package com.digiwin.dap.middleware.iam.service.login.impl;

import com.digiwin.dap.middle.kms.constants.KeyConstant;
import com.digiwin.dap.middleware.commons.crypto.PwdUtils;
import com.digiwin.dap.middleware.commons.crypto.RSA;
import com.digiwin.dap.middleware.exception.BusinessException;
import com.digiwin.dap.middleware.iam.constant.I18nError;
import com.digiwin.dap.middleware.iam.domain.login.IdentityType;
import com.digiwin.dap.middleware.iam.domain.login.LoginSource;
import com.digiwin.dap.middleware.iam.domain.login.LoginUser;
import com.digiwin.dap.middleware.iam.entity.CardInfo;
import com.digiwin.dap.middleware.iam.entity.Tenant;
import com.digiwin.dap.middleware.iam.entity.User;
import com.digiwin.dap.middleware.iam.entity.UserInTenant;
import com.digiwin.dap.middleware.iam.service.card.CardInfoCrudService;
import com.digiwin.dap.middleware.iam.service.login.IdentityService;
import com.digiwin.dap.middleware.iam.service.user.UserCrudService;
import com.digiwin.dap.middleware.iam.service.user.UserInTenantCrudService;
import com.digiwin.dap.middleware.iam.support.auth.domain.IamAuthoredUser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;

@Order(6)
@Service("cardKeyIdentityService")
/* loaded from: input_file:com/digiwin/dap/middleware/iam/service/login/impl/CardKeyIdentityServiceImpl.class */
public class CardKeyIdentityServiceImpl extends IdentityServiceBase implements IdentityService {
    private static final Logger logger = LoggerFactory.getLogger(CardKeyIdentityServiceImpl.class);

    @Autowired
    private UserCrudService userCrudService;

    @Autowired
    private CardInfoCrudService cardInfoCrudService;

    @Autowired
    private UserInTenantCrudService userInTenantCrudService;

    @Override // com.digiwin.dap.middleware.iam.service.login.IdentityService
    public IamAuthoredUser login(LoginUser loginUser) {
        if (StringUtils.isEmpty(loginUser.getServiceName())) {
            loginUser.setServiceName("rfid");
        }
        String secretKey = loginUser.getSecretKey();
        if (!"rfid".equals(loginUser.getServiceName()) || StringUtils.hasText(loginUser.getClientEncryptPublicKey())) {
            try {
                secretKey = PwdUtils.decryptPwd(loginUser.getSecretKey(), RSA.decrypt(loginUser.getClientEncryptPublicKey(), KeyConstant.BASE64_PRIVATE_KEY));
            } catch (Exception e) {
                throw new BusinessException(I18nError.PARAM_ERROR);
            }
        }
        CardInfo findByIdAndType = this.cardInfoCrudService.findByIdAndType(secretKey, loginUser.getServiceName());
        if (findByIdAndType == null) {
            throw new BusinessException(I18nError.IAM_NO_CARD, new Object[]{secretKey});
        }
        UserInTenant userInTenant = (UserInTenant) this.userInTenantCrudService.findBySid(findByIdAndType.getUserTenantSid());
        if (userInTenant == null) {
            throw new BusinessException(I18nError.IAM_CARD_NOT_BIND, new Object[]{findByIdAndType.getType(), findByIdAndType.getId()});
        }
        Tenant tenant = (Tenant) this.tenantCrudService.findBySid(userInTenant.getTenantSid());
        if (tenant == null) {
            throw new BusinessException(I18nError.CARD_BIND_RECORD_NOT_EXIST, new Object[]{findByIdAndType.getType(), findByIdAndType.getId(), Long.valueOf(userInTenant.getTenantSid())});
        }
        User user = (User) this.userCrudService.findBySid(userInTenant.getUserSid());
        if (user == null) {
            throw new BusinessException(I18nError.CARD_BIND_RECORD_NOT_EXIST, new Object[]{findByIdAndType.getType(), findByIdAndType.getId(), Long.valueOf(userInTenant.getUserSid())});
        }
        loginUser.setTenant(tenant);
        loginUser.setUser(user);
        loginUser.setLoginSource(LoginSource.loginCardKey);
        return this.authoredUserService.generate(loginUser, true, false);
    }

    @Override // com.digiwin.dap.middleware.iam.service.login.IdentityService
    public boolean support(LoginUser loginUser) {
        return loginUser.getIdentityType() == IdentityType.cardKey;
    }
}
