package com.digiwin.athena.base.infrastructure.manager.iam.service;

import com.digiwin.athena.appcore.auth.domain.AuthoredUser;
import com.digiwin.athena.appcore.util.ExceptionUtil;
import com.digiwin.athena.appcore.util.JsonUtils;
import com.digiwin.athena.base.infrastructure.constant.AudcErrorCodeEnum;
import com.digiwin.athena.base.infrastructure.constant.Constants;
import com.digiwin.athena.base.infrastructure.constant.TenantEnum;
import com.digiwin.athena.base.infrastructure.manager.iam.model.AppAuthoredDTO;
import com.digiwin.athena.base.infrastructure.manager.iam.model.CommonResultDTO;
import com.digiwin.athena.base.infrastructure.manager.iam.model.TenantAuthDTO;
import com.digiwin.athena.base.infrastructure.manager.iam.model.TenantDetailDTO;
import com.digiwin.service.permission.consts.ConstDef;
import com.github.pagehelper.util.StringUtil;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.annotation.Resource;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.compress.utils.Lists;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;

@Service
/* loaded from: input_file:BOOT-INF/lib/idrive-business-base-infrastructure-1.0-SNAPSHOT.jar:com/digiwin/athena/base/infrastructure/manager/iam/service/IamServiceImpl.class */
public class IamServiceImpl implements BaseIamService {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) IamServiceImpl.class);

    @Value("${athena.auth.uri:}")
    private String iamUri;

    @Resource
    private RestTemplate restTemplate;
    private static final String USER_PERMISSION_V2 = "/api/iam/v2/permission/user";
    private static final String USER_AUTHORED_PERMISSION_URL = "/api/iam/v2/user/application";
    private static final String ALL_USER_PERMISSION_URL = "/api/iam/v2/permission/users/apps/all";
    private static final String TENANT_APPLICATION_LIST_URL = "/api/iam/v2/tenant/application/list";
    private static final String QUERY_TENANT_AUTH_BY_EMAIL_URL = "/api/iam/v2/user/email/tenants/auth";
    private static final String CREATE_INDIVIDUAL_TENANT_AUTH_URL = "/api/iam/v2/user/individual/tenant/register";
    private static final String CREATE_TENANT_APP_AUTH_URL = "/api/iam/v2/user/tenant/user/auth";
    private static final String BATCH_QUERY_METADATA_ITEM_URL = "/api/iam/v2/usermetadata/user/get/batch";

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public JSONObject getAllUserPermissionV2(AuthoredUser authoredUser, String str) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Content-Type", "application/json");
        httpHeaders.add("digi-middleware-auth-user", authoredUser.getToken());
        HashMap hashMap = new HashMap();
        hashMap.put(ConstDef.ProfileKeyDef.USER_ID, authoredUser.getUserId());
        hashMap.put("sysId", str);
        HttpEntity<?> httpEntity = new HttpEntity<>(hashMap, httpHeaders);
        String str2 = this.iamUri + USER_PERMISSION_V2;
        try {
            return (JSONObject) this.restTemplate.exchange(str2, HttpMethod.POST, httpEntity, JSONObject.class, new Object[0]).getBody();
        } catch (Exception e) {
            log.error("从IAM获取租户（{}）的应用（{}）权限配置出错, url：{}", authoredUser.getTenantId(), str, str2);
            return null;
        }
    }

    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public List<AppAuthoredDTO> getUserAuthoredApp(String str) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Content-Type", "application/json");
        httpHeaders.add("digi-middleware-auth-user", str);
        try {
            return (List) this.restTemplate.exchange(this.iamUri + USER_AUTHORED_PERMISSION_URL, HttpMethod.GET, new HttpEntity<>(null, httpHeaders), new ParameterizedTypeReference<List<AppAuthoredDTO>>() { // from class: com.digiwin.athena.base.infrastructure.manager.iam.service.IamServiceImpl.1
            }, new Object[0]).getBody();
        } catch (Exception e) {
            log.error("{}，获取用户已授权应用列表失败， 用户token: {}, 错误内容：", AudcErrorCodeEnum.IAM_V2_USER_APPLICATION.getErrCode(), str, e);
            throw ExceptionUtil.wrap(AudcErrorCodeEnum.IAM_V2_USER_APPLICATION.getErrCode(), e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public JSONArray batchQueryUserAppPermission(AuthoredUser authoredUser, List<String> list) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Content-Type", "application/json");
        httpHeaders.add("digi-middleware-auth-user", authoredUser.getToken());
        HashMap hashMap = new HashMap();
        hashMap.put("userIds", Collections.singletonList(authoredUser.getUserId()));
        hashMap.put("sysIds", list);
        try {
            return (JSONArray) this.restTemplate.exchange(this.iamUri + ALL_USER_PERMISSION_URL, HttpMethod.POST, new HttpEntity<>(hashMap, httpHeaders), JSONArray.class, new Object[0]).getBody();
        } catch (Exception e) {
            log.error("{}，批量获取用户授权应用权限配置失败，用户token: {}，请求body体：{}，错误内容：", AudcErrorCodeEnum.IAM_V2_PERMISSION_USERS_APPS_ALL.getErrCode(), authoredUser.getToken(), JsonUtils.objectToString(hashMap), e);
            throw ExceptionUtil.wrap(AudcErrorCodeEnum.IAM_V2_PERMISSION_USERS_APPS_ALL.getErrCode(), e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public Map<String, Object> getTenantAuth(AuthoredUser authoredUser, String str, String str2, String str3, Integer num) {
        ResponseEntity exchange;
        if (StringUtil.isEmpty(str) && StringUtil.isEmpty(str2)) {
            return null;
        }
        HashMap hashMap = new HashMap();
        String str4 = this.iamUri + QUERY_TENANT_AUTH_BY_EMAIL_URL;
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.add("digi-middleware-auth-user", authoredUser.getToken());
        HashMap hashMap2 = new HashMap();
        hashMap2.put("email", str);
        hashMap2.put("telephone", str2);
        hashMap2.put("appId", StringUtil.isNotEmpty(str3) ? str3 : Constants.ATHENA_APPID);
        hashMap2.put("tenantType", Integer.valueOf(num != null ? num.intValue() : TenantEnum.INDIVIDUAL.getType()));
        HttpEntity<?> httpEntity = new HttpEntity<>(hashMap2, httpHeaders);
        try {
            log.info("getTenantAuth post iam begin, URL:{}, param:{}", str4, JsonUtils.objectToString(httpEntity));
            exchange = this.restTemplate.exchange(str4, HttpMethod.POST, httpEntity, CommonResultDTO.class, new HashMap());
            log.info("getTenantAuth post iam end, result:{}", JsonUtils.objectToString(exchange));
        } catch (Exception e) {
            hashMap.put("status", -1);
            log.error("获取用户归属的租户以及指定应用授权信息失败", (Throwable) e);
        }
        if (Objects.isNull(exchange) || Objects.isNull(exchange.getBody()) || Objects.isNull(((CommonResultDTO) exchange.getBody()).getData()) || exchange.getStatusCodeValue() != 200) {
            hashMap.put("status", -1);
            log.error("获取用户归属的租户以及指定应用授权信息失败");
            return hashMap;
        }
        TenantAuthDTO tenantAuthDTO = (TenantAuthDTO) JsonUtils.jsonToObject(JsonUtils.objectToString(((CommonResultDTO) exchange.getBody()).getData()), TenantAuthDTO.class);
        List<TenantDetailDTO> tenants = tenantAuthDTO.getTenants();
        if (CollectionUtils.isEmpty(tenants)) {
            hashMap.put("status", 0);
            log.info("获取用户归属的租户以及指定应用授权信息失败：没有个人租户");
            return hashMap;
        }
        TenantDetailDTO tenantDetailDTO = tenants.get(0);
        if (tenantDetailDTO.getIsTenantAuth().booleanValue() && tenantDetailDTO.getIsUserAuth().booleanValue()) {
            hashMap.put("status", 2);
            hashMap.put(ConstDef.ProfileKeyDef.USER_ID, tenantAuthDTO.getUserId());
            hashMap.put("tenantId", tenantDetailDTO.getId());
            hashMap.put("isTenantAuth", tenantDetailDTO.getIsTenantAuth());
            hashMap.put("isUserAuth", tenantDetailDTO.getIsUserAuth());
            return hashMap;
        }
        hashMap.put("status", 1);
        hashMap.put(ConstDef.ProfileKeyDef.USER_ID, tenantAuthDTO.getUserId());
        hashMap.put("tenantId", tenantDetailDTO.getId());
        hashMap.put("isTenantAuth", tenantDetailDTO.getIsTenantAuth());
        hashMap.put("isUserAuth", tenantDetailDTO.getIsUserAuth());
        log.info("获取用户归属的租户以及指定应用授权信息失败（没有授权）：{}", JsonUtils.objectToString(tenantAuthDTO));
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v46, types: [java.util.Map] */
    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public Map<String, String> registerTenant(AuthoredUser authoredUser, String str, String str2, String str3, String str4, String str5) {
        if (StringUtil.isEmpty(str) && StringUtil.isEmpty(str2)) {
            return null;
        }
        HashMap hashMap = new HashMap();
        String str6 = this.iamUri + CREATE_INDIVIDUAL_TENANT_AUTH_URL;
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.add("digi-middleware-auth-user", authoredUser.getToken());
        HashMap hashMap2 = new HashMap();
        hashMap2.put("email", str);
        hashMap2.put("telephone", str2);
        hashMap2.put("appId", StringUtil.isNotEmpty(str3) ? str3 : Constants.ATHENA_APPID);
        hashMap2.put("strategyCode", StringUtil.isNotEmpty(str5) ? str5 : "athena_light_01");
        HttpEntity<?> httpEntity = new HttpEntity<>(hashMap2, httpHeaders);
        try {
            log.info("registerTenant post iam begin, URL:{}, param:{}", str6, JsonUtils.objectToString(httpEntity));
            ResponseEntity exchange = this.restTemplate.exchange(str6, HttpMethod.POST, httpEntity, CommonResultDTO.class, new HashMap());
            log.info("registerTenant post iam end, result:{}", JsonUtils.objectToString(exchange));
            if (Objects.nonNull(exchange) && Objects.nonNull(exchange.getBody()) && Objects.nonNull(((CommonResultDTO) exchange.getBody()).getData()) && exchange.getStatusCodeValue() == 200) {
                hashMap = (Map) JsonUtils.jsonToObject(JsonUtils.objectToString(((CommonResultDTO) exchange.getBody()).getData()), Map.class);
            }
        } catch (Exception e) {
            log.error("创建个人租户以及授权失败", (Throwable) e);
        }
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public Boolean authorizeUser(AuthoredUser authoredUser, String str, String str2, String str3, String str4, String str5, String str6, Boolean bool) {
        Boolean bool2 = true;
        if (StringUtil.isEmpty(str2) && StringUtil.isEmpty(str)) {
            return null;
        }
        String str7 = this.iamUri + CREATE_TENANT_APP_AUTH_URL;
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        HashMap hashMap = new HashMap();
        hashMap.put("tenantId", str);
        hashMap.put("email", str2);
        hashMap.put("telephone", str3);
        hashMap.put("appId", StringUtil.isNotEmpty(str4) ? str4 : Constants.ATHENA_APPID);
        hashMap.put("strategyCode", StringUtil.isNotEmpty(str6) ? str6 : "athena_light_01");
        hashMap.put("isTenantAuth", bool);
        HttpEntity<?> httpEntity = new HttpEntity<>(hashMap, httpHeaders);
        try {
            log.info("authorizeUser post iam begin, URL:{}, param:{}", str7, JsonUtils.objectToString(httpEntity));
            ResponseEntity exchange = this.restTemplate.exchange(str7, HttpMethod.POST, httpEntity, CommonResultDTO.class, new HashMap());
            log.info("authorizeUser post iam end, result:{}", JsonUtils.objectToString(exchange));
            if (Objects.nonNull(exchange) && Objects.nonNull(exchange.getBody()) && Objects.nonNull(((CommonResultDTO) exchange.getBody()).getData()) && exchange.getStatusCodeValue() == 200) {
                bool2 = Boolean.valueOf(((CommonResultDTO) exchange.getBody()).getData().toString());
            }
        } catch (Exception e) {
            log.error("给指定租户下的用户授权指定应用失败", (Throwable) e);
        }
        return bool2;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v42, types: [java.util.List] */
    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public List<Map> batchQueryUserMetadataItem(List<String> list, String str, String str2, String str3) {
        String str4 = this.iamUri + BATCH_QUERY_METADATA_ITEM_URL;
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        HashMap hashMap = new HashMap();
        hashMap.put("userIdList", list);
        hashMap.put(ConstDef.ProfileKeyDef.TENANT_SID, str);
        hashMap.put("key", str2);
        hashMap.put("catalogId", str3);
        HttpEntity<?> httpEntity = new HttpEntity<>(hashMap, httpHeaders);
        ArrayList arrayList = new ArrayList();
        try {
            ResponseEntity exchange = this.restTemplate.exchange(str4, HttpMethod.POST, httpEntity, CommonResultDTO.class, new HashMap());
            if (Objects.nonNull(exchange) && Objects.nonNull(exchange.getBody()) && Objects.nonNull(((CommonResultDTO) exchange.getBody()).getData()) && exchange.getStatusCodeValue() == 200) {
                arrayList = JsonUtils.jsonToListObject(JsonUtils.objectToString(((CommonResultDTO) exchange.getBody()).getData()), Map.class);
            }
        } catch (Exception e) {
            log.error("创建个人租户以及授权失败", (Throwable) e);
        }
        return null != arrayList ? arrayList : Lists.newArrayList();
    }

    @Override // com.digiwin.athena.base.infrastructure.manager.iam.service.BaseIamService
    public Integer queryUserType(String str, String str2) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.add("digi-middleware-auth-user", str2);
        HashMap hashMap = new HashMap();
        hashMap.put(ConstDef.ProfileKeyDef.USER_ID, str);
        try {
            Map map = (Map) this.restTemplate.postForEntity(this.iamUri + "/api/iam/v2/query/user", new HttpEntity(hashMap, httpHeaders), Map.class, new Object[0]).getBody();
            if (map == null) {
                return null;
            }
            return (Integer) map.get("userType");
        } catch (Exception e) {
            log.error("{}, body: {}, error: ", AudcErrorCodeEnum.IAM_V2_QUERY_USER.getErrCode(), JsonUtils.objectToString(hashMap), e);
            return null;
        }
    }
}
