package com.digiwin.dap.middleware.iam.api;

import com.digiwin.dap.middleware.auth.AuthoredUser;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.constant.IamConstants;
import com.digiwin.dap.middleware.iam.domain.EnvProperties;
import com.digiwin.dap.middleware.iam.domain.authentication.AuthenticationInfoVO;
import com.digiwin.dap.middleware.iam.domain.authentication.AuthenticationTenantCallbackVO;
import com.digiwin.dap.middleware.iam.domain.authentication.AuthenticationTwUserInfoVO;
import com.digiwin.dap.middleware.iam.domain.authentication.AuthenticationUserCallbackVO;
import com.digiwin.dap.middleware.iam.entity.Tenant;
import com.digiwin.dap.middleware.iam.entity.User;
import com.digiwin.dap.middleware.iam.service.authentication.TenantAuthenticationService;
import com.digiwin.dap.middleware.iam.service.authentication.UserAuthenticationService;
import com.digiwin.dap.middleware.iam.service.tenant.TenantCrudService;
import com.digiwin.dap.middleware.iam.service.user.UserCrudService;
import com.digiwin.dap.middleware.iam.support.remote.RemoteLMCService;
import java.util.HashMap;
import javax.transaction.Transactional;
import org.apache.logging.log4j.util.Strings;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestAttribute;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/iam/v2/authentication"})
@RestController
/* loaded from: input_file:WEB-INF/classes/com/digiwin/dap/middleware/iam/api/AuthenticationController.class */
public class AuthenticationController {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AuthenticationController.class);

    @Autowired
    private EnvProperties envProperties;

    @Autowired
    private UserCrudService userCrudService;

    @Autowired
    private TenantCrudService tenantCrudService;

    @Autowired
    private UserAuthenticationService userAuthenticationService;

    @Autowired
    private TenantAuthenticationService tenantAuthenticationService;

    @Autowired
    private RemoteLMCService remoteLMCService;

    @GetMapping({"/user/url"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> getUserAuthenticationUrl(@RequestParam(name = "redirectUrl", required = false) String str, @RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser) {
        Object hashMap;
        if (Strings.isEmpty(this.envProperties.getEsignUri())) {
            logger.error(IamConstants.ErrorMessage.NOT_EMPTY_E_ADDRESS);
            hashMap = new HashMap();
        } else {
            if (str == null) {
                str = this.envProperties.getMarketUri();
            }
            User findById = this.userCrudService.findById(authoredUser.getUserId());
            Assert.isTrue(!findById.isEnterprise(), String.format("用户[%s]是企业用户无法进行个人实名认证！", findById.getId()));
            Assert.notNull(findById, String.format(IamConstants.ErrorMessage.NOT_EXISTED_USER, authoredUser.getUserId()));
            hashMap = this.userAuthenticationService.getUserAuthenticationUrl(findById, str);
        }
        return new ResponseEntity<>(hashMap, HttpStatus.OK);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @GetMapping({"/tenant/url"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> getAuthenticationUrl(@RequestParam(name = "redirectUrl", required = false) String str, @RequestParam(name = "agreeCertificationAgreement", required = false) Boolean bool, @RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser) {
        Object hashMap;
        if (Strings.isEmpty(this.envProperties.getEsignUri())) {
            logger.error(IamConstants.ErrorMessage.NOT_EMPTY_E_ADDRESS);
            hashMap = new HashMap();
        } else {
            if (str == null) {
                str = this.envProperties.getMarketUri();
            }
            long tenantSid = authoredUser.getTenantSid();
            Assert.isTrue(tenantSid > 0, "无法得到当前用户[%s]的租户信息！");
            Tenant tenant = (Tenant) this.tenantCrudService.findBySid(tenantSid);
            Assert.notNull(tenant, String.format(IamConstants.ErrorMessage.NOT_EXISTED_TENANT_ONE, authoredUser.getTenantId()));
            Assert.isTrue(tenant.getOwnerUserSid() == authoredUser.getSid(), String.format("用户[%s]不是租户[%s]的创建者，无法对其进行实名认证！", authoredUser.getUserId(), tenant.getId()));
            User user = (User) this.userCrudService.findBySid(tenant.getOwnerUserSid());
            Assert.notNull(user, String.format("租户[%s]的创建者[%s]不存在！", tenant.getId(), Long.valueOf(tenant.getOwnerUserSid())));
            hashMap = this.tenantAuthenticationService.getTenantAuthenticationUrl(user, tenant, str);
            if (!Boolean.TRUE.equals(tenant.getAgreeCertificationAgreement()) && Boolean.TRUE.equals(bool)) {
                tenant.setAgreeCertificationAgreement(Boolean.TRUE);
                this.tenantCrudService.update(tenant);
            }
            this.remoteLMCService.saveAgreeCertificationAgreementChangeLog(tenant, authoredUser, "DigiwinCloud".toLowerCase(), bool);
        }
        return ResponseEntity.ok(hashMap);
    }

    @PostMapping({"/user/callback"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> authenticationRollBack(@RequestBody AuthenticationUserCallbackVO authenticationUserCallbackVO) {
        if (Strings.isEmpty(this.envProperties.getEsignUri())) {
            logger.error(IamConstants.ErrorMessage.NOT_EMPTY_E_ADDRESS);
        } else {
            Assert.hasText(authenticationUserCallbackVO.getAccountId(), "AccountId不能为空！");
            Assert.hasText(authenticationUserCallbackVO.getServiceId(), "serviceId不能为空！");
            this.userAuthenticationService.authenticationCallback(authenticationUserCallbackVO.getAccountId(), authenticationUserCallbackVO.getServiceId());
        }
        return new ResponseEntity<>(HttpStatus.OK);
    }

    @PostMapping({"/tenant/callback"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> authenticationRollBack(@RequestBody AuthenticationTenantCallbackVO authenticationTenantCallbackVO) {
        if (Strings.isEmpty(this.envProperties.getEsignUri())) {
            logger.error(IamConstants.ErrorMessage.NOT_EMPTY_E_ADDRESS);
        } else {
            Assert.hasText(authenticationTenantCallbackVO.getServiceId(), "serviceId不能为空！");
            Assert.hasText(authenticationTenantCallbackVO.getOrgAccountId(), "OrgAccountId不能为空！");
            Assert.hasText(authenticationTenantCallbackVO.getAgentAccountId(), "AgentAccountId不能为空！");
            this.tenantAuthenticationService.authenticationCallback(authenticationTenantCallbackVO.getOrgAccountId(), authenticationTenantCallbackVO.getAgentAccountId(), authenticationTenantCallbackVO.getServiceId(), null);
        }
        return ResponseEntity.ok(HttpStatus.OK);
    }

    @PostMapping({"/user"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> authenticationTwUser(@RequestBody AuthenticationTwUserInfoVO authenticationTwUserInfoVO, @RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser) {
        User findById = this.userCrudService.findById(authoredUser.getUserId());
        Assert.isTrue(!findById.isEnterprise(), String.format("用户[%s]是企业用户无法进行个人实名认证", findById.getId()));
        return new ResponseEntity<>(this.userAuthenticationService.authenticationTwUser(findById, authenticationTwUserInfoVO), HttpStatus.OK);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @PostMapping({"/tenant/{businessAccountingNo}"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> authenticationTwTenant(@PathVariable String str, @RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser) {
        Object hashMap;
        if (Strings.isEmpty(this.envProperties.getAoneUri())) {
            logger.error("Aone地址配置为空！");
            hashMap = new HashMap();
        } else {
            Assert.isTrue(authoredUser.getTenantSid() > 0, "无法得到当前用户[%s]的租户信息！");
            Tenant tenant = (Tenant) this.tenantCrudService.findBySid(authoredUser.getTenantSid());
            Assert.notNull(tenant, String.format(IamConstants.ErrorMessage.NOT_EXISTED_TENANT_ONE, Long.valueOf(authoredUser.getTenantSid())));
            Assert.isTrue(tenant.getOwnerUserSid() == authoredUser.getSid(), String.format("用户[%s]不是租户[%s]的创建者，无法对其进行实名认证！", authoredUser.getUserId(), tenant.getId()));
            hashMap = this.tenantAuthenticationService.authenticationTwTenant(authoredUser.getTenantSid(), tenant.getName(), str);
        }
        return ResponseEntity.ok(hashMap);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @GetMapping({"/info"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> getAuthentication(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser) {
        AuthenticationInfoVO authenticationInfoVO;
        if (Strings.isEmpty(this.envProperties.getEsignUri())) {
            logger.error(IamConstants.ErrorMessage.NOT_EMPTY_E_ADDRESS);
            authenticationInfoVO = new AuthenticationInfoVO();
        } else {
            Assert.isTrue(authoredUser.getTenantSid() > 0, "无法得到当前用户租户信息！");
            User user = (User) this.userCrudService.findBySid(authoredUser.getSid());
            Assert.notNull(user, String.format(IamConstants.ErrorMessage.NOT_EXISTED_USER, authoredUser.getUserId()));
            Tenant tenant = (Tenant) this.tenantCrudService.findBySid(authoredUser.getTenantSid());
            Assert.notNull(tenant, String.format(IamConstants.ErrorMessage.NOT_EXISTED_TENANT_ONE, authoredUser.getTenantId()));
            if (user.getSid() != tenant.getOwnerUserSid() && !"integration".equals(authoredUser.getUserId())) {
                throw new BusinessException(I18nError.TENANT_NOT_CREATE_BY_USER_NO_PERMISSION, new Object[]{authoredUser.getUserId(), authoredUser.getTenantId()});
            }
            authenticationInfoVO = this.tenantAuthenticationService.getAuthenticationInfo(authoredUser.getTenantSid());
        }
        return new ResponseEntity<>(authenticationInfoVO, HttpStatus.OK);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @PostMapping({"/tenant/remove"})
    @Transactional(rollbackOn = {Exception.class})
    public ResponseEntity<?> removeAuthentication(@RequestAttribute("digi-middleware-auth-user-data") AuthoredUser authoredUser) {
        if (Strings.isEmpty(this.envProperties.getEsignUri())) {
            logger.error(IamConstants.ErrorMessage.NOT_EMPTY_E_ADDRESS);
        } else {
            Tenant tenant = (Tenant) this.tenantCrudService.findBySid(authoredUser.getTenantSid());
            Assert.isTrue(authoredUser.getTenantSid() > 0, "无法得到当前用户租户信息！");
            User user = (User) this.userCrudService.findBySid(authoredUser.getSid());
            Assert.notNull(user, String.format(IamConstants.ErrorMessage.NOT_EXISTED_USER, authoredUser.getUserId()));
            Assert.notNull(tenant, String.format(IamConstants.ErrorMessage.NOT_EXISTED_TENANT_ONE, authoredUser.getTenantId()));
            Assert.isTrue(user.getSid() == tenant.getOwnerUserSid(), "用户[%s]不是租户[%s]的创建者，无法清除企业实名认证信息！");
            this.tenantAuthenticationService.removeAuthenticationInfo(authoredUser.getTenantSid(), user.getSid());
        }
        return new ResponseEntity<>(HttpStatus.OK);
    }
}
