package com.digiwin.dap.middleware.iam.support.remote.impl;

import cn.hutool.core.text.CharSequenceUtil;
import com.digiwin.dap.middleware.auth.AuthoredUser;
import com.digiwin.dap.middleware.auth.LoginInfo;
import com.digiwin.dap.middleware.commons.util.EncryptUtils;
import com.digiwin.dap.middleware.constant.BeanConstants;
import com.digiwin.dap.middleware.constant.GlobalConstants;
import com.digiwin.dap.middleware.dict.domain.DictDataDTO;
import com.digiwin.dap.middleware.dict.entity.DictData;
import com.digiwin.dap.middleware.dict.service.DictDataService;
import com.digiwin.dap.middleware.domain.CommonCode;
import com.digiwin.dap.middleware.domain.CommonErrorCode;
import com.digiwin.dap.middleware.domain.DeployAreaEnum;
import com.digiwin.dap.middleware.domain.StdData;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.exception.ThirdCallException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.domain.EnvProperties;
import com.digiwin.dap.middleware.iam.domain.app.SysCascade;
import com.digiwin.dap.middleware.iam.domain.dev.DevTestCheckResultVO;
import com.digiwin.dap.middleware.iam.domain.dev.DevTestRegisterInfo;
import com.digiwin.dap.middleware.iam.domain.login.IdentityType;
import com.digiwin.dap.middleware.iam.domain.login.LoginUser;
import com.digiwin.dap.middleware.iam.domain.org.OrgAspectVO;
import com.digiwin.dap.middleware.iam.domain.org.OrgResultVO;
import com.digiwin.dap.middleware.iam.domain.org.OrgRoleTreeNode;
import com.digiwin.dap.middleware.iam.domain.org.RequestParameterVO;
import com.digiwin.dap.middleware.iam.domain.policy.v2.TargetPolicy;
import com.digiwin.dap.middleware.iam.domain.role.RoleQueryResultVO;
import com.digiwin.dap.middleware.iam.domain.role.rolebean.RoleBean;
import com.digiwin.dap.middleware.iam.domain.tenant.TenantAuthDTO;
import com.digiwin.dap.middleware.iam.domain.tenant.TenantAuthVO;
import com.digiwin.dap.middleware.iam.domain.user.QueryUserAllInfoVO;
import com.digiwin.dap.middleware.iam.domain.user.UserBasicInfoResultVO;
import com.digiwin.dap.middleware.iam.entity.User;
import com.digiwin.dap.middleware.iam.service.login.IdentityService;
import com.digiwin.dap.middleware.iam.service.user.UserCrudService;
import com.digiwin.dap.middleware.iam.support.auth.domain.IamAuthoredUser;
import com.digiwin.dap.middleware.iam.support.remote.RemoteIamService;
import com.digiwin.dap.middleware.iam.support.remote.UrlConstants;
import com.digiwin.dap.middleware.iam.support.remote.domain.TenantApplication;
import com.digiwin.dap.middleware.support.DapHttpService;
import com.digiwin.dap.middleware.util.EnvUtils;
import com.digiwin.dap.middleware.util.ExceptionUtils;
import com.digiwin.dap.middleware.util.JsonUtils;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Service;
import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;

@Service
/* loaded from: input_file:WEB-INF/lib/iam-business-4.37.4.0.jar:com/digiwin/dap/middleware/iam/support/remote/impl/RemoteIamServiceImpl.class */
public class RemoteIamServiceImpl implements RemoteIamService {

    @Autowired
    private EnvProperties envProperties;

    @Autowired
    private RestTemplate restTemplate;

    @Resource(name = BeanConstants.DAP_RETRY_TEMPLATE)
    private RestTemplate dapRetryRestTemplate;

    @Autowired
    private UserCrudService userCrudService;

    @Autowired
    private IdentityService defaultIdentityService;

    @Autowired
    private DapHttpService dapHttpService;

    @Autowired
    private DictDataService dictDataService;
    private static final String INTEGRATION_USERNAME = "integration";
    private static final String INTEGRATION_PASSWORD = "integration";
    private static final String DEV_APP_ID_EXISTED = "%s/api/iam/v2/dev/app/id/%s/existed";
    private static final String TENANT_AUTH = "/api/iam/v2/tenant/auth";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) RemoteIamServiceImpl.class);
    private static final Map<DeployAreaEnum, DeployAreaEnum> IamDeployAreaMapping = new HashMap();

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public Object registerTestTenant(DevTestRegisterInfo devTestRegisterInfo) {
        if (StringUtils.isEmpty(this.envProperties.getIamTestUri())) {
            throw new BusinessException(I18nError.PARAM_MISS);
        }
        String format = String.format("%s/api/iam/v2/dev/test/env/register/tenant", this.envProperties.getIamTestUri());
        try {
            StdData stdData = (StdData) this.restTemplate.postForObject(format, new HttpEntity(devTestRegisterInfo), StdData.class, new Object[0]);
            if (null != stdData && 200 == stdData.getCode().intValue()) {
                return stdData.getData();
            }
            I18nError i18nError = I18nError.CREATE_TEST_TENANT_FAILED;
            Object[] objArr = new Object[3];
            objArr[0] = format;
            objArr[1] = JsonUtils.createObjectMapper().writeValueAsString(devTestRegisterInfo);
            objArr[2] = stdData != null ? stdData.getMessage() : null;
            throw new BusinessException(i18nError, objArr);
        } catch (Exception e) {
            throw new BusinessException(I18nError.CREATE_TEST_TENANT_FAILED, new Object[]{format, devTestRegisterInfo.getAppId()});
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public Object existTestApps(String str, DevTestCheckResultVO devTestCheckResultVO) {
        if (StringUtils.isEmpty(this.envProperties.getIamTestUri())) {
            throw new BusinessException(I18nError.PARAM_MISS);
        }
        String format = String.format("%s/api/iam/v2/dev/test/env/exists/tenant/apps/test", this.envProperties.getIamTestUri());
        devTestCheckResultVO.setTenantId(str);
        try {
            StdData stdData = (StdData) this.dapRetryRestTemplate.postForObject(format, new HttpEntity(devTestCheckResultVO), StdData.class, new Object[0]);
            if (null != stdData && 200 == stdData.getCode().intValue()) {
                return stdData.getData();
            }
            I18nError i18nError = I18nError.CREATE_TEST_TENANT_FAILED;
            Object[] objArr = new Object[3];
            objArr[0] = format;
            objArr[1] = JsonUtils.createObjectMapper().writeValueAsString(devTestCheckResultVO);
            objArr[2] = stdData != null ? stdData.getMessage() : null;
            throw new BusinessException(i18nError, objArr);
        } catch (Exception e) {
            throw new BusinessException(I18nError.CREATE_TEST_TENANT_FAILED, new Object[]{format, devTestCheckResultVO.getApps(), e.getMessage()});
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public boolean existsById(String str, DeployAreaEnum deployAreaEnum) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, getUserToken(this.envProperties.getManagerTenant(), deployAreaEnum));
        HttpEntity<?> httpEntity = new HttpEntity<>((MultiValueMap<String, String>) httpHeaders);
        String format = String.format(DEV_APP_ID_EXISTED, EnvUtils.getUri(CommonCode.IAM, deployAreaEnum), str);
        try {
            return ((Boolean) Optional.ofNullable(this.dapRetryRestTemplate.exchange(format, HttpMethod.GET, httpEntity, new ParameterizedTypeReference<StdData<Boolean>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.1
            }, new Object[0]).getBody()).map((v0) -> {
                return v0.getData();
            }).orElse(Boolean.FALSE)).booleanValue();
        } catch (Exception e) {
            LOGGER.error(ExceptionUtils.logError("【IAM调用】 检查dev应用是否存在失败", format, httpEntity.getBody(), e), (Throwable) e);
            throw new BusinessException(I18nError.CHECK_DEV_SYS_FAILED);
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public String getUserToken(String str, DeployAreaEnum deployAreaEnum) {
        return this.dapHttpService.getUserToken(str, EnvUtils.getUri(CommonCode.IAM, deployAreaEnum));
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public AuthoredUser getUserInfo(String str, DeployAreaEnum deployAreaEnum) {
        String str2 = EnvUtils.getUri(CommonCode.IAM, deployAreaEnum) + "/api/iam/v2/identity/token/analyze";
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str);
        try {
            return (AuthoredUser) Optional.ofNullable(this.restTemplate.postForEntity(str2, new HttpEntity((MultiValueMap<String, String>) httpHeaders), LoginInfo.class, new Object[0]).getBody()).map(loginInfo -> {
                loginInfo.setToken(str);
                return loginInfo.getAuthoredUser();
            }).orElse(null);
        } catch (Exception e) {
            throw new ThirdCallException(CommonErrorCode.USER_TOKEN_INVALID, str2, e);
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public String getUserToken(String str) {
        User queryUserByIdOrEmailOrTelephoneAndType = this.userCrudService.queryUserByIdOrEmailOrTelephoneAndType("integration", "integration", "integration", 0);
        LoginUser loginUser = new LoginUser();
        loginUser.setTenantId(str);
        loginUser.setUserId("integration");
        loginUser.setPassword("integration");
        loginUser.setIdentityType(IdentityType.token);
        loginUser.setUser(queryUserByIdOrEmailOrTelephoneAndType);
        IamAuthoredUser login = this.defaultIdentityService.login(loginUser);
        if (login != null) {
            return login.getToken();
        }
        return null;
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public List<TenantAuthVO> getTenantAuthInfos(TenantAuthDTO tenantAuthDTO, DeployAreaEnum deployAreaEnum) {
        try {
            return (List) Optional.ofNullable(this.dapRetryRestTemplate.exchange(String.format("%s%s", EnvUtils.getUri(CommonCode.IAM, deployAreaEnum), TENANT_AUTH), HttpMethod.POST, new HttpEntity<>(tenantAuthDTO, new HttpHeaders()), new ParameterizedTypeReference<StdData<List<TenantAuthVO>>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.2
            }, new Object[0]).getBody()).map((v0) -> {
                return v0.getData();
            }).orElseGet(Collections::emptyList);
        } catch (Exception e) {
            LOGGER.error("获取{}的租户授权失败", deployAreaEnum, e);
            return Collections.emptyList();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public IamAuthoredUser crossRegionLogin(String str, String str2, String str3, String str4, String str5) {
        String uri;
        DeployAreaEnum deployAreaEnum = DeployAreaEnum.get(str, str2);
        if (Objects.isNull(deployAreaEnum)) {
            DictDataDTO dictDataDTO = new DictDataDTO();
            dictDataDTO.setDictId("DeployArea");
            dictDataDTO.setDictKey(str + "_" + str2);
            DictData selectDictData = this.dictDataService.selectDictData(dictDataDTO);
            if (Objects.isNull(selectDictData)) {
                throw new BusinessException(I18nError.IAM_DEPLOY_AREA_NOT_CONFIG);
            }
            uri = selectDictData.getDictValue();
        } else {
            if (IamDeployAreaMapping.containsKey(deployAreaEnum)) {
                deployAreaEnum = IamDeployAreaMapping.get(deployAreaEnum);
            }
            uri = EnvUtils.getUri(CommonCode.IAM, deployAreaEnum);
        }
        String str6 = uri + UrlConstants.IAM_CROSS_REGION_LOGIN_INNER_URL;
        HashMap hashMap = new HashMap();
        hashMap.put("tenantId", str3);
        hashMap.put("sysId", str4);
        hashMap.put("customerId", str5);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        httpHeaders.set("digi-middleware-sign-arg", EncryptUtils.sign(this.envProperties.getAppSecret(), null, hashMap));
        try {
            StdData stdData = (StdData) this.dapRetryRestTemplate.exchange(str6, HttpMethod.POST, new HttpEntity<>(hashMap, httpHeaders), new ParameterizedTypeReference<StdData<IamAuthoredUser>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.3
            }, new Object[0]).getBody();
            if (null == stdData) {
                LOGGER.error("跨区获取IAM集成账号Token失败, iamUri:{}", str6);
                throw new BusinessException(I18nError.IAM_ACCESS_CROSS_REGION_ERROR);
            }
            if (stdData.getSuccess().booleanValue()) {
                return (IamAuthoredUser) stdData.getData();
            }
            LOGGER.error("跨区获取IAM集成账号Token失败, iamUri:{}, resp:{}", str6, JsonUtils.objToJson(stdData));
            throw new BusinessException(stdData.getMessage());
        } catch (BusinessException e) {
            throw e;
        } catch (Exception e2) {
            LOGGER.error("跨区获取IAM集成账号Token失败, iamUri:{}", str6, e2);
            throw new BusinessException(I18nError.IAM_ACCESS_CROSS_REGION_ERROR);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public UserBasicInfoResultVO queryUserAllInformationWithPage(QueryUserAllInfoVO queryUserAllInfoVO, String str, DeployAreaEnum deployAreaEnum) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str);
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        try {
            return (UserBasicInfoResultVO) this.dapRetryRestTemplate.postForEntity(EnvUtils.getUri(CommonCode.IAM, deployAreaEnum) + UrlConstants.IAM_QUERY_USER_ALLINFO, new HttpEntity(queryUserAllInfoVO, httpHeaders), UserBasicInfoResultVO.class, new Object[0]).getBody();
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【查询当前租户下的用户基本信息[分页]】失败, userToken={}, deployAreaEnum={}", str, deployAreaEnum), e);
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public List<RoleQueryResultVO> getRoleInCatalog(RoleBean roleBean, String str, DeployAreaEnum deployAreaEnum) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str);
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        try {
            return (List) this.dapRetryRestTemplate.exchange(EnvUtils.getUri(CommonCode.IAM, deployAreaEnum) + UrlConstants.IAM_ROLE_QUERY, HttpMethod.POST, new HttpEntity<>(roleBean, httpHeaders), new ParameterizedTypeReference<List<RoleQueryResultVO>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.4
            }, new Object[0]).getBody();
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【根据是否禁用取得租户下的角色】失败, userToken={}, deployAreaEnum={}", str, deployAreaEnum), e);
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public List<OrgResultVO> getOrgAspect(OrgAspectVO orgAspectVO, String str, DeployAreaEnum deployAreaEnum) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str);
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        try {
            return (List) this.dapRetryRestTemplate.exchange(EnvUtils.getUri(CommonCode.IAM, deployAreaEnum) + UrlConstants.IAM_ORG_ASPECT, HttpMethod.POST, new HttpEntity<>(orgAspectVO, httpHeaders), new ParameterizedTypeReference<List<OrgResultVO>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.5
            }, new Object[0]).getBody();
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【取得组织树状结构】失败, userToken={}, deployAreaEnum={}", str, deployAreaEnum), e);
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public List<TenantApplication> getUserApplicationByTenant(String str, String str2) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str2);
        try {
            return (List) this.dapRetryRestTemplate.exchange(str + UrlConstants.IAM_USER_TENANT_APPLICATION + "?showConsoleManagement=true", HttpMethod.GET, new HttpEntity<>((MultiValueMap<String, String>) httpHeaders), new ParameterizedTypeReference<List<TenantApplication>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.6
            }, new Object[0]).getBody();
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【查询租户下的应用清单】失败, userToken={}, iamUrl={}", str2, str), e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public SysCascade getApp(RequestParameterVO requestParameterVO, String str, String str2) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str2);
        try {
            return (SysCascade) this.dapRetryRestTemplate.exchange(str + UrlConstants.IAM_GET_APP, HttpMethod.POST, new HttpEntity<>(requestParameterVO, httpHeaders), new ParameterizedTypeReference<SysCascade>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.7
            }, new Object[0]).getBody();
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【获取指定app的详细信息，包括应用、模组、行为和条件等信息】失败, userToken={}, iamUrl={}", str2, str), e);
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public Map<Long, String> getAction(TargetPolicy targetPolicy, String str, String str2) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str2);
        try {
            return (Map) Optional.ofNullable(this.dapRetryRestTemplate.exchange(str + UrlConstants.IAM_POLICY_ACTION_ACTUAL, HttpMethod.POST, new HttpEntity<>(targetPolicy, httpHeaders), new ParameterizedTypeReference<StdData<Map<Long, String>>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.8
            }, new Object[0]).getBody()).map((v0) -> {
                return v0.getData();
            }).orElseGet(Collections::emptyMap);
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【获取目标实际设定的权限，不是合并结果】失败, userToken={}, iamUrl={}", str2, str), e);
        }
    }

    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public Map<String, List<OrgRoleTreeNode>> getOrgCascadeInTenant(String str, String str2) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str2);
        try {
            return (Map) this.dapRetryRestTemplate.exchange(str + UrlConstants.IAM_ORG_CASCADE, HttpMethod.GET, new HttpEntity<>((MultiValueMap<String, String>) httpHeaders), new ParameterizedTypeReference<Map<String, List<OrgRoleTreeNode>>>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.9
            }, new Object[0]).getBody();
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【获取当前租户下全部组织和子组织】失败, userToken={}, iamUrl={}", str2, str), e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // com.digiwin.dap.middleware.iam.support.remote.RemoteIamService
    public TargetPolicy getPolicyActionCondition(TargetPolicy targetPolicy, String str, String str2) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(GlobalConstants.HTTP_HEADER_USER_TOKEN_KEY, str2);
        try {
            return (TargetPolicy) this.dapRetryRestTemplate.exchange(str + UrlConstants.IAM_POLICY_QUERY_ACTION_CONDITION, HttpMethod.POST, new HttpEntity<>(targetPolicy, httpHeaders), new ParameterizedTypeReference<TargetPolicy>() { // from class: com.digiwin.dap.middleware.iam.support.remote.impl.RemoteIamServiceImpl.10
            }, new Object[0]).getBody();
        } catch (Exception e) {
            throw new BusinessException(CharSequenceUtil.format("【查询目标行为状态】失败, userToken={}, iamUrl={}", str2, str), e);
        }
    }

    static {
        IamDeployAreaMapping.put(DeployAreaEnum.HuaweiTest, DeployAreaEnum.AliyunTest);
        IamDeployAreaMapping.put(DeployAreaEnum.HuaweiProd, DeployAreaEnum.AliyunProd);
    }
}
