package com.centit.framework.system.service.impl;

import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONObject;
import com.centit.framework.model.basedata.UnitInfo;
import com.centit.framework.model.basedata.UserInfo;
import com.centit.framework.model.basedata.UserRole;
import com.centit.framework.model.basedata.UserRoleId;
import com.centit.framework.model.basedata.UserSyncDirectory;
import com.centit.framework.model.basedata.UserUnit;
import com.centit.framework.model.security.CentitPasswordEncoder;
import com.centit.framework.system.dao.UnitInfoDao;
import com.centit.framework.system.dao.UserInfoDao;
import com.centit.framework.system.dao.UserRoleDao;
import com.centit.framework.system.dao.UserUnitDao;
import com.centit.framework.system.service.UserDirectory;
import com.centit.support.algorithm.CollectionsOpt;
import com.centit.support.algorithm.DatetimeOpt;
import com.centit.support.algorithm.ReflectionOpt;
import com.centit.support.algorithm.StringBaseOpt;
import com.centit.support.algorithm.UuidOpt;
import com.centit.support.compiler.Pretreatment;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.InitialLdapContext;
import javax.validation.constraints.NotNull;
import oracle.jdbc.OracleConnection;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.elasticsearch.search.aggregations.pipeline.SimpleModel;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.CollectionUtils;

@Service("activeDirectoryUserDirectory")
/* loaded from: input_file:WEB-INF/lib/framework-system-module-5.5-SNAPSHOT.jar:com/centit/framework/system/service/impl/ActiveDirectoryUserDirectoryImpl.class */
public class ActiveDirectoryUserDirectoryImpl implements UserDirectory {
    private static Logger logger = LoggerFactory.getLogger((Class<?>) ActiveDirectoryUserDirectoryImpl.class);

    @Autowired
    @NotNull
    private UserUnitDao userUnitDao;

    @Autowired
    @NotNull
    private UnitInfoDao unitInfoDao;

    @Autowired
    @NotNull
    private UserRoleDao userRoleDao;

    @Autowired
    @Qualifier("userInfoDao")
    private UserInfoDao userInfoDao;

    @Autowired
    @NotNull
    private CentitPasswordEncoder passwordEncoder;

    @Value("${framework.password.default.generator:}")
    protected String defaultPasswordFormat;

    public static String getAttributeString(Attribute attribute) {
        if (attribute == null) {
            return null;
        }
        try {
            return StringBaseOpt.objectToString(attribute.get());
        } catch (NamingException e) {
            logger.error(e.getMessage(), e);
            return null;
        }
    }

    public static Map<String, String> fetchAttributeMap(Attributes attributes, Map<String, Object> map) {
        HashMap hashMap = new HashMap(map.size() + 1);
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            hashMap.put(entry.getKey(), getAttributeString(attributes.get(StringBaseOpt.castObjectToString(entry.getValue()))));
        }
        return hashMap;
    }

    @Override // com.centit.framework.system.service.UserDirectory
    @Transactional(rollbackFor = {Exception.class})
    public int synchroniseUserDirectory(UserSyncDirectory userSyncDirectory) {
        if (StringUtils.isBlank(userSyncDirectory.getUrl())) {
            return -2;
        }
        JSONObject parseObject = JSON.parseObject(userSyncDirectory.getSearchBase());
        String castObjectToString = StringBaseOpt.castObjectToString(parseObject.getString("unitSearchBase"), "CN=Users,DC=com");
        String castObjectToString2 = StringBaseOpt.castObjectToString(parseObject.getString("unitSearchFilter"), "(objectCategory=group)");
        String castObjectToString3 = StringBaseOpt.castObjectToString(parseObject.getString("userSearchBase"), "CN=Users,DC=com");
        String castObjectToString4 = StringBaseOpt.castObjectToString(parseObject.getString("userSearchFilter"), "(&(objectCategory=person)(objectClass=user))");
        Map<String, Object> objectToMap = CollectionsOpt.objectToMap(parseObject.get("userFieldMap"));
        String[] strArr = new String[objectToMap.size()];
        int i = 0;
        Iterator<Object> it = objectToMap.values().iterator();
        while (it.hasNext()) {
            int i2 = i;
            i++;
            strArr[i2] = StringBaseOpt.castObjectToString(it.next());
        }
        Map<String, Object> objectToMap2 = CollectionsOpt.objectToMap(parseObject.get("unitFieldMap"));
        String[] strArr2 = new String[objectToMap2.size()];
        int i3 = 0;
        Iterator<Object> it2 = objectToMap2.values().iterator();
        while (it2.hasNext()) {
            int i4 = i3;
            i3++;
            strArr2[i4] = StringBaseOpt.castObjectToString(it2.next());
        }
        String castObjectToString5 = StringBaseOpt.castObjectToString(parseObject.getString("userUnitField"), "memberOf");
        String string = parseObject.getString("userURIFormat");
        if (StringUtils.isBlank(string)) {
            string = "{loginName}";
        }
        String mapTemplateString = Pretreatment.mapTemplateString(string, CollectionsOpt.createHashMap("loginName", userSyncDirectory.getUser(), "topUnit", userSyncDirectory.getTopUnit()));
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put(OracleConnection.CONNECTION_PROPERTY_THIN_NAMING_SECURITY_AUTHENTICATION, SimpleModel.NAME);
        properties.put("java.naming.security.principal", mapTemplateString);
        properties.put("java.naming.security.credentials", userSyncDirectory.getClearPassword());
        properties.put("java.naming.provider.url", userSyncDirectory.getUrl());
        Date currentUtilDate = DatetimeOpt.currentUtilDate();
        try {
            InitialLdapContext initialLdapContext = new InitialLdapContext(properties, (Control[]) null);
            SearchControls searchControls = new SearchControls();
            searchControls.setSearchScope(2);
            HashMap hashMap = new HashMap();
            searchControls.setReturningAttributes(strArr2);
            NamingEnumeration search = initialLdapContext.search(castObjectToString, castObjectToString2, searchControls);
            while (search.hasMoreElements()) {
                Map<String, String> fetchAttributeMap = fetchAttributeMap(((SearchResult) search.next()).getAttributes(), objectToMap2);
                if (!StringUtils.isBlank(fetchAttributeMap.get("unitName")) && !StringUtils.isBlank(fetchAttributeMap.get("unitTag"))) {
                    UnitInfo unitByTag = this.unitInfoDao.getUnitByTag(fetchAttributeMap.get("unitTag"));
                    if (unitByTag == null) {
                        unitByTag = new UnitInfo();
                        unitByTag.setIsValid("T");
                        unitByTag.setUnitType("A");
                        for (Map.Entry<String, String> entry : fetchAttributeMap.entrySet()) {
                            ReflectionOpt.setFieldValue(unitByTag, entry.getKey(), entry.getValue(), String.class);
                        }
                        unitByTag.setTopUnit(userSyncDirectory.getTopUnit());
                        this.unitInfoDao.saveNewObject(unitByTag);
                        unitByTag.setUnitPath("/" + unitByTag.getUnitCode());
                        this.unitInfoDao.updateUnit(unitByTag);
                    } else if (StringUtils.isNotBlank(fetchAttributeMap.get("unitName")) && !StringUtils.equals(unitByTag.getUnitName(), fetchAttributeMap.get("unitName"))) {
                        for (Map.Entry<String, String> entry2 : fetchAttributeMap.entrySet()) {
                            ReflectionOpt.setFieldValue(unitByTag, entry2.getKey(), entry2.getValue(), String.class);
                        }
                        this.unitInfoDao.updateUnit(unitByTag);
                    }
                    hashMap.put(fetchAttributeMap.get("unitTag"), unitByTag);
                }
            }
            searchControls.setReturningAttributes(strArr);
            NamingEnumeration search2 = initialLdapContext.search(castObjectToString3, castObjectToString4, searchControls);
            while (search2.hasMoreElements()) {
                Attributes attributes = ((SearchResult) search2.next()).getAttributes();
                Map<String, String> fetchAttributeMap2 = fetchAttributeMap(attributes, objectToMap);
                if (!StringUtils.isBlank(fetchAttributeMap2.get("userName")) && !StringUtils.isBlank(fetchAttributeMap2.get("loginName"))) {
                    boolean z = false;
                    UserInfo userByLoginName = this.userInfoDao.getUserByLoginName(fetchAttributeMap2.get("loginName"));
                    if (userByLoginName == null) {
                        userByLoginName = new UserInfo();
                        userByLoginName.setIsValid("T");
                        userByLoginName.setLoginName(fetchAttributeMap2.get("loginName"));
                        userByLoginName.setCreateDate(currentUtilDate);
                        userByLoginName.setUserPin(getDefaultPassword());
                        z = true;
                    }
                    for (Map.Entry<String, String> entry3 : fetchAttributeMap2.entrySet()) {
                        String key = entry3.getKey();
                        if (!"loginName".equals(key)) {
                            if ("regEmail".equals(key)) {
                                String value = entry3.getValue();
                                if (StringUtils.isNotBlank(value) && value.length() < 60 && !value.equals(userByLoginName.getRegEmail()) && this.userInfoDao.getUserByRegEmail(value) == null) {
                                    userByLoginName.setRegEmail(value);
                                }
                            } else if ("regCellPhone".equals(key)) {
                                String value2 = entry3.getValue();
                                if (StringUtils.isNotBlank(value2) && value2.length() <= 15 && !value2.equals(userByLoginName.getRegCellPhone()) && this.userInfoDao.getUserByRegCellPhone(value2) == null) {
                                    userByLoginName.setRegCellPhone(value2);
                                }
                            } else {
                                ReflectionOpt.setFieldValue(userByLoginName, key, entry3.getValue(), String.class);
                            }
                        }
                    }
                    userByLoginName.setUpdateDate(currentUtilDate);
                    if (z) {
                        this.userInfoDao.saveNewObject(userByLoginName);
                    } else {
                        this.userInfoDao.updateUser(userByLoginName);
                    }
                    if ("T".equals(userByLoginName.getIsValid())) {
                        if (z && StringUtils.isNoneBlank(userSyncDirectory.getDefaultUserRole())) {
                            UserRole userRole = new UserRole(new UserRoleId(userByLoginName.getUserCode(), userSyncDirectory.getDefaultUserRole()));
                            userRole.setObtainDate(currentUtilDate);
                            userRole.setCreateDate(currentUtilDate);
                            userRole.setChangeDesc("LDAP同步时默认设置。");
                            this.userRoleDao.mergeUserRole(userRole);
                        }
                        Attribute attribute = attributes.get(castObjectToString5);
                        if (attribute != null) {
                            NamingEnumeration all = attribute.getAll();
                            while (all.hasMoreElements()) {
                                UnitInfo unitInfo = (UnitInfo) hashMap.get(StringBaseOpt.objectToString(all.next()));
                                if (unitInfo != null && "T".equals(unitInfo.getIsValid())) {
                                    if (StringUtils.isNotBlank(unitInfo.getUnitCode()) && StringUtils.isBlank(userByLoginName.getPrimaryUnit())) {
                                        userByLoginName.setPrimaryUnit(unitInfo.getUnitCode());
                                        this.userInfoDao.updateUser(userByLoginName);
                                        UnitInfo objectById = this.unitInfoDao.getObjectById(userByLoginName.getPrimaryUnit());
                                        if (null != objectById && StringUtils.isNotBlank(objectById.getTopUnit())) {
                                            userByLoginName.setTopUnit(objectById.getTopUnit());
                                        }
                                        if (null != objectById && StringUtils.isBlank(userByLoginName.getTopUnit()) && StringUtils.isNotBlank(objectById.getUnitPath())) {
                                            String[] split = objectById.getUnitPath().split("/");
                                            if (ArrayUtils.isNotEmpty(split) && split.length > 1) {
                                                userByLoginName.setTopUnit(split[1]);
                                            }
                                        }
                                        this.userInfoDao.updateUser(userByLoginName);
                                    }
                                    if (CollectionUtils.isEmpty(this.userUnitDao.listObjectByUserUnit(userByLoginName.getUserCode(), unitInfo.getUnitCode()))) {
                                        UserUnit userUnit = new UserUnit();
                                        userUnit.setUserUnitId(UuidOpt.getUuidAsString());
                                        userUnit.setUnitCode(unitInfo.getUnitCode());
                                        userUnit.setUserCode(userByLoginName.getUserCode());
                                        userUnit.setCreateDate(currentUtilDate);
                                        if (unitInfo.getUnitCode().equals(userByLoginName.getPrimaryUnit())) {
                                            userUnit.setRelType("T");
                                        } else {
                                            userUnit.setRelType("F");
                                        }
                                        userUnit.setUserRank(userSyncDirectory.getDefaultRank());
                                        userUnit.setUserStation(userSyncDirectory.getDefaultStation());
                                        this.userUnitDao.saveNewObject(userUnit);
                                    }
                                }
                            }
                        }
                    }
                }
            }
            initialLdapContext.close();
            return 0;
        } catch (NamingException e) {
            logger.error(e.getMessage(), e);
            return -1;
        }
    }

    private String getDefaultPassword() {
        return this.passwordEncoder.createPassword(UuidOpt.randomString(12), "salt");
    }
}
