package com.digiwin.dap.middleware.iam.api;

import com.digiwin.dap.middle.ram.domain.enums.TargetType;
import com.digiwin.dap.middleware.auth.AppAuthContextHolder;
import com.digiwin.dap.middleware.cache.RedisUtils;
import com.digiwin.dap.middleware.domain.StdData;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.domain.dev.AppSecretVO;
import com.digiwin.dap.middleware.iam.domain.enumeration.ChangeTypeEnum;
import com.digiwin.dap.middleware.iam.domain.tenant.isv.credential.IsvCredentialListVO;
import com.digiwin.dap.middleware.iam.domain.tenant.isv.credential.IsvCredentialVO;
import com.digiwin.dap.middleware.iam.domain.tenant.isv.credential.VerifyLog;
import com.digiwin.dap.middleware.iam.entity.IsvCredential;
import com.digiwin.dap.middleware.iam.entity.Sys;
import com.digiwin.dap.middleware.iam.mapper.IsvCredentialMapper;
import com.digiwin.dap.middleware.iam.service.servicer.IsvCredentialCrudService;
import com.digiwin.dap.middleware.iam.service.servicer.IsvCredentialService;
import com.digiwin.dap.middleware.iam.service.sys.SysCrudService;
import com.digiwin.dap.middleware.iam.support.log.ChangeLogService;
import com.digiwin.dap.middleware.iam.support.validate.AuthValidateService;
import com.digiwin.dap.middleware.util.UserUtils;
import com.github.pagehelper.PageSerializable;
import java.time.LocalDateTime;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/api/iam/v1/isv/credential"})
@RestController
/* loaded from: input_file:WEB-INF/classes/com/digiwin/dap/middleware/iam/api/IsvCredentialController.class */
public class IsvCredentialController {
    private static final String ISV_CREDENTIAL = "entity:isv:credential:key:%s:%s";
    private static final String ISV_CREDENTIAL_RECORD = "ram:api:sign:verify:%s:%s";
    private static final long INTERVAL_HOUR = 1;

    @Autowired
    private IsvCredentialCrudService isvCredentialCrudService;

    @Autowired
    private IsvCredentialService isvCredentialService;

    @Autowired
    private IsvCredentialMapper isvCredentialMapper;

    @Autowired
    private SysCrudService sysCrudService;

    @Autowired
    private ChangeLogService changeLogService;

    @Autowired
    private AuthValidateService authValidateService;

    @PostMapping({"/add"})
    public StdData<Long> add(@RequestBody IsvCredentialVO isvCredentialVO) {
        return StdData.ok(this.isvCredentialService.add(isvCredentialVO));
    }

    @PostMapping({"/del"})
    public StdData<?> del(@RequestBody IsvCredentialVO isvCredentialVO) {
        IsvCredential findBySid = this.isvCredentialCrudService.findBySid(isvCredentialVO.getSid().longValue());
        if (findBySid != null) {
            if (UserUtils.getTenantSid() != findBySid.getTenantSid() && !this.authValidateService.checkAccessPermission(TargetType.Sys.name(), "POST", AppAuthContextHolder.getContext().getRequestInfo().getPath(), UserUtils.getSysId()).booleanValue()) {
                throw new BusinessException(I18nError.IAM_TENANT_PERMISSION_ERROR);
            }
            this.isvCredentialCrudService.deleteById(isvCredentialVO.getSid().longValue());
            RedisUtils.delete(String.format(ISV_CREDENTIAL, Long.valueOf(findBySid.getTenantSid()), findBySid.getDevKey()));
            this.changeLogService.createChangeLog(ChangeTypeEnum.ISV_CREDENTIAL_DEL.getName(), findBySid, ChangeTypeEnum.ISV_CREDENTIAL_DEL.getPrimaryKey(), findBySid.getId());
        }
        return StdData.ok().build();
    }

    @PostMapping({"/mod"})
    public StdData<?> mod(@RequestBody IsvCredentialVO isvCredentialVO) {
        IsvCredential mod = this.isvCredentialService.mod(isvCredentialVO);
        if (mod != null) {
            if (UserUtils.getTenantSid() != mod.getTenantSid() && !this.authValidateService.checkAccessPermission(TargetType.Sys.name(), "POST", AppAuthContextHolder.getContext().getRequestInfo().getPath(), UserUtils.getSysId()).booleanValue()) {
                throw new BusinessException(I18nError.IAM_TENANT_PERMISSION_ERROR);
            }
            RedisUtils.delete(String.format(ISV_CREDENTIAL, Long.valueOf(mod.getTenantSid()), mod.getDevKey()));
        }
        return StdData.ok().build();
    }

    @PostMapping({"/search"})
    public StdData<?> find(@RequestBody IsvCredentialVO isvCredentialVO) {
        isvCredentialVO.setOrderBy((String) Optional.ofNullable(isvCredentialVO.getOrderBy()).orElse("i.sid desc"));
        List<IsvCredentialListVO> findPage = this.isvCredentialMapper.findPage(isvCredentialVO);
        updateCredentialVerifyDate(findPage);
        return StdData.ok(new PageSerializable(findPage));
    }

    @PostMapping({"/tenant/search"})
    public StdData<?> findTenant(@RequestBody(required = false) IsvCredentialVO isvCredentialVO) {
        IsvCredentialVO isvCredentialVO2 = (IsvCredentialVO) Optional.ofNullable(isvCredentialVO).orElse(new IsvCredentialVO());
        isvCredentialVO2.setTenantSid(Long.valueOf(UserUtils.getTenantSid()));
        List<IsvCredentialListVO> findPage = this.isvCredentialMapper.findPage(isvCredentialVO2);
        updateCredentialVerifyDate(findPage);
        return StdData.ok(new PageSerializable(findPage));
    }

    @PostMapping({"/export"})
    public void export(@RequestBody IsvCredentialVO isvCredentialVO, HttpServletResponse httpServletResponse) {
        this.isvCredentialService.export(Long.valueOf(UserUtils.getTenantSid()), isvCredentialVO.getSid() == null ? 0L : isvCredentialVO.getSid().longValue(), httpServletResponse);
    }

    @PostMapping({"/secret/current"})
    public StdData<?> secret(@RequestBody(required = false) IsvCredential isvCredential) {
        IsvCredential findByDevKey = this.isvCredentialCrudService.findByDevKey(isvCredential.getDevKey());
        if (findByDevKey == null) {
            return StdData.ok(new AppSecretVO(isvCredential.getDevKey()));
        }
        if (findByDevKey.isDisabled()) {
            throw new BusinessException("访问凭证[" + findByDevKey.getDevKey() + "]已经停用");
        }
        return StdData.ok(new AppSecretVO(findByDevKey.getDevKey(), findByDevKey.getDevSecret()));
    }

    private void updateCredentialVerifyDate(List<IsvCredentialListVO> list) {
        list.stream().filter(isvCredentialListVO -> {
            return isvCredentialListVO.getVerifyDate() == null || LocalDateTime.now().isAfter(isvCredentialListVO.getVerifyDate().plusHours(1L));
        }).forEach(isvCredentialListVO2 -> {
            IsvCredential findBySid = this.isvCredentialCrudService.findBySid(isvCredentialListVO2.getSid());
            VerifyLog verifyLog = (VerifyLog) RedisUtils.get(String.format(ISV_CREDENTIAL_RECORD, Long.valueOf(findBySid.getTenantSid()), findBySid.getDevKey()), VerifyLog.class);
            if (verifyLog == null || Objects.equals(verifyLog.getVerifyDate(), findBySid.getVerifyDate())) {
                return;
            }
            isvCredentialListVO2.setVerifyDate(verifyLog.getVerifyDate());
            isvCredentialListVO2.setSysId(verifyLog.getSysId());
            Sys findById = this.sysCrudService.findById(verifyLog.getSysId());
            isvCredentialListVO2.setSysName(findById == null ? null : findById.getName());
            findBySid.setVerifyDate(verifyLog.getVerifyDate());
            findBySid.setSysId(verifyLog.getSysId());
            this.isvCredentialCrudService.update(findBySid);
        });
    }
}
