package com.digiwin.dap.middleware.iam.service.login.impl;

import com.digiwin.dap.middleware.cache.RedisUtils;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.constant.IamConstants;
import com.digiwin.dap.middleware.iam.constant.RedisConstants;
import com.digiwin.dap.middleware.iam.domain.EnvProperties;
import com.digiwin.dap.middleware.iam.domain.login.ImageCode;
import com.digiwin.dap.middleware.iam.domain.login.LoginFailureInfo;
import com.digiwin.dap.middleware.iam.entity.Tenant;
import com.digiwin.dap.middleware.iam.service.WhiteListService;
import com.digiwin.dap.middleware.iam.service.login.LoginFailureHandlingService;
import com.digiwin.dap.middleware.iam.service.tenantmetadata.TenantMetadataCrudService;
import com.digiwin.dap.middleware.util.UserUtils;
import java.time.Duration;
import java.time.LocalDateTime;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:com/digiwin/dap/middleware/iam/service/login/impl/LoginFailureHandlingServiceImpl.class */
public class LoginFailureHandlingServiceImpl implements LoginFailureHandlingService {
    private static final Logger logger = LoggerFactory.getLogger(LoginFailureHandlingServiceImpl.class);

    @Autowired
    private EnvProperties envProperties;

    @Autowired
    private TenantMetadataCrudService tenantMetadataCrudService;

    @Autowired
    private WhiteListService whiteListService;

    @Override // com.digiwin.dap.middleware.iam.service.login.LoginFailureHandlingService
    public void frozen(String str, Integer num, String str2) {
        if (IamConstants.INTEGRATION.equalsIgnoreCase(str)) {
            throw new BusinessException(I18nError.ERROR_LOGIN_21001);
        }
        String str3 = RedisConstants.IAM_FAILURE_LOGIN + str.toLowerCase();
        Duration ofSeconds = Duration.ofSeconds(300L);
        LoginFailureInfo loginFailureInfo = (LoginFailureInfo) RedisUtils.get(str3, LoginFailureInfo.class);
        if (loginFailureInfo == null) {
            loginFailureInfo = new LoginFailureInfo();
            loginFailureInfo.setCount(1);
            RedisUtils.set(str3, loginFailureInfo, ofSeconds);
        } else {
            loginFailureInfo.setCount(loginFailureInfo.getCount() + 1);
            if (loginFailureInfo.getCount() >= 10) {
                loginFailureInfo.setFrozen(true);
                loginFailureInfo.setFrozenTime(LocalDateTime.now());
                RedisUtils.set(str3, loginFailureInfo, ofSeconds);
                logger.error("用户[{}]已经被冻结，请{}分钟后重新登录", str, 5);
                throw new BusinessException(I18nError.ERROR_21003, new Integer[]{5});
            }
            RedisUtils.set(str3, loginFailureInfo, Duration.ofSeconds(RedisUtils.getExpire(str3).longValue()));
        }
        logger.error("用户[{}]账户或密码错误，您还能尝试{}次", str, Integer.valueOf(10 - loginFailureInfo.getCount()));
        if (0 != num.intValue()) {
            throw new BusinessException(I18nError.ERROR_21017, new Integer[]{Integer.valueOf(10 - loginFailureInfo.getCount())});
        }
        if (!"cn".equalsIgnoreCase(this.envProperties.getCountry())) {
            throw new BusinessException(I18nError.ERROR_21017, new Integer[]{Integer.valueOf(10 - loginFailureInfo.getCount())});
        }
        throw new BusinessException(I18nError.ERROR_21002, new Integer[]{Integer.valueOf(10 - loginFailureInfo.getCount())});
    }

    @Override // com.digiwin.dap.middleware.iam.service.login.LoginFailureHandlingService
    public void checkFrozen(String str, String str2, String str3) {
        LoginFailureInfo loginFailureInfo = (LoginFailureInfo) RedisUtils.get(RedisConstants.IAM_FAILURE_LOGIN + str.toLowerCase(), LoginFailureInfo.class);
        if (loginFailureInfo != null) {
            if (loginFailureInfo.isFrozen()) {
                long minutes = Duration.between(loginFailureInfo.getFrozenTime(), LocalDateTime.now()).toMinutes();
                if (minutes < 5) {
                    logger.error("用户[{}]已经被冻结，请{}分钟后重新登录", str, Long.valueOf(5 - minutes));
                    throw new BusinessException(I18nError.ERROR_21003, new Long[]{Long.valueOf(5 - minutes)});
                }
                return;
            }
            if (!this.whiteListService.getWhiteList(IamConstants.WHITE_LIST_LOGIN_IMAGE_CHECK_APP).contains(UserUtils.getSysId()) || loginFailureInfo.getCount() < 5) {
                return;
            }
            if (ObjectUtils.isEmpty(str2) || ObjectUtils.isEmpty(str3)) {
                throw new BusinessException(I18nError.ERROR_21032);
            }
            ImageCode imageCode = (ImageCode) RedisUtils.get(String.format(RedisConstants.IAM_FAILURE_LOGIN_VERIFY_IMAGE, UserUtils.getSysId(), str, str2).toLowerCase(), ImageCode.class);
            if (null == imageCode) {
                throw new BusinessException(I18nError.ERROR_21033);
            }
            if (!str3.equalsIgnoreCase(imageCode.getCode())) {
                throw new BusinessException(I18nError.ERROR_21034);
            }
        }
    }

    @Override // com.digiwin.dap.middleware.iam.service.login.LoginFailureHandlingService
    public void unfreeze(String str) {
        RedisUtils.delete(RedisConstants.IAM_FAILURE_LOGIN + str.toLowerCase());
    }

    @Override // com.digiwin.dap.middleware.iam.service.login.LoginFailureHandlingService
    public void freezeInner(String str, Tenant tenant) {
        String str2 = RedisConstants.IAM_FAILURE_LOGIN + str.toLowerCase();
        int attempts = getAttempts(tenant);
        LoginFailureInfo loginFailureInfo = (LoginFailureInfo) RedisUtils.get(str2, LoginFailureInfo.class);
        if (loginFailureInfo == null) {
            loginFailureInfo = new LoginFailureInfo();
            loginFailureInfo.setCount(1);
            RedisUtils.set(str2, loginFailureInfo);
        } else {
            loginFailureInfo.setCount(loginFailureInfo.getCount() + 1);
            if (loginFailureInfo.getCount() >= attempts) {
                loginFailureInfo.setFrozen(true);
                loginFailureInfo.setFrozenTime(LocalDateTime.now());
                RedisUtils.set(str2, loginFailureInfo);
                logger.error("企业用户[{}]已经被冻结", str);
                throw new BusinessException(I18nError.ERROR_FROZEN);
            }
            RedisUtils.set(str2, loginFailureInfo);
        }
        logger.error("用户[{}]账户或密码错误，您还能尝试{}次", str, Integer.valueOf(attempts - loginFailureInfo.getCount()));
        throw new BusinessException(I18nError.ERROR_21017, new Integer[]{Integer.valueOf(attempts - loginFailureInfo.getCount())});
    }

    private int getAttempts(Tenant tenant) {
        int i = 10;
        String tenantMetadataValue = this.tenantMetadataCrudService.getTenantMetadataValue(tenant.getSid(), "basic", IamConstants.PASSWORDATTEMPTS_KEY);
        if (StringUtils.hasLength(tenantMetadataValue)) {
            try {
                i = Integer.parseInt(tenantMetadataValue);
            } catch (Exception e) {
                logger.error("parse password attempts error", e);
            }
        }
        return i;
    }

    @Override // com.digiwin.dap.middleware.iam.service.login.LoginFailureHandlingService
    public void checkFrozenInner(String str, String str2, String str3) {
        LoginFailureInfo loginFailureInfo = (LoginFailureInfo) RedisUtils.get(RedisConstants.IAM_FAILURE_LOGIN + str.toLowerCase(), LoginFailureInfo.class);
        if (loginFailureInfo != null) {
            if (loginFailureInfo.isFrozen()) {
                logger.error("企业用户[{}]已经被冻结", str);
                throw new BusinessException(I18nError.ERROR_FROZEN);
            }
            if (!this.whiteListService.getWhiteList(IamConstants.WHITE_LIST_LOGIN_IMAGE_CHECK_APP).contains(UserUtils.getSysId()) || loginFailureInfo.getCount() < 5) {
                return;
            }
            if (ObjectUtils.isEmpty(str2) || ObjectUtils.isEmpty(str3)) {
                throw new BusinessException(I18nError.ERROR_21032);
            }
            ImageCode imageCode = (ImageCode) RedisUtils.get(String.format(RedisConstants.IAM_FAILURE_LOGIN_VERIFY_IMAGE, UserUtils.getSysId(), str, str2).toLowerCase(), ImageCode.class);
            if (null == imageCode) {
                throw new BusinessException(I18nError.ERROR_21033);
            }
            if (!str3.equalsIgnoreCase(imageCode.getCode())) {
                throw new BusinessException(I18nError.ERROR_21034);
            }
        }
    }
}
