package com.digiwin.dap.middleware.iam.service.login.impl;

import cn.hutool.extra.servlet.ServletUtil;
import com.digiwin.dap.middle.kms.constants.KeyConstant;
import com.digiwin.dap.middleware.auth.AppAuthContextHolder;
import com.digiwin.dap.middleware.auth.AuthoredSys;
import com.digiwin.dap.middleware.commons.crypto.AES;
import com.digiwin.dap.middleware.commons.crypto.PwdUtils;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.constant.IamConstants;
import com.digiwin.dap.middleware.iam.domain.login.IdentityType;
import com.digiwin.dap.middleware.iam.domain.login.LoginSource;
import com.digiwin.dap.middleware.iam.domain.login.LoginUser;
import com.digiwin.dap.middleware.iam.domain.tenant.SysInTenantVO;
import com.digiwin.dap.middleware.iam.entity.Sys;
import com.digiwin.dap.middleware.iam.entity.Tenant;
import com.digiwin.dap.middleware.iam.entity.User;
import com.digiwin.dap.middleware.iam.service.sys.impl.SysInTenantQueryServiceImpl;
import com.digiwin.dap.middleware.iam.service.tenant.TenantCrudService;
import com.digiwin.dap.middleware.iam.service.user.UserCrudService;
import com.digiwin.dap.middleware.iam.service.user.UserInTenantCrudService;
import com.digiwin.dap.middleware.iam.support.auth.domain.IamAuthoredUser;
import com.digiwin.dap.middleware.iam.support.cache.CommonCacheService;
import com.digiwin.dap.middleware.util.HttpUtils;
import com.digiwin.dap.middleware.util.JsonUtils;
import com.digiwin.dap.middleware.util.NetUtils;
import com.fasterxml.jackson.core.JsonProcessingException;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.axis.utils.NetworkUtils;
import org.apache.logging.log4j.util.Strings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@Order(2)
@Service("secretKeyIdentityService")
/* loaded from: input_file:WEB-INF/lib/iam-business-4.37.4.0.jar:com/digiwin/dap/middleware/iam/service/login/impl/SecretKeyIdentityServiceImpl.class */
public class SecretKeyIdentityServiceImpl extends IdentityServiceBase {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) SecretKeyIdentityServiceImpl.class);

    @Autowired
    private TenantCrudService tenantCrudService;

    @Autowired
    private UserCrudService userCrudService;

    @Autowired
    private CommonCacheService commonCacheService;

    @Autowired
    private UserInTenantCrudService userInTenantCrudService;

    @Autowired
    private SysInTenantQueryServiceImpl sysInTenantQueryService;

    @Override // com.digiwin.dap.middleware.iam.service.login.IdentityService
    public IamAuthoredUser login(LoginUser loginUser) {
        String secretKey = loginUser.getSecretKey();
        if (StringUtils.isEmpty(secretKey)) {
            ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
            if (servletRequestAttributes != null) {
                HttpServletRequest request = servletRequestAttributes.getRequest();
                Map<String, String> headerMap = ServletUtil.getHeaderMap(request);
                String clientIPByHeader = ServletUtil.getClientIPByHeader(request, NetUtils.HEADERS);
                String str = "";
                try {
                    str = JsonUtils.createObjectMapper().writeValueAsString(HttpUtils.getRequestBody(request));
                } catch (JsonProcessingException e) {
                    LOGGER.error("requestBody转化异常");
                }
                Logger logger = LOGGER;
                Object[] objArr = new Object[4];
                objArr[0] = request.getRemoteAddr();
                objArr[1] = NetworkUtils.LOCALHOST_IPV6.equals(clientIPByHeader) ? "127.0.0.1" : clientIPByHeader;
                objArr[2] = str;
                objArr[3] = headerMap;
                logger.error("secretKey is null。地址 remoteAddr: [{}], ip: [{}], requestBody: {}, headerMap: {}", objArr);
            }
            throw new IllegalArgumentException("secretKey is null");
        }
        if (Strings.isNotBlank(loginUser.getClientEncryptPublicKey())) {
            try {
                secretKey = PwdUtils.getPassWord(secretKey, loginUser.getClientEncryptPublicKey(), KeyConstant.BASE64_PRIVATE_KEY);
            } catch (Exception e2) {
                LOGGER.error("解析秘钥失败 [secretKey: {} publicKey:{}]", secretKey, loginUser.getClientEncryptPublicKey());
            }
        }
        String[] split = AES.decryptCBC(secretKey, KeyConstant.OTHER).split("@#\\$%\\^_");
        if (split.length <= 3) {
            throw new BusinessException(I18nError.ERROR_21012);
        }
        String str2 = split[0];
        Tenant findById = this.tenantCrudService.findById(str2);
        if (findById == null) {
            throw new BusinessException(I18nError.ERROR_21013, new String[]{str2});
        }
        String str3 = split[1];
        SysInTenantVO bySecret = this.sysInTenantQueryService.getBySecret(Long.valueOf(findById.getSid()), secretKey);
        if (null == bySecret) {
            LOGGER.error("无效的秘钥:{}", secretKey);
        } else if (!bySecret.getAppId().equalsIgnoreCase(split[1])) {
            str3 = bySecret.getAppId();
            LOGGER.error("秘钥登录失败：秘钥{}解析的秘钥应用{}与实际应用{}不匹配", secretKey, split[1], str3);
        }
        Sys sysById = this.commonCacheService.getSysById(str3);
        if (sysById == null) {
            throw new BusinessException(I18nError.ERROR_21014, new String[]{str3});
        }
        AuthoredSys authoredSys = new AuthoredSys(sysById.getSid(), sysById.getId());
        authoredSys.setInside(sysById.isInside());
        authoredSys.setPlatform(sysById.isPlatform());
        AppAuthContextHolder.getContext().setAuthoredSys(authoredSys);
        User findById2 = StringUtils.isEmpty(loginUser.getUserId()) ? this.userCrudService.findById(IamConstants.VIRTUAL) : this.userCrudService.queryUserByIdOrEmailOrTelephoneAndType(loginUser.getUserId(), loginUser.getUserId(), loginUser.getUserId(), 0);
        if (findById2 == null) {
            I18nError i18nError = I18nError.ERROR_21001;
            Object[] objArr2 = new Object[1];
            objArr2[0] = StringUtils.isEmpty(loginUser.getUserId()) ? IamConstants.VIRTUAL : loginUser.getUserId();
            throw new BusinessException(i18nError, objArr2);
        }
        if (this.userInTenantCrudService.existsByUnionKey(findById.getSid(), findById2.getSid())) {
            loginUser.setTenant(findById);
            loginUser.setUser(findById2);
            loginUser.setApp(sysById);
            loginUser.setLoginSource(LoginSource.loginSecretKey);
            return this.authoredUserService.generate(loginUser, true, false);
        }
        I18nError i18nError2 = I18nError.USER_TENANT_EXISTED_ERROR;
        Object[] objArr3 = new Object[2];
        objArr3[0] = findById.getId();
        objArr3[1] = StringUtils.isEmpty(loginUser.getUserId()) ? IamConstants.VIRTUAL : loginUser.getUserId();
        throw new BusinessException(i18nError2, objArr3);
    }

    @Override // com.digiwin.dap.middleware.iam.service.login.IdentityService
    public boolean support(LoginUser loginUser) {
        return loginUser.getIdentityType() == IdentityType.secretKey;
    }
}
