this.sysUserService.queryList("certificateCode_EQ_" + certInfoByOid.substring(2));
                if (queryList != null && queryList.size() > 0) {
                    SysUser sysUser = queryList.get(0);
                    SsoUser ssoUser = new SsoUser();
                    try {
                        List<SysRegion> queryUserRegions = this.sysRegionMapper.queryUserRegions(sysUser.getId());
                        String str2 = (String) queryUserRegions.stream().map(sysRegion -> {
                            return sysRegion.getCode();
                        }).collect(Collectors.joining(","));
                        String str3 = (String) queryUserRegions.stream().map(sysRegion2 -> {
                            return sysRegion2.getName();
                        }).collect(Collectors.joining(","));
                        ssoUser.setId(sysUser.getId());
                        ssoUser.setUserid(sysUser.getId());
                        ssoUser.setUserName(sysUser.getAname());
                        ssoUser.setLoginName(sysUser.getAccout());
                        ssoUser.setRegionCode(str2);
                        ssoUser.setRegionName(str3);
                        ssoUser.setCatalog(sysUser.getCatalog());
                        return Result.createSuccess(ssoUser);
                    } catch (Exception e) {
                        e.printStackTrace();
                        throw new RuntimeException(e.getMessage());
                    }
                }
            }
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            return null;
        }
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case 770599687:
                if (implMethodName.equals("getRoleid")) {
                    z = false;
                    break;
                }
                break;
            case 859985180:
                if (implMethodName.equals("getUserid")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/baomidou/mybatisplus/core/toolkit/support/SFunction") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/geoway/design/biz/entity/SysUserRole") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                    return (v0) -> {
                        return v0.getRoleid();
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/baomidou/mybatisplus/core/toolkit/support/SFunction") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/geoway/design/biz/entity/SysUserRole") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                    return (v0) -> {
                        return v0.getUserid();
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
