package com.digiwin.dap.middleware.dmc.api;

import com.digiwin.dap.middle.kms.constants.KeyConstant;
import com.digiwin.dap.middleware.commons.core.codec.Base64;
import com.digiwin.dap.middleware.commons.crypto.AES;
import com.digiwin.dap.middleware.commons.crypto.RSA;
import com.digiwin.dap.middleware.commons.crypto.constant.KeySizeEnum;
import com.digiwin.dap.middleware.commons.crypto.constant.TransformationEnum;
import com.digiwin.dap.middleware.constant.GlobalConstants;
import com.digiwin.dap.middleware.dmc.constant.I18nError;
import com.digiwin.dap.middleware.dmc.domain.annotation.LoginMark;
import com.digiwin.dap.middleware.dmc.domain.enumeration.LogType;
import com.digiwin.dap.middleware.dmc.service.login.LoginContext;
import com.digiwin.dap.middleware.dmc.support.auth.domain.GetAesKeyRequest;
import com.digiwin.dap.middleware.dmc.support.auth.domain.JwtUser;
import com.digiwin.dap.middleware.dmc.support.auth.domain.LoginRequest;
import com.digiwin.dap.middleware.dmc.support.auth.domain.LoginUser;
import com.digiwin.dap.middleware.dmc.util.TenantUtil;
import com.digiwin.dap.middleware.domain.StdData;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.exception.UnauthorizedException;
import java.util.Collections;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.util.ObjectUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestAttribute;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/dmc/v1"})
@RestController
/* loaded from: input_file:WEB-INF/classes/com/digiwin/dap/middleware/dmc/api/LoginController.class */
public class LoginController {

    @Autowired
    private LoginContext loginContext;

    @PostMapping({"/auth/login"})
    @LoginMark
    public ResponseEntity<?> login(@Valid @RequestBody LoginUser loginUser) {
        String login = this.loginContext.login(loginUser);
        if (ObjectUtils.isEmpty(login)) {
            throw new UnauthorizedException(I18nError.LOGIN_FAIL);
        }
        return ResponseEntity.ok(Collections.singletonMap("userToken", login));
    }

    @PostMapping({"/auth/token/analyze"})
    public StdData<?> login(@RequestAttribute("digi-middleware-auth-user-data") JwtUser jwtUser) {
        return StdData.ok(jwtUser);
    }

    @PostMapping({"/auth/token/refresh"})
    @LoginMark(LogType.LOGIN_REFRESH)
    public ResponseEntity<?> login(@RequestBody LoginUser loginUser, HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY);
        if (header == null) {
            throw new BusinessException(I18nError.LOGIN_REFRESH_KEK_NONE, new Object[]{GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY});
        }
        String refresh = this.loginContext.refresh(header, TenantUtil.getTenant(loginUser.getTenantId()));
        if (ObjectUtils.isEmpty(refresh)) {
            throw new UnauthorizedException(I18nError.LOGIN_FAIL);
        }
        return ResponseEntity.ok(Collections.singletonMap("userToken", refresh));
    }

    @PostMapping({"/auth/aes/key"})
    public StdData<?> getAesKey(@Valid @RequestBody GetAesKeyRequest getAesKeyRequest) {
        return StdData.ok(Base64.encode(RSA.encrypt(AES.generateKey(KeySizeEnum.AES_256.getValue().intValue()), RSA.decrypt(Base64.decode(getAesKeyRequest.getClientPublicKeyCiphertext()), Base64.decode(KeyConstant.BASE64_PRIVATE_KEY), TransformationEnum.RSA_ECB_PKCS1Padding.getValue()), TransformationEnum.RSA_ECB_PKCS1Padding.getValue())));
    }

    @PostMapping({"/auth/security/login"})
    @LoginMark(LogType.LOGIN_SECURITY)
    public StdData<?> securityLogin(@Valid @RequestBody LoginRequest loginRequest) {
        byte[] decrypt = RSA.decrypt(Base64.decode(loginRequest.getAesKeyCiphertext()), Base64.decode(KeyConstant.BASE64_PRIVATE_KEY), TransformationEnum.RSA_ECB_PKCS1Padding.getValue());
        String str = new String(AES.decryptIvCBC(Base64.decode(loginRequest.getPasswordHash()), decrypt));
        String str2 = new String(AES.decryptIvCBC(Base64.decode(loginRequest.getUsernameHash()), decrypt));
        LoginUser loginUser = new LoginUser();
        loginUser.setUsername(str2);
        loginUser.setPwdhash(str);
        loginUser.setLoginType(loginRequest.getLoginType());
        loginUser.setTenantId(loginRequest.getTenantId());
        String login = this.loginContext.login(loginUser);
        if (ObjectUtils.isEmpty(login)) {
            throw new UnauthorizedException(I18nError.LOGIN_FAIL);
        }
        return StdData.ok(login);
    }
}
