package com.bcxin.platform.service.oauth;

import cn.hutool.core.util.ObjectUtil;
import cn.hutool.http.HttpUtil;
import com.alibaba.fastjson.JSON;
import com.bcxin.obpm.domain.ObpmUser;
import com.bcxin.obpm.mapper.ObpmDepartmentMapper;
import com.bcxin.obpm.mapper.ObpmUserMapper;
import com.bcxin.platform.common.exception.BusinessException;
import com.bcxin.platform.common.utils.Result;
import com.bcxin.platform.common.utils.StringUtils;
import com.bcxin.platform.domain.company.PerBaseInfo;
import com.bcxin.platform.dto.oauth.AccessToken;
import com.bcxin.platform.dto.oauth.OAuthTokenxRequest;
import com.bcxin.platform.mapper.company.ComDepartMapper;
import com.bcxin.platform.mapper.company.PerBaseInfoMapper;
import com.bcxin.platform.service.system.ISysConfigService;
import com.bcxin.platform.util.AESUtil;
import com.bcxin.platform.util.constants.CommonConst;
import com.bcxin.platform.util.constants.HuaweiMeetConst;
import com.github.pagehelper.util.StringUtil;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Hex;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional("transactionManager")
@Service
/* loaded from: input_file:com/bcxin/platform/service/oauth/OAuthServiceImpl.class */
public class OAuthServiceImpl implements OAuthService {
    private static Logger logger = LoggerFactory.getLogger(OAuthServiceImpl.class);

    @Resource
    private PerBaseInfoMapper perBaseInfoMapper;

    @Resource
    private RedisUtil redisUtil;

    @Autowired
    private ISysConfigService sysConfigService;

    @Resource
    private ObpmUserMapper obpmUserMapper;

    @Resource
    private ObpmDepartmentMapper obpmDepartmentMapper;

    @Resource
    private ComDepartMapper comDepartMapper;

    @Override // com.bcxin.platform.service.oauth.OAuthService
    public Result saveDispatch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws Exception {
        Map<Boolean, OAuthResponse> handle = handle(new OAuthTokenxRequest(httpServletRequest), str);
        if (handle.containsKey(true)) {
            return Result.success("操作成功！", handle.get(true) == null ? null : JSON.parse(handle.get(true).getBody()));
        }
        return Result.fail(handle.get(false) == null ? "参数错误！" : JSON.parseObject(handle.get(false).getBody()).getString("error_description"));
    }

    private Map<Boolean, OAuthResponse> handle(OAuthTokenxRequest oAuthTokenxRequest, String str) throws OAuthProblemException, OAuthSystemException {
        HashMap hashMap = new HashMap();
        String username = oAuthTokenxRequest.getUsername();
        String password = oAuthTokenxRequest.getPassword();
        String publicKey = oAuthTokenxRequest.getPublicKey();
        if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password) || StringUtils.isEmpty(publicKey)) {
            hashMap.put(false, OAuthResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("参数错误").buildJSONMessage());
            return hashMap;
        }
        try {
            byte[] bytes = publicKey.getBytes();
            byte[] decodeHex = Hex.decodeHex(password.toCharArray());
            byte[] bArr = new byte[0];
            if (!username.equals(new String(AESUtil.AES_CBC_Decrypt(decodeHex, bytes, bytes)))) {
                hashMap.put(false, OAuthResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("用户或者密码错误").buildJSONMessage());
                return hashMap;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        PerBaseInfo selectPerBaseInfoByTlkId = this.perBaseInfoMapper.selectPerBaseInfoByTlkId(username);
        if (selectPerBaseInfoByTlkId == null) {
            hashMap.put(false, OAuthResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("用户不存在").buildJSONMessage());
            return hashMap;
        }
        hashMap.put(true, handleAfterValidation(oAuthTokenxRequest.getRedirectURI(), str, selectPerBaseInfoByTlkId));
        return hashMap;
    }

    private OAuthResponse handleAfterValidation(String str, String str2, PerBaseInfo perBaseInfo) throws OAuthProblemException, OAuthSystemException {
        return createTokenResponse(str, retrieveAccessToken(str2, perBaseInfo));
    }

    private OAuthResponse createTokenResponse(String str, AccessToken accessToken) throws OAuthSystemException {
        OAuthASResponse.OAuthTokenResponseBuilder tokenType = OAuthASResponse.tokenResponse(HuaweiMeetConst.HUAWEI_SUCCESS_CODE).location(str).setAccessToken(accessToken.getTokenId()).setExpiresIn(String.valueOf(accessToken.currentTokenExpiredSeconds())).setTokenType(accessToken.getTokenType());
        String refreshToken = accessToken.getRefreshToken();
        if (StringUtils.isNotEmpty(refreshToken)) {
            tokenType.setRefreshToken(refreshToken);
        }
        if (StringUtils.isNotEmpty(str)) {
            tokenType.setParam("redirect_uri", str);
        }
        return tokenType.buildJSONMessage();
    }

    @Override // com.bcxin.platform.service.oauth.OAuthService
    public AccessToken getAccessToken(String str, PerBaseInfo perBaseInfo) throws OAuthSystemException {
        AccessToken accessToken;
        String stringCache = this.redisUtil.getStringCache(perBaseInfo.getPerId() + CommonConst.BLANK_CHAR);
        return (!StringUtils.isNotEmpty(stringCache) || (accessToken = (AccessToken) this.redisUtil.getCache(stringCache)) == null) ? createAccessToken(perBaseInfo, str) : accessToken;
    }

    private AccessToken retrieveAccessToken(String str, PerBaseInfo perBaseInfo) throws OAuthSystemException {
        AccessToken accessToken;
        String str2 = perBaseInfo.getPerId() + CommonConst.BLANK_CHAR;
        String stringCache = this.redisUtil.getStringCache(str2);
        if (StringUtils.isNotEmpty(stringCache) && (accessToken = (AccessToken) this.redisUtil.getCache(stringCache)) != null) {
            this.redisUtil.delete(str2);
            this.redisUtil.delete(accessToken.getTokenId());
        }
        return createAccessToken(perBaseInfo, str);
    }

    private AccessToken createAccessToken(PerBaseInfo perBaseInfo, String str) throws OAuthSystemException {
        OAuthIssuerImpl oAuthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
        String accessToken = oAuthIssuerImpl.accessToken();
        int i = 0;
        if (str.equals("1")) {
            i = 86400;
        } else if (str.equals("2")) {
            i = 2592000;
        }
        AccessToken accessToken2 = new AccessToken();
        accessToken2.setComId(perBaseInfo.getComId().toString());
        accessToken2.setPerId(perBaseInfo.getPerId().toString());
        ObpmUser selectObpmUserById = this.obpmUserMapper.selectObpmUserById(perBaseInfo.getTlkPerId());
        if (selectObpmUserById != null) {
            if ("true".equals(selectObpmUserById.getISDOMAINUSER())) {
                accessToken2.setDomainAdmin(true);
            } else {
                List<String> adminDepartIds = this.obpmDepartmentMapper.getAdminDepartIds(perBaseInfo.getTlkPerId());
                if (adminDepartIds.size() > 0) {
                    accessToken2.setAdminOrgIds(JSON.toJSONString(this.comDepartMapper.findByTlkIds(adminDepartIds)));
                }
            }
        }
        accessToken2.setName(perBaseInfo.getName());
        accessToken2.setTokenId(accessToken);
        accessToken2.setTokenExpiredSeconds(i);
        accessToken2.setRefreshToken(oAuthIssuerImpl.refreshToken());
        this.redisUtil.putStringCache(perBaseInfo.getPerId() + CommonConst.BLANK_CHAR, accessToken, i);
        this.redisUtil.putCache(accessToken, accessToken2, i);
        return accessToken2;
    }

    @Override // com.bcxin.platform.service.oauth.OAuthService
    public AccessToken getAccessToken(String str) {
        AccessToken accessToken = (AccessToken) this.redisUtil.getCache(str);
        if (accessToken != null && accessToken.tokenExpired()) {
            accessToken = null;
        }
        return accessToken;
    }

    @Override // com.bcxin.platform.service.oauth.OAuthService
    public AccessToken getAccessToken(String str, boolean z) {
        AccessToken accessToken = getAccessToken(str);
        if (accessToken == null && z) {
            try {
                String selectConfigByKey = this.sysConfigService.selectConfigByKey("TLK_URL");
                if (StringUtil.isEmpty(selectConfigByKey)) {
                    return null;
                }
                String str2 = selectConfigByKey + "?accessToken=" + str;
                System.err.println("====>getAccessToken.v5Url:" + str2);
                String str3 = HttpUtil.get(str2);
                System.err.println("====>getAccessToken.result:" + str3);
                Map map = (Map) JSON.parseObject(((Result) JSON.parseObject(str3, Result.class)).getData().toString(), Map.class);
                String obj = !ObjectUtil.isNull(map.get("id")) ? map.get("id").toString() : CommonConst.BLANK_CHAR;
                PerBaseInfo selectPerBaseInfoByTlkId = this.perBaseInfoMapper.selectPerBaseInfoByTlkId(obj);
                if (selectPerBaseInfoByTlkId == null) {
                    throw new BusinessException("用户不存在：" + obj);
                }
                accessToken = new AccessToken();
                accessToken.setComId(selectPerBaseInfoByTlkId.getComId().toString());
                accessToken.setPerId(selectPerBaseInfoByTlkId.getPerId().toString());
                ObpmUser selectObpmUserById = this.obpmUserMapper.selectObpmUserById(selectPerBaseInfoByTlkId.getTlkPerId());
                if (selectObpmUserById != null) {
                    if ("true".equals(selectObpmUserById.getISDOMAINUSER()) || "1".equals(selectObpmUserById.getISDOMAINUSER())) {
                        accessToken.setDomainAdmin(true);
                    } else {
                        List<String> adminDepartIds = this.obpmDepartmentMapper.getAdminDepartIds(selectPerBaseInfoByTlkId.getTlkPerId());
                        if (adminDepartIds.size() > 0) {
                            accessToken.setAdminOrgIds(JSON.toJSONString(this.comDepartMapper.findByTlkIds(adminDepartIds)));
                        }
                    }
                }
                accessToken.setName(selectPerBaseInfoByTlkId.getName());
                accessToken.setTokenExpiredSeconds(86400);
                accessToken.setTokenId(str);
                this.redisUtil.putStringCache(selectPerBaseInfoByTlkId.getPerId() + CommonConst.BLANK_CHAR, str, accessToken.getTokenExpiredSeconds());
                this.redisUtil.putCache(str, accessToken, accessToken.getTokenExpiredSeconds());
            } catch (Exception e) {
                e.printStackTrace();
                logger.error("v5_access_token错误！");
                return null;
            }
        }
        return accessToken;
    }

    public static void main(String[] strArr) throws Exception {
        if (StringUtils.isNotEmpty("wdMFAbNpSmRJEmOl")) {
            byte[] bytes = "wdMFAbNpSmRJEmOl".getBytes();
            System.out.println(new String(AESUtil.AES_CBC_Decrypt(Hex.decodeHex("86b955d41be7a1ce4b8db67da688103e".toCharArray()), bytes, bytes)));
        }
    }
}
