package com.centit.framework.jtt.controller;

import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONObject;
import com.alibaba.fastjson2.JSONWriter;
import com.centit.framework.common.ResponseData;
import com.centit.framework.common.WebOptUtils;
import com.centit.framework.core.controller.BaseController;
import com.centit.framework.core.controller.WrapUpResponseBody;
import com.centit.framework.jtt.config.JsmotConstant;
import com.centit.framework.jtt.config.JsmotSyncConfig;
import com.centit.framework.jtt.config.UniteConfig;
import com.centit.framework.jtt.service.JttAccessTokenService;
import com.centit.framework.model.adapter.PlatformEnvironment;
import com.centit.framework.model.basedata.UserInfo;
import com.centit.framework.model.security.CentitPasswordEncoder;
import com.centit.framework.model.security.CentitUserDetails;
import com.centit.framework.security.SecurityContextUtils;
import com.centit.framework.system.service.SysUserManager;
import com.centit.support.algorithm.BooleanBaseOpt;
import com.centit.support.network.HttpExecutor;
import com.centit.support.network.HttpExecutorContext;
import com.newland.bi3.security.SM4Utils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.client.protocol.HttpClientContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"/jtt"})
@Api(value = "第三方平台登录相关接口", tags = {"第三方平台登录相关接口"})
@Controller
/* loaded from: input_file:com/centit/framework/jtt/controller/JttLogin.class */
public class JttLogin extends BaseController {

    @Autowired
    private PlatformEnvironment platformEnvironment;

    @Autowired
    private JttAccessTokenService jttAccessTokenService;

    @Autowired
    private UniteConfig uniteConfig;

    @Autowired
    private CentitPasswordEncoder passwordEncoder;

    @Autowired
    private SysUserManager sysUserManager;

    @Autowired
    private JsmotSyncConfig jsmotSyncConfig;

    @Autowired(required = false)
    private RedisTemplate<String, JSONObject> redisTemplate;

    @GetMapping({"/waterlogin"})
    @ApiOperation(value = "水务集团单点登陆", notes = "水务集团单点登陆")
    public String waterLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        CentitUserDetails currentUserDetails = WebOptUtils.getCurrentUserDetails(httpServletRequest);
        String parameter = httpServletRequest.getParameter("returnUrl");
        if (null == currentUserDetails) {
            String header = httpServletRequest.getHeader("oam_remote_user");
            if (null == header) {
                header = httpServletRequest.getParameter("testUserCode");
            }
            String str = "";
            CentitUserDetails loadUserDetailsByLoginName = this.platformEnvironment.loadUserDetailsByLoginName(header);
            if (null != loadUserDetailsByLoginName) {
                SecurityContextHolder.getContext().setAuthentication(loadUserDetailsByLoginName);
            } else {
                str = "登录名" + header + "不存在！";
            }
            if (StringUtils.isNotBlank(str)) {
                String str2 = "redirect:redirecterror";
                try {
                    str2 = str2 + "?msg=" + URLEncoder.encode(str, "UTF-8");
                } catch (UnsupportedEncodingException e) {
                    this.logger.error("URLEncoder异常", e);
                }
                return str2;
            }
        }
        if (StringUtils.isNotBlank(parameter) && parameter.indexOf("/A/") > -1) {
            parameter = parameter.replace("/A/", "/#/");
        }
        httpServletResponse.setHeader("x-auth-token", httpServletRequest.getSession().getId());
        return "redirect:" + parameter;
    }

    @GetMapping({"/unitelogin"})
    @ApiOperation(value = "统一门户单点登陆", notes = "统一门户单点登陆")
    public String uniteLogin(HttpServletRequest httpServletRequest) {
        this.logger.info("统一门户单点登陆,参数：{}", collectRequestParameters(httpServletRequest));
        String parameter = httpServletRequest.getParameter("token");
        String parameter2 = httpServletRequest.getParameter("returnUrl");
        this.logger.info("returnUrl值:{}", parameter2);
        String replace = parameter.replace(" ", "+");
        String str = "";
        String str2 = "";
        try {
            this.logger.info("token值：{}", replace);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("appId", this.uniteConfig.getAppId());
            jSONObject.put("token", URLEncoder.encode(replace, "utf-8"));
            if (StringUtils.isBlank(str2) && StringUtils.isNotBlank(replace)) {
                HttpExecutorContext context = HttpExecutorContext.create(BooleanBaseOpt.castObjectToBoolean(this.uniteConfig.getUseSSL(), false).booleanValue() ? HttpExecutor.createKeepSessionHttpsClient() : HttpExecutor.createKeepSessionHttpClient()).context(HttpClientContext.create());
                String jsonPost = HttpExecutor.jsonPost(context, this.uniteConfig.getLoginCheckUrl(), jSONObject.toJSONString(new JSONWriter.Feature[0]));
                this.logger.info("调用验证token:{},接口返回信息：{}", jSONObject, jsonPost);
                if (StringUtils.isNotEmpty(jsonPost)) {
                    JSONObject parseObject = JSON.parseObject(jsonPost);
                    if (null == parseObject || 200 != parseObject.getInteger("status").intValue()) {
                        str = null != parseObject ? parseObject.getString("msg") : "统一门户token验证接口返回为空！";
                    } else {
                        String jsonPost2 = HttpExecutor.jsonPost(context, this.uniteConfig.getLoginCheckExtendUrl(), jSONObject.toJSONString(new JSONWriter.Feature[0]));
                        this.logger.info("调用扩展验证:{},接口返回信息：{}", jSONObject, jsonPost2);
                        JSONObject parseObject2 = JSON.parseObject(jsonPost2);
                        if (null != parseObject2) {
                            String string = parseObject2.getJSONObject("data").getJSONObject("userInfo").getString("loginName");
                            this.logger.info("loginName:{}", string);
                            CentitUserDetails loadUserDetailsByLoginName = this.platformEnvironment.loadUserDetailsByLoginName(string);
                            if (null != loadUserDetailsByLoginName) {
                                SecurityContextHolder.getContext().setAuthentication(loadUserDetailsByLoginName);
                                str2 = httpServletRequest.getSession().getId();
                                this.logger.info("用户名：{}登录成功", string);
                            } else {
                                str = "登录名" + string + "不存在！";
                            }
                        } else {
                            str = "统一门户扩展验证接口返回为空！";
                        }
                    }
                }
            } else {
                str = "统一门户token为空！";
            }
        } catch (Exception e) {
            this.logger.error("统一门户单点登录异常：{}", e.getMessage());
            str = "统一门户单点登录异常:" + e.getMessage();
        }
        if (StringUtils.isNotBlank(str)) {
            String str3 = "redirect:redirecterror";
            try {
                str3 = str3 + "?msg=" + URLEncoder.encode(str, "UTF-8");
            } catch (UnsupportedEncodingException e2) {
                this.logger.error("URLEncoder异常", e2);
            }
            return str3;
        }
        String str4 = (StringUtils.isNotBlank(parameter2) && parameter2.contains("?")) ? parameter2 + "&accessToken=" + str2 : parameter2 + "?accessToken=" + str2;
        if (StringUtils.isNotBlank(str4) && str4.indexOf("/A/") > -1) {
            str4 = str4.replace("/A/", "/#/");
        }
        return "redirect:" + str4;
    }

    @GetMapping({"/applogin"})
    @ApiOperation(value = "移动端单点登陆", notes = "移动端单点登陆")
    public String appLogin(HttpServletRequest httpServletRequest) {
        String str;
        this.logger.info("移动端单点登陆,参数：{}", collectRequestParameters(httpServletRequest));
        String parameter = httpServletRequest.getParameter("tmp_auth_code");
        String parameter2 = httpServletRequest.getParameter("returnUrl");
        this.logger.info("returnUrl值:{}", parameter2);
        if (StringUtils.isBlank(parameter2)) {
            parameter2 = this.jsmotSyncConfig.getAppReturnUrl();
        }
        String str2 = "";
        try {
            this.logger.info("临时授权码code值：{}", parameter);
            if (StringUtils.isNotBlank(parameter)) {
                String accessToken = getAccessToken();
                str = StringUtils.isBlank(accessToken) ? "获取交通云accessToken失败" : "";
                if (StringUtils.isBlank(str)) {
                    String simpleGet = HttpExecutor.simpleGet(HttpExecutorContext.create(), this.jsmotSyncConfig.getJsmotHost() + JsmotConstant.URL_H5_GETUSERINFO_BYCODE + "/" + parameter + "?accessToken=" + accessToken);
                    this.logger.info("调用获取用户的详细信息token:{},接口返回信息：{}", accessToken, simpleGet);
                    if (StringUtils.isNotEmpty(simpleGet)) {
                        JSONObject parseObject = JSON.parseObject(simpleGet);
                        if (null != parseObject) {
                            long longValue = parseObject.getLong("retCode").longValue();
                            String string = parseObject.getString("retMsg");
                            if (longValue == 0) {
                                String string2 = parseObject.getJSONObject("bizData").getString("loginName");
                                this.logger.info("loginName:{}", string2);
                                CentitUserDetails loadUserDetailsByLoginName = this.platformEnvironment.loadUserDetailsByLoginName(string2);
                                if (null != loadUserDetailsByLoginName) {
                                    SecurityContextHolder.getContext().setAuthentication(loadUserDetailsByLoginName);
                                    str2 = httpServletRequest.getSession().getId();
                                    this.logger.info("用户名：{}登录成功", string2);
                                } else {
                                    str = "登录名" + string2 + "不存在！";
                                }
                            } else {
                                str = string;
                            }
                        } else {
                            str = "移动端获取用户的详细信息接口返回为空！";
                        }
                    } else {
                        str = "移动端获取用户的详细信息接口返回为空！";
                    }
                }
            } else {
                str = "临时授权码为空！";
            }
        } catch (Exception e) {
            this.logger.error("移动端单点登录异常：{}", e.getMessage());
            str = "移动端单点登录异常:" + e.getMessage();
        }
        if (StringUtils.isNotBlank(str)) {
            String str3 = "redirect:redirecterror";
            try {
                str3 = str3 + "?msg=" + URLEncoder.encode(str, "UTF-8");
            } catch (UnsupportedEncodingException e2) {
                this.logger.error("URLEncoder异常", e2);
            }
            return str3;
        }
        String str4 = (StringUtils.isNotBlank(parameter2) && parameter2.contains("?")) ? parameter2 + "&accessToken=" + str2 : parameter2 + "?accessToken=" + str2;
        if (StringUtils.isNotBlank(str4) && str4.indexOf("/A/") > -1) {
            str4 = str4.replace("/A/", "/#/");
        }
        return "redirect:" + str4;
    }

    @GetMapping({"/redirecterror"})
    @WrapUpResponseBody
    public String redirectError(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("msg");
        if (StringUtils.isBlank(parameter)) {
            parameter = "error";
        }
        return parameter;
    }

    @PostMapping({"/checkAppUserValid"})
    @ApiOperation(value = "统一门户账号验证", notes = "统一门户账号验证")
    @ResponseBody
    public Map<String, Object> checkAppUserValid(@RequestBody String str) {
        this.logger.info("统一门户账号验证；{}", str);
        HashMap hashMap = new HashMap();
        JSONObject parseObject = JSON.parseObject(str);
        if (null != parseObject) {
            String sm4dDecrypt = sm4dDecrypt(parseObject.getString("userPwd"), this.uniteConfig.getUniteAppSecret());
            UserInfo loadUserByLoginname = this.sysUserManager.loadUserByLoginname(parseObject.getString("userAccount"));
            if (null == loadUserByLoginname || !this.passwordEncoder.isPasswordValid(loadUserByLoginname.getUserPin(), sm4dDecrypt, loadUserByLoginname.getUserCode())) {
                hashMap.put("status", 601);
                hashMap.put("msg", "登录名不存在或密码错误！");
            } else {
                hashMap.put("status", 200);
                hashMap.put("msg", "OK");
            }
        } else {
            hashMap.put("status", 500);
            hashMap.put("msg", "登入账号和密码信息为空！");
        }
        return hashMap;
    }

    @PostMapping({"/smslogin"})
    @WrapUpResponseBody
    @ApiOperation(value = "短信登陆", notes = "短信登陆")
    public ResponseData smslogin(@RequestParam("phone") String str, @RequestParam("code") String str2, HttpServletRequest httpServletRequest) throws Exception {
        if (StringUtils.isBlank(str)) {
            return ResponseData.makeErrorMessage(500, "请输入手机号！");
        }
        if (StringUtils.isBlank(str2)) {
            return ResponseData.makeErrorMessage(500, "请输入验证码！");
        }
        JSONObject jSONObject = (JSONObject) this.redisTemplate.boundValueOps(str).get();
        if (null == jSONObject) {
            jSONObject = JSON.parseObject(httpServletRequest.getHeader("verifyCode"));
        }
        if (null == jSONObject) {
            return ResponseData.makeErrorMessage(500, "未发送验证码！");
        }
        String string = jSONObject.getString("verifyCode");
        Long l = jSONObject.getLong("createTime");
        if (!string.equals(str2)) {
            return ResponseData.makeErrorMessage(500, "验证码错误！");
        }
        if (System.currentTimeMillis() - l.longValue() > 300000) {
            this.redisTemplate.delete(str);
            return ResponseData.makeErrorMessage(500, "验证码已过期！");
        }
        CentitUserDetails loadUserDetailsByRegCellPhone = this.platformEnvironment.loadUserDetailsByRegCellPhone(str);
        if (null == loadUserDetailsByRegCellPhone) {
            this.redisTemplate.boundValueOps(str).expire(300L, TimeUnit.SECONDS);
            return ResponseData.makeErrorMessage("未查询到" + str + "对应手机号用户");
        }
        this.redisTemplate.delete(str);
        SecurityContextHolder.getContext().setAuthentication(loadUserDetailsByRegCellPhone);
        SecurityContextUtils.fetchAndSetLocalParams(loadUserDetailsByRegCellPhone, httpServletRequest, this.platformEnvironment);
        return SecurityContextUtils.makeLoginSuccessResponse(loadUserDetailsByRegCellPhone, httpServletRequest);
    }

    private static String sm4dDecrypt(String str, String str2) {
        try {
            SM4Utils sM4Utils = new SM4Utils();
            sM4Utils.secretKey = str2;
            return sM4Utils.decryptData_ECB(str);
        } catch (Exception e) {
            return null;
        }
    }

    private String getAccessToken() {
        ResponseData jsmotAccessToken = this.jttAccessTokenService.getJsmotAccessToken();
        return jsmotAccessToken.getCode() != 0 ? "" : jsmotAccessToken.getData().toString();
    }
}
