package com.digiwin.dap.middleware.iam.service.login.impl;

import com.digiwin.dap.middleware.auth.AppAuthContextHolder;
import com.digiwin.dap.middleware.auth.AuthoredSys;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.domain.login.IdentityType;
import com.digiwin.dap.middleware.iam.domain.login.LoginUser;
import com.digiwin.dap.middleware.iam.domain.login.OauthLoginRequest;
import com.digiwin.dap.middleware.iam.domain.token.GrantTypeInfo;
import com.digiwin.dap.middleware.iam.entity.Sys;
import com.digiwin.dap.middleware.iam.entity.Tenant;
import com.digiwin.dap.middleware.iam.entity.User;
import com.digiwin.dap.middleware.iam.entity.UserMapping;
import com.digiwin.dap.middleware.iam.mapper.UserMappingMapper;
import com.digiwin.dap.middleware.iam.service.login.IdentityService;
import com.digiwin.dap.middleware.iam.service.user.UserCrudService;
import com.digiwin.dap.middleware.iam.support.auth.domain.IamAuthoredUser;
import com.digiwin.dap.middleware.iam.support.cache.CommonCacheService;
import com.digiwin.dap.middleware.iam.support.remote.oauth.RemoteOauthService;
import com.digiwin.dap.middleware.util.JsonUtils;
import java.util.List;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

@Order(8)
@Service("oauthIdentityService")
/* loaded from: input_file:BOOT-INF/lib/iam-business-4.37.4.0.jar:com/digiwin/dap/middleware/iam/service/login/impl/OauthIdentityServiceImpl.class */
public class OauthIdentityServiceImpl extends IdentityServiceBase implements IdentityService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) OauthIdentityServiceImpl.class);

    @Autowired
    private UserMappingMapper userMappingMapper;

    @Autowired
    private UserCrudService userCrudService;

    @Autowired
    private CommonCacheService commonCacheService;

    @Autowired
    private List<RemoteOauthService> remoteOauthServices;

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.dap.middleware.iam.service.login.IdentityService
    public IamAuthoredUser login(LoginUser loginUser) {
        logger.info("第三方验证登录Oauth:{}", JsonUtils.writeValue(loginUser.getOauthLoginRequest()));
        OauthLoginRequest oauthLoginRequest = loginUser.getOauthLoginRequest();
        if (oauthLoginRequest.getVerified().booleanValue()) {
            OauthLoginRequest oauthLoginRequest2 = new OauthLoginRequest();
            for (RemoteOauthService remoteOauthService : this.remoteOauthServices) {
                if (remoteOauthService.support(oauthLoginRequest.getType())) {
                    oauthLoginRequest2 = remoteOauthService.getUserInfo(oauthLoginRequest.getCallBackUri(), oauthLoginRequest.getMethod(), oauthLoginRequest.getAccessToken(), oauthLoginRequest.getData());
                }
            }
            if (!StringUtils.isEmpty(oauthLoginRequest.getUnionid()) && !StringUtils.isEmpty(oauthLoginRequest2.getUnionid()) && !oauthLoginRequest.getUnionid().equals(oauthLoginRequest2.getUnionid())) {
                throw new BusinessException(I18nError.THIRD_USER_ERROR, new Object[]{oauthLoginRequest2.getUnionid(), oauthLoginRequest.getUnionid()});
            }
        }
        GrantTypeInfo grantTypeInfo = new GrantTypeInfo(oauthLoginRequest);
        Tenant tenant = null;
        if (grantTypeInfo.getTenantSid() != null && grantTypeInfo.getTenantSid().longValue() != 0) {
            tenant = (Tenant) this.tenantCrudService.findBySid(grantTypeInfo.getTenantSid().longValue());
            if (tenant == null) {
                throw new BusinessException(I18nError.TENANT_NOT_EXISTED, new Object[]{grantTypeInfo.getTenantSid()});
            }
        } else if (!StringUtils.isEmpty(grantTypeInfo.getTenantId())) {
            tenant = this.tenantCrudService.findById(grantTypeInfo.getTenantId());
            if (tenant == null) {
                throw new BusinessException(I18nError.TENANT_NOT_EXISTED, new Object[]{grantTypeInfo.getTenantId()});
            }
        }
        return getByGrantTypeInfoCore(loginUser, grantTypeInfo, tenant);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private IamAuthoredUser getByGrantTypeInfoCore(LoginUser loginUser, GrantTypeInfo grantTypeInfo, Tenant tenant) {
        UserMapping userMapping;
        Assert.hasText(grantTypeInfo.getVerifyUserId(), "grantTypeInfo.verifyUserId不能为空");
        AuthoredSys authoredSys = AppAuthContextHolder.getContext().getAuthoredSys();
        String str = "";
        if (!StringUtils.isEmpty(grantTypeInfo.getAppId())) {
            str = grantTypeInfo.getAppId();
        } else if (authoredSys != null) {
            str = authoredSys.getId();
        }
        Assert.hasText(str, "grantTypeInfo.appId不能为空");
        Long valueOf = Long.valueOf(tenant == null ? 0L : tenant.getSid());
        List<UserMapping> queryByTenantAndVerifyUserId = this.userMappingMapper.queryByTenantAndVerifyUserId(valueOf, grantTypeInfo.getVerifyUserId(), str, grantTypeInfo.getAccount());
        if (queryByTenantAndVerifyUserId == null || queryByTenantAndVerifyUserId.size() == 0) {
            throw new BusinessException(I18nError.ACCESS_TOKEN_MAPPING_ERROR, new Object[]{grantTypeInfo.getTenantId(), str, grantTypeInfo.getVerifyUserId()});
        }
        if (queryByTenantAndVerifyUserId.size() > 1) {
            List list = (List) queryByTenantAndVerifyUserId.stream().filter(userMapping2 -> {
                return valueOf.longValue() == userMapping2.getTenantSid();
            }).collect(Collectors.toList());
            if (valueOf.longValue() <= 0) {
                throw new BusinessException(I18nError.ACCESS_TOKEN_GRANT_MAPPING_ERROR, new Object[]{grantTypeInfo.getVerifyUserId()});
            }
            if (list.size() > 1) {
                throw new BusinessException(I18nError.ACCESS_TOKEN_GRANT_MAPPING_ERROR, new Object[]{grantTypeInfo.getVerifyUserId()});
            }
            userMapping = (UserMapping) list.get(0);
        } else {
            userMapping = queryByTenantAndVerifyUserId.get(0);
        }
        User user = (User) this.userCrudService.findBySid(userMapping.getUserSid());
        if (user == null) {
            throw new BusinessException(I18nError.ERROR_21001, new Object[]{Long.valueOf(queryByTenantAndVerifyUserId.get(0).getUserSid())});
        }
        if (user.isDeleted() || user.isDisabled()) {
            throw new BusinessException(I18nError.ERROR_21004);
        }
        Sys sysById = this.commonCacheService.getSysById(str);
        if (sysById == null) {
            sysById = new Sys();
            sysById.setId(str);
        }
        loginUser.setTenant(getTenant(user, tenant, sysById));
        loginUser.setUser(user);
        loginUser.setApp(sysById);
        return this.authoredUserService.generate(loginUser, false, false);
    }

    @Override // com.digiwin.dap.middleware.iam.service.login.IdentityService
    public boolean support(LoginUser loginUser) {
        return loginUser.getIdentityType() == IdentityType.oauth;
    }
}
