package com.digiwin.service.permission.auth;

import com.digiwin.service.permission.auth.param.DeductAuthorizationCountParam;
import com.digiwin.service.permission.auth.param.SubscriptionApiPermissionParam;
import com.digiwin.service.permission.auth.param.TenantPermissionParam;
import com.digiwin.service.permission.auth.param.UserPermissionParam;
import com.digiwin.service.permission.consts.ConstDef;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.Objects;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.util.EntityUtils;
import org.json.JSONObject;

/* loaded from: input_file:com/digiwin/service/permission/auth/DWIAMAuthorizationVerifier.class */
public class DWIAMAuthorizationVerifier implements DWAuthorizationVerifier {
    private static Log log = LogFactory.getLog(DWIAMAuthorizationVerifier.class);
    static final String API_TOKEN_ANALYZE = "/api/iam/v2/identity/token/analyze";
    static final String USER_ACCESS_ANALYZE = "/api/ram/v2/access/srv/user/analyze";
    static final String TENANT_ACCESS_ANALYZE = "/api/ram/v2/access/srv/tenant/analyze";
    static final String SUBSCRIPTION_ACCESS_ANALYZE = "/api/ram/v2/access/api/analyze";
    static final String DEDUCT_AUTHORIZATION_COUNT = "/api/cac/v3/counting/decrease";
    static final String KEY_IAM_USER_ID = "id";
    static final String KEY_IAM_USER_NAME = "name";
    static final String KEY_IAM_USER_SID = "sid";

    @Override // com.digiwin.service.permission.auth.DWAuthorizationVerifier
    public Map<String, Object> verifyUserToken(String str, String str2, String str3) throws Exception {
        HttpPost httpPost = new HttpPost(processHostUrl(str) + API_TOKEN_ANALYZE);
        httpPost.addHeader("digi-middleware-auth-user", str2);
        httpPost.addHeader("digi-middleware-auth-app", str3);
        return parseResponse(HttpClientBuilder.create().build().execute(httpPost));
    }

    @Override // com.digiwin.service.permission.auth.DWAuthorizationVerifier
    public Map<String, Object> verifyUserServicePermission(String str, UserPermissionParam userPermissionParam) throws Exception {
        return parseAccessResponse(HttpClientBuilder.create().build().execute(buildPost(processHostUrl(str) + USER_ACCESS_ANALYZE, null, userPermissionParam)));
    }

    @Override // com.digiwin.service.permission.auth.DWAuthorizationVerifier
    public Map<String, Object> verifyTenantServicePermission(String str, TenantPermissionParam tenantPermissionParam) throws Exception {
        return parseAccessResponse(HttpClientBuilder.create().build().execute(buildPost(processHostUrl(str) + TENANT_ACCESS_ANALYZE, null, tenantPermissionParam)));
    }

    @Override // com.digiwin.service.permission.auth.DWAuthorizationVerifier
    public Map<String, Object> verifySubscriptionApiPermission(String str, Map<String, String> map, SubscriptionApiPermissionParam subscriptionApiPermissionParam) throws Exception {
        return parseAccessResponse(HttpClientBuilder.create().build().execute(buildPost(processHostUrl(str) + SUBSCRIPTION_ACCESS_ANALYZE, map, subscriptionApiPermissionParam)));
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v38, types: [java.util.Map] */
    @Override // com.digiwin.service.permission.auth.DWAuthorizationVerifier
    public Map<String, Object> deductAuthorizationCount(String str, String str2, DeductAuthorizationCountParam deductAuthorizationCountParam) throws Exception {
        HashMap hashMap;
        String str3 = processHostUrl(str) + DEDUCT_AUTHORIZATION_COUNT;
        HashMap hashMap2 = new HashMap();
        hashMap2.put("digi-middleware-auth-app", str2);
        hashMap2.put(ConstDef.HTTP_HEADER_DEV_AUTH_SECRET_KEY, deductAuthorizationCountParam.getAuthSecretKey());
        new LinkedHashMap().put("decreaseCount", Integer.valueOf(deductAuthorizationCountParam.getDecreaseCount()));
        HttpPost buildPost = buildPost(str3, hashMap2, deductAuthorizationCountParam);
        CloseableHttpClient build = HttpClientBuilder.create().build();
        log.info("Call CAC deduct API: " + deductAuthorizationCountParam);
        CloseableHttpResponse execute = build.execute(buildPost);
        int statusCode = execute.getStatusLine().getStatusCode();
        String entityUtils = EntityUtils.toString(execute.getEntity());
        if (statusCode != 200) {
            log.error(String.format("CAC deduct API response failed! status: %s, response body: %s", Integer.valueOf(statusCode), entityUtils));
            hashMap = new HashMap();
            hashMap.put("success", false);
            hashMap.put("return-status", Integer.valueOf(statusCode));
            hashMap.put("failed-result", entityUtils);
        } else {
            try {
                hashMap = new JSONObject(entityUtils).toMap();
                if (hashMap.containsKey("success") && !Boolean.TRUE.equals(hashMap.get("success"))) {
                    log.error(String.format("CAC deduct API result failed! return body: %s", entityUtils));
                }
            } catch (Exception e) {
                log.error("CAC deduct API result deserialization exception!", e);
                hashMap = new HashMap();
                hashMap.put("success", "unknown");
                hashMap.put("return-status", Integer.valueOf(statusCode));
                hashMap.put("result", "can't deserialize to map");
                hashMap.put("original-result", entityUtils);
            }
        }
        return hashMap;
    }

    private String processHostUrl(String str) {
        if (str.endsWith("/")) {
            str = str.substring(0, str.length() - 1);
        }
        return str;
    }

    private HttpPost buildPost(String str, Map<String, String> map, Object obj) throws Exception {
        HttpPost httpPost = new HttpPost(str);
        httpPost.addHeader("Content-type", "application/json; charset=utf-8");
        httpPost.addHeader("Accept", "application/json");
        if (Objects.nonNull(map)) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                httpPost.addHeader(entry.getKey(), entry.getValue());
            }
        }
        httpPost.setEntity(new StringEntity(new JSONObject(obj).toString(), "utf-8"));
        return httpPost;
    }

    private Map<String, Object> parseResponse(HttpResponse httpResponse) throws Exception {
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        String entityUtils = EntityUtils.toString(httpResponse.getEntity());
        if (200 != statusCode) {
            throw new RuntimeException(entityUtils);
        }
        JSONObject jSONObject = new JSONObject(entityUtils);
        String str = null;
        if (jSONObject.has(ConstDef.ProfileKeyDef.SYS_ID)) {
            str = jSONObject.getString(ConstDef.ProfileKeyDef.SYS_ID);
        }
        Long l = null;
        if (jSONObject.has(ConstDef.ProfileKeyDef.SYS_SID)) {
            l = Long.valueOf(jSONObject.getLong(ConstDef.ProfileKeyDef.SYS_SID));
        }
        String str2 = null;
        if (jSONObject.has("tenantId")) {
            str2 = jSONObject.getString("tenantId");
        }
        String str3 = null;
        if (jSONObject.has(ConstDef.ProfileKeyDef.TENANT_NAME)) {
            str3 = jSONObject.getString(ConstDef.ProfileKeyDef.TENANT_NAME);
        }
        Long l2 = null;
        if (jSONObject.has(ConstDef.ProfileKeyDef.TENANT_SID)) {
            l2 = Long.valueOf(jSONObject.getLong(ConstDef.ProfileKeyDef.TENANT_SID));
        }
        String str4 = null;
        if (jSONObject.has(ConstDef.ProfileKeyDef.USER_ID)) {
            str4 = jSONObject.getString(ConstDef.ProfileKeyDef.USER_ID);
        } else if (jSONObject.has("id")) {
            str4 = jSONObject.getString("id");
        }
        String str5 = null;
        if (jSONObject.has(ConstDef.ProfileKeyDef.USER_NAME)) {
            str5 = jSONObject.getString(ConstDef.ProfileKeyDef.USER_NAME);
        } else if (jSONObject.has("name")) {
            str5 = jSONObject.getString("name");
        }
        Long l3 = null;
        if (jSONObject.has(ConstDef.ProfileKeyDef.USER_SID)) {
            l3 = Long.valueOf(jSONObject.getLong(ConstDef.ProfileKeyDef.USER_SID));
        } else if (jSONObject.has(KEY_IAM_USER_SID)) {
            l3 = Long.valueOf(jSONObject.getLong(KEY_IAM_USER_SID));
        }
        HashMap hashMap = new HashMap();
        if (Objects.nonNull(str)) {
            hashMap.put(ConstDef.ProfileKeyDef.SYS_ID, str);
        }
        if (Objects.nonNull(l)) {
            hashMap.put(ConstDef.ProfileKeyDef.SYS_SID, l);
        }
        if (Objects.nonNull(str2)) {
            hashMap.put("tenantId", str2);
        }
        if (Objects.nonNull(str3)) {
            hashMap.put(ConstDef.ProfileKeyDef.TENANT_NAME, str3);
        }
        if (Objects.nonNull(l2)) {
            hashMap.put(ConstDef.ProfileKeyDef.TENANT_SID, l2);
        }
        if (Objects.nonNull(str4)) {
            hashMap.put(ConstDef.ProfileKeyDef.USER_ID, str4);
        }
        if (Objects.nonNull(str5)) {
            hashMap.put(ConstDef.ProfileKeyDef.USER_NAME, str5);
        }
        if (Objects.nonNull(l3)) {
            hashMap.put(ConstDef.ProfileKeyDef.USER_SID, l3);
        }
        return hashMap;
    }

    private Map<String, Object> parseAccessResponse(HttpResponse httpResponse) throws Exception {
        int statusCode = httpResponse.getStatusLine().getStatusCode();
        String entityUtils = EntityUtils.toString(httpResponse.getEntity());
        if (200 != statusCode) {
            throw new RuntimeException(entityUtils);
        }
        return new JSONObject(entityUtils).toMap();
    }
}
