package cn.myapps.runtime.login.controller;

import cn.myapps.authtime.common.service.AuthTimeServiceManager;
import cn.myapps.authtime.domain.model.DomainVO;
import cn.myapps.authtime.user.model.BaseUser;
import cn.myapps.authtime.user.model.UserVO;
import cn.myapps.authtime.user.service.UserProcess;
import cn.myapps.base.web.WebUser;
import cn.myapps.common.Environment;
import cn.myapps.common.model.application.Application;
import cn.myapps.common.model.permission.Permission;
import cn.myapps.common.model.resource.ResourceVO;
import cn.myapps.common.model.role.Role;
import cn.myapps.common.util.Base64Util;
import cn.myapps.common.util.PropertyUtil;
import cn.myapps.common.util.Security;
import cn.myapps.common.util.StringUtil;
import cn.myapps.conf.LoginConfig;
import cn.myapps.designtime.common.service.DesignTimeServiceManager;
import cn.myapps.designtime.permission.PermissionUtil;
import cn.myapps.designtime.resource.service.ResourceDesignTimeService;
import cn.myapps.designtime.role.service.RoleDesignTimeService;
import cn.myapps.runtime.common.dao.DAOFactory;
import cn.myapps.runtime.logger.service.LogHelper;
import cn.myapps.runtime.notice.Notification;
import cn.myapps.support.dingding.service.DdApiService;
import cn.myapps.util.http.CookieUtil;
import cn.myapps.util.property.MultiLanguageProperty;
import cn.myapps.util.sequence.Sequence;
import com.KGitextpdf.text.Annotation;
import com.KGitextpdf.text.html.HtmlTags;
import com.KGitextpdf.text.pdf.PdfObject;
import com.KGitextpdf.text.xml.xmp.DublinCoreProperties;
import com.KGitextpdf.text.xml.xmp.XmpWriter;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.bcxin.runtime.apis.controllers.ControllerAbstract;
import com.bcxin.saas.core.utils.encrypt.PasswordUtils;
import com.bcxin.saas.domains.dtos.AjaxResult;
import com.teemlink.sync.model.ColumnValue;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Random;
import javax.imageio.ImageIO;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.lingala.zip4j.util.InternalZipConstants;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

@Api(tags = {"登录模块"})
@RestController
/* loaded from: input_file:cn/myapps/runtime/login/controller/LoginController.class */
public class LoginController extends ControllerAbstract {

    @Autowired
    private HttpServletRequest request;

    @Autowired
    private HttpServletResponse response;
    private static int WIDTH = 60;
    private static int HEIGHT = 20;
    private String CheckCode_Session = "CheckCode";

    @GetMapping({InternalZipConstants.ZIP_FILE_SEPARATOR})
    @ApiOperation(value = "访问主页面", notes = "访问主页面")
    public void doIndexPage() throws Exception {
        this.response.sendRedirect("signon/dispatcher.html?skin=" + PropertyUtil.get("useSkin"));
    }

    @GetMapping({"/api/login"})
    @ApiOperation(value = "访问登录页面", notes = "访问登录页面")
    public void doLoginPage() throws Exception {
        this.response.sendRedirect("signon/login.html");
    }

    @PostMapping(path = {"/api/runtime/login/getMultiLangWordList"})
    @ApiImplicitParams({@ApiImplicitParam(name = "jsonObj", value = "请求包体", required = true, paramType = HtmlTags.BODY, dataType = "string")})
    @ApiOperation(value = "获取登陆页面所需的多语言字段", notes = "获取登陆页面所需的多语言字段")
    @ResponseBody
    public JSON getMultiLangWordList(@RequestBody JSONObject jSONObject, HttpServletRequest httpServletRequest) {
        String string = jSONObject.getString(DublinCoreProperties.LANGUAGE);
        try {
            Map loginMultiLangWordList = getLoginMultiLangWordList(string);
            Cookie cookie = new Cookie("USERLANGUAGE", string);
            cookie.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
            cookie.setMaxAge(7200);
            this.response.addCookie(cookie);
            return result("1", "成功", "multiLangWordList", loginMultiLangWordList, null, null);
        } catch (Exception e) {
            return result("0", "失败", "multiLangWordList", null, null, null);
        }
    }

    private Map getLoginMultiLangWordList(String str) throws Exception {
        HashMap hashMap = new HashMap();
        String property = MultiLanguageProperty.getProperty(str, "Domains", PdfObject.NOTHING);
        String property2 = MultiLanguageProperty.getProperty(str, "page.login.account", PdfObject.NOTHING);
        String property3 = MultiLanguageProperty.getProperty(str, "page.login.password", PdfObject.NOTHING);
        String property4 = MultiLanguageProperty.getProperty(str, "page.login.remember.label", PdfObject.NOTHING);
        MultiLanguageProperty.getProperty(str, "Debug", PdfObject.NOTHING);
        String property5 = MultiLanguageProperty.getProperty(str, "Login", PdfObject.NOTHING);
        String property6 = MultiLanguageProperty.getProperty(str, "front.page.login.copyright", PdfObject.NOTHING);
        String property7 = MultiLanguageProperty.getProperty(str, "page.function.info.sms.code", PdfObject.NOTHING);
        String property8 = MultiLanguageProperty.getProperty(str, "core.user.notexist", PdfObject.NOTHING);
        String property9 = MultiLanguageProperty.getProperty(str, "page.login.img.code", PdfObject.NOTHING);
        String property10 = MultiLanguageProperty.getProperty(str, "page.login.scan.code", PdfObject.NOTHING);
        String property11 = MultiLanguageProperty.getProperty(str, "page.login.app.scan", PdfObject.NOTHING);
        String property12 = MultiLanguageProperty.getProperty(str, "page.login.wechat", PdfObject.NOTHING);
        String property13 = MultiLanguageProperty.getProperty(str, "page.login.wechat.scan", PdfObject.NOTHING);
        String property14 = MultiLanguageProperty.getProperty(str, "page.login.dingding", PdfObject.NOTHING);
        String property15 = MultiLanguageProperty.getProperty(str, "page.login.dingding.scan", PdfObject.NOTHING);
        hashMap.put("domains", property);
        hashMap.put("pageLoginAccount", property2);
        hashMap.put("pageLoginPassword", property3);
        hashMap.put("pageLoginRememberLabel", property4);
        hashMap.put("login", property5);
        hashMap.put("frontPageLoginCopyright", property6);
        hashMap.put("smsCode", property7);
        hashMap.put("userNoExist", property8);
        hashMap.put("imgCode", property9);
        hashMap.put("scanCode", property10);
        hashMap.put("appScan", property11);
        hashMap.put("wechatLogin", property12);
        hashMap.put("wechatScan", property13);
        hashMap.put("dingdingLogin", property14);
        hashMap.put("dingdingScan", property15);
        return hashMap;
    }

    @PostMapping(path = {"/api/runtime/login/changeCheckcodeImg"})
    @ResponseBody
    @ApiOperation(value = "改变验证码", notes = "改变验证码")
    public JSON changeCheckcodeImg() throws Exception {
        return result("1", "改变成功", "checkcode", "data:image/jpg;base64," + getCheckCodeImg(), null, null);
    }

    @PostMapping(path = {"/api/runtime/login/getDomainList"})
    @ResponseBody
    @ApiOperation(value = "获取企业域列表", notes = "获取企业域列表")
    public JSON getDomainList() throws Exception {
        try {
            Map<String, Object> authConfig = getAuthConfig();
            Object byPropName = PropertyUtil.getByPropName("sso", "login.background");
            ArrayList arrayList = new ArrayList();
            arrayList.add("xxxxxx1");
            authConfig.put("domainList", arrayList);
            authConfig.put("loginBackground", byPropName);
            return result("1", "成功", "result", authConfig, null, null);
        } catch (Exception e) {
            return result("0", "失败", "result", null, null, null);
        }
    }

    private Map<String, Object> getAuthConfig() {
        HashMap hashMap = new HashMap();
        String homeTemplateBoradType = LoginConfig.getHomeTemplateBoradType();
        if (StringUtil.isBlank(homeTemplateBoradType)) {
            homeTemplateBoradType = PdfObject.NOTHING;
        }
        hashMap.put("homeTemplateBoradType", homeTemplateBoradType);
        Properties properties = new Properties();
        InputStream inputStream = null;
        URL url = null;
        try {
            url = new URL(Annotation.FILE, (String) null, PropertyUtil.getPath() + "/sso.properties");
        } catch (MalformedURLException e) {
            e.printStackTrace();
        }
        try {
            if (url == null) {
                throw new IllegalStateException("sso.properties missing");
            }
            try {
                inputStream = url.openStream();
                properties.load(new InputStreamReader(inputStream, XmpWriter.UTF8));
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                    inputStream = null;
                }
            } catch (IOException e3) {
                e3.printStackTrace();
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e4) {
                        e4.printStackTrace();
                    }
                    inputStream = null;
                }
            }
            hashMap.put("loginBackground", properties.getProperty("login.background"));
            hashMap.put("loginLogo", properties.getProperty("login.logo"));
            hashMap.put("loginTitle", properties.getProperty("login.title"));
            hashMap.put("isRegister", properties.getProperty("login.isRegister"));
            hashMap.put("registerTitle", properties.getProperty("register.title"));
            hashMap.put("registerUrl", properties.getProperty("register.url"));
            hashMap.put("isSupervise", properties.getProperty("site.supervise"));
            hashMap.put("areaCode", properties.getProperty("areaCode"));
            return hashMap;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e5) {
                    e5.printStackTrace();
                }
            }
            throw th;
        }
    }

    @PostMapping({"/api/runtime/login/loginWithCiphertext2"})
    @ApiImplicitParams({@ApiImplicitParam(name = "jsonObj", value = "请求包体", required = true, paramType = HtmlTags.BODY, dataType = "string")})
    @ApiOperation(value = "登录", notes = "登录")
    @ResponseBody
    public JSON login(@RequestBody JSONObject jSONObject) throws Exception {
        String str;
        String str2;
        String string = jSONObject.getString("domainName");
        String string2 = jSONObject.getString("username");
        String string3 = jSONObject.getString("password");
        jSONObject.getString("remember");
        String string4 = jSONObject.getString("checkcode");
        jSONObject.getString(DublinCoreProperties.LANGUAGE);
        jSONObject.getString("debug");
        if (string == null) {
            return result("0", "{*[cn.myapps.core.domain.label.name.illegal]*}", "returnUrl", PdfObject.NOTHING, "checkcodeImg", PdfObject.NOTHING);
        }
        DomainVO domainByName = DAOFactory.getDefaultDAO(DomainVO.class.getName()).getDomainByName(string);
        if (domainByName == null || domainByName.getStatus() == 0) {
            return result("0", "{*[core.domain.notexist]*}", "returnUrl", PdfObject.NOTHING, "checkcodeImg", PdfObject.NOTHING);
        }
        UserProcess userRuntimeService = AuthTimeServiceManager.userRuntimeService();
        BaseUser userByLoginnoAndDoaminName = userRuntimeService.getUserByLoginnoAndDoaminName(string2, string);
        if (userByLoginnoAndDoaminName == null) {
            return result("0", "{*[core.user.notexist]*}", "returnUrl", PdfObject.NOTHING, "checkcodeImg", PdfObject.NOTHING);
        }
        Integer valueOf = Integer.valueOf(userByLoginnoAndDoaminName.getPwdErrorTimes());
        Object obj = PdfObject.NOTHING;
        if (valueOf.intValue() > 2 && (str2 = (String) this.request.getSession().getAttribute(this.CheckCode_Session)) != null && !str2.equalsIgnoreCase(string4)) {
            return result("0", "输入字符错误，请重新输入图片中出现的4个字符", "returnUrl", PdfObject.NOTHING, "checkcodeImg", "data:image/jpg;base64," + getCheckCodeImg());
        }
        if (valueOf.intValue() >= 2) {
            obj = "data:image/jpg;base64," + getCheckCodeImg();
        }
        if (userByLoginnoAndDoaminName != null && userByLoginnoAndDoaminName.getLockFlag() == 0) {
            return result("0", "该账号已锁定", "returnUrl", PdfObject.NOTHING, "checkcodeImg", obj);
        }
        if (userByLoginnoAndDoaminName != null && "0".equals(PropertyUtil.get("ao.login.notice.author")) && (str = PropertyUtil.get("ao.login.password.maxage")) != null) {
            if (new Date().getTime() - userByLoginnoAndDoaminName.getLastModifyTime().getTime() > Integer.valueOf(str).intValue() * 24 * 60 * 60 * 1000) {
                return result("0", "密码已过期", "returnUrl", PdfObject.NOTHING, "checkcodeImg", obj);
            }
        }
        if (string3 != null && string3.length() > 2) {
            string3 = Security.decodeBASE64(string3.substring(string3.length() - 2, string3.length()) + string3.substring(0, string3.length() - 2));
        }
        try {
            userRuntimeService.login(userByLoginnoAndDoaminName.getLoginno(), string3, userByLoginnoAndDoaminName.getDomain().getName(), valueOf.intValue());
            if (!PasswordUtils.isMatched(userByLoginnoAndDoaminName.getLoginpwd(), string3)) {
                throw new Exception("登陆错误!");
            }
            String token = Security.getToken(userByLoginnoAndDoaminName.getId());
            Cookie cookie = new Cookie("accessToken", token);
            Cookie cookie2 = new Cookie("isFromLogin", "1");
            cookie.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
            cookie.setMaxAge(7200);
            cookie2.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
            this.response.addCookie(cookie);
            this.response.addCookie(cookie2);
            if (isAgent(userByLoginnoAndDoaminName)) {
                return result("1", "代理登陆页面", "returnUrl", "../login/agent.html?id=" + userByLoginnoAndDoaminName.getId(), "accessToken", token);
            }
            WebUser webUser = new WebUser(userByLoginnoAndDoaminName);
            WebUser.setWebUser(webUser, this.request);
            LogHelper.saveLogByDyAction("登录", "登录", webUser, this.request);
            try {
                AuthTimeServiceManager.domainRuntimeService().doUpdate(domainByName);
            } catch (Exception e) {
            }
            return result("1", "登陆成功", "returnUrl", "../signon/dispatcher.html?skin=" + PropertyUtil.getByPropName("skin", "homePage"), "checkcodeImg", PdfObject.NOTHING, "accessToken", token);
        } catch (Exception e2) {
            userRuntimeService.updateUserPwdErrorTimes(string2, valueOf.intValue() + 1);
            return result("0", e2.getMessage(), "returnUrl", PdfObject.NOTHING, "checkcodeImg", obj);
        }
    }

    @GetMapping(path = {"/api/runtime/dingding/authlogin"})
    @ApiImplicitParams({@ApiImplicitParam(name = "code", value = "钉钉免登授权码", required = true, paramType = "query", dataType = "string"), @ApiImplicitParam(name = "domainId", value = "企业域id", required = true, paramType = "query", dataType = "string"), @ApiImplicitParam(name = "appId", value = "软件id", required = false, paramType = "query", dataType = "string"), @ApiImplicitParam(name = "formId", value = "表单id", required = false, paramType = "query", dataType = "string"), @ApiImplicitParam(name = "isPc", value = "是否来自pc", required = false, paramType = "query", dataType = ColumnValue.TYPE_BOOLEAN)})
    @ResponseBody
    public JSON dingdingAuthLogin(@RequestParam String str, @RequestParam String str2, @RequestParam(required = false) String str3, @RequestParam(required = false) String str4, @RequestParam(required = false) String str5, @RequestParam(required = false, defaultValue = "false") boolean z) throws Exception {
        String userInfo = DdApiService.getUserInfo(str, str2);
        DomainVO doView = AuthTimeServiceManager.domainRuntimeService().doView(str2);
        UserProcess userRuntimeService = AuthTimeServiceManager.userRuntimeService();
        UserVO doView2 = userRuntimeService.doView(userInfo);
        if (doView2 == null) {
            doView2 = userRuntimeService.getUserByDdUserIdAndDoaminName(userInfo, doView.getName());
        }
        if (doView2 == null) {
            return result("0", "用户不存在,请联系管理员同步", null, null, null, null);
        }
        String token = Security.getToken(doView2.getId());
        Cookie cookie = new Cookie("accessToken", token);
        cookie.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
        this.response.addCookie(cookie);
        return result("1", "登陆成功", "returnUrl", (StringUtil.isBlank(str4) || str4.equals("null") || StringUtil.isBlank(str5) || str5.equals("null")) ? Notification.MODULE_PM.equals(str3) ? "/pms/pm/wap/index.jsp?application=pm" : "qmdt".equals(str3) ? "/qms/qm/wap/pendlist.jsp?application=qm" : "qmcenter".equals(str3) ? "/qms/qm/wap/center.jsp?application=qm" : "amsignin".equals(str3) ? "/attendance/sign.jsp?application=am&action=signin" : "amsignout".equals(str3) ? "/attendance/sign.jsp?application=am&action=signout" : "am".equals(str3) ? "/attendance/record.jsp?application=am" : "cmfavoritecontacts".equals(str3) ? "contacts/index.html?application=cm&action=favoriteContacts" : "cm".equals(str3) ? "contacts/index.html?application=cm" : Notification.MODULE_KM.equals(str3) ? "/kms/kmswap/asset/index.html" : z ? "portal/good/index.html" : "mobile/index.html" : z ? "portal/good/html/form.html?appId=" + str3 + "&docid=" + str5 + "&formId=" + str4 + "&opentarget=detail&accessToken=" + token : "mobile/index.html#/open?linkType=00&actionContent=" + str4 + "&docId=" + str5, null, null);
    }

    public boolean isAgent(BaseUser baseUser) throws Exception {
        for (UserVO userVO : get_proxyUsers(baseUser)) {
            if (userVO.getStartProxyTime() == null || userVO.getEndProxyTime() == null) {
                if (baseUser.getId().equals(userVO.getProxyUser().getId())) {
                    return true;
                }
            } else {
                Date date = new Date();
                if (date.after(userVO.getStartProxyTime()) && date.before(userVO.getEndProxyTime()) && baseUser.getId().equals(userVO.getProxyUser().getId())) {
                    return true;
                }
            }
        }
        return false;
    }

    public Collection<UserVO> get_proxyUsers(BaseUser baseUser) throws Exception {
        ArrayList arrayList = new ArrayList();
        Collection<UserVO> queryByProxyUserId = AuthTimeServiceManager.userRuntimeService().queryByProxyUserId(baseUser.getId());
        if (queryByProxyUserId != null && queryByProxyUserId.size() > 0) {
            for (UserVO userVO : queryByProxyUserId) {
                if (userVO.getStartProxyTime() == null || userVO.getEndProxyTime() == null) {
                    arrayList.add(userVO);
                } else {
                    Date date = new Date();
                    if (date.after(userVO.getStartProxyTime()) && date.before(userVO.getEndProxyTime())) {
                        arrayList.add(userVO);
                    }
                }
            }
        }
        return arrayList;
    }

    @ApiImplicitParams({@ApiImplicitParam(name = "userid", value = "用户id", required = true, paramType = "path", dataType = "string")})
    @ApiOperation(value = "获取可代理登录用户", notes = "获取可代理登录用户")
    @GetMapping({"/api/runtime/login/getProxyUsers/{userid}"})
    @ResponseBody
    public JSON doGetProxyUsers(@PathVariable String str) throws Exception {
        List<UserVO> proxyUsers = getProxyUsers(str);
        ArrayList arrayList = new ArrayList();
        for (UserVO userVO : proxyUsers) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("id", userVO.getId());
            jSONObject.put("name", userVO.getLoginno());
            jSONObject.put("avatar", userVO.getAvatar());
            arrayList.add(jSONObject);
        }
        return result("0", PdfObject.NOTHING, "returnUrl", PdfObject.NOTHING, "proxyUsers", arrayList);
    }

    public List<UserVO> getProxyUsers(String str) throws Exception {
        ArrayList arrayList = new ArrayList();
        Collection<UserVO> queryByProxyUserId = AuthTimeServiceManager.userRuntimeService().queryByProxyUserId(str);
        if (queryByProxyUserId != null && queryByProxyUserId.size() > 0) {
            for (UserVO userVO : queryByProxyUserId) {
                if (userVO.getStartProxyTime() == null || userVO.getEndProxyTime() == null) {
                    arrayList.add(userVO);
                } else {
                    Date date = new Date();
                    if (date.after(userVO.getStartProxyTime()) && date.before(userVO.getEndProxyTime())) {
                        arrayList.add(userVO);
                    }
                }
            }
        }
        return arrayList;
    }

    @ApiImplicitParams({@ApiImplicitParam(name = "userid", value = "用户id", required = true, paramType = "path", dataType = "string")})
    @ApiOperation(value = "代理登录", notes = "代理登录")
    @GetMapping({"/api/runtime/login/loginProxy/{userid}"})
    @ResponseBody
    public JSON doLoginProxy(@PathVariable String str) {
        try {
            Cookie cookie = new Cookie("accessToken", Security.getToken(AuthTimeServiceManager.userRuntimeService().doView(str).getId()));
            cookie.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
            this.response.addCookie(cookie);
            return result("1", "登陆成功", "returnUrl", "../signon/dispatcher.html?skin=" + PropertyUtil.getByPropName("skin", "homePage"), null, null);
        } catch (Exception e) {
            e.printStackTrace();
            return result("0", "登陆失败", "returnUrl", PdfObject.NOTHING, null, null);
        }
    }

    private JSON result(String str, String str2, String str3, Object obj, String str4, Object obj2) {
        HashMap hashMap = new HashMap();
        hashMap.put("resultCode", str);
        hashMap.put("msg", str2);
        if (str3 != null || obj != null) {
            hashMap.put(str3, obj);
        }
        if (str4 != null || obj2 != null) {
            hashMap.put(str4, obj2);
        }
        return JSONObject.parseObject(JSON.toJSONString(hashMap));
    }

    private JSON result(String str, String str2, String str3, Object obj, String str4, Object obj2, String str5, Object obj3) {
        HashMap hashMap = new HashMap();
        hashMap.put("resultCode", str);
        hashMap.put("msg", str2);
        if (str3 != null || obj != null) {
            hashMap.put(str3, obj);
        }
        if (str4 != null || obj2 != null) {
            hashMap.put(str4, obj2);
        }
        if (str5 != null || obj3 != null) {
            hashMap.put(str5, obj3);
        }
        return JSONObject.parseObject(JSON.toJSONString(hashMap));
    }

    private char[] generateCheckCode() {
        char[] cArr = new char[4];
        for (int i = 0; i < 4; i++) {
            cArr[i] = "0123456789abcdefghijkLmnopqrstuvwxyz".charAt(new Random().nextInt(36));
        }
        return cArr;
    }

    private void drawBackground(Graphics graphics) {
        Random random = new Random();
        graphics.setColor(Color.black);
        graphics.clipRect(0, 0, WIDTH + 6, HEIGHT + 4);
        graphics.setColor(Color.white);
        graphics.fillRect(1, 1, WIDTH + 4, HEIGHT + 2);
        for (int i = 0; i < 30; i++) {
            int nextInt = random.nextInt(WIDTH) + 2;
            int nextInt2 = random.nextInt(HEIGHT) + 3;
            int nextInt3 = random.nextInt(12);
            int nextInt4 = random.nextInt(12);
            graphics.setColor(new Color(random.nextInt(255), random.nextInt(255), random.nextInt(255)));
            graphics.drawLine(nextInt, nextInt2, nextInt + nextInt3, nextInt2 + nextInt4);
        }
    }

    private void drawRands(Graphics graphics, char[] cArr) {
        graphics.setColor(new Color(2039583));
        graphics.setFont(new Font("Fixedsys", 0, HEIGHT));
        int length = WIDTH / (cArr.length + 1);
        int i = HEIGHT;
        for (int i2 = 0; i2 < cArr.length; i2++) {
            graphics.drawString(PdfObject.NOTHING + cArr[i2], (i2 + 1) * length, i);
        }
    }

    public String getCheckCodeImg() throws Exception {
        this.response.setContentType("image/jpg");
        this.response.setHeader("Pragma", "No-cache");
        this.response.setHeader("Cache-Control", "no-cache");
        this.response.setDateHeader("Expires", 0L);
        BufferedImage bufferedImage = new BufferedImage(WIDTH + 6, HEIGHT + 4, 1);
        Graphics graphics = bufferedImage.getGraphics();
        char[] generateCheckCode = generateCheckCode();
        drawBackground(graphics);
        drawRands(graphics, generateCheckCode);
        graphics.dispose();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ImageIO.write(bufferedImage, "JPG", byteArrayOutputStream);
        String replaceAll = Base64Util.encode(byteArrayOutputStream.toByteArray()).replaceAll("\n", PdfObject.NOTHING).replaceAll("\r", PdfObject.NOTHING);
        this.request.getSession().setAttribute(this.CheckCode_Session, String.valueOf(generateCheckCode));
        return replaceAll;
    }

    @GetMapping(path = {"/api/debuglogin/getDomainList"})
    @ResponseBody
    @ApiOperation(value = "调试登录-获取企业域列表", notes = "调试登录-获取企业域列表")
    public JSON getDomainList(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) throws Exception {
        try {
            return result("1", "成功", "domainList", getDomainNameList(), null, null);
        } catch (Exception e) {
            return result("0", "失败", "domainList", null, null, null);
        }
    }

    public Collection<String> getDomainNameList() {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator it = AuthTimeServiceManager.domainRuntimeService().getDomainByStatus(1).iterator();
            while (it.hasNext()) {
                arrayList.add(((DomainVO) it.next()).getName());
            }
            return arrayList;
        } catch (Exception e) {
            e.printStackTrace();
            return arrayList;
        }
    }

    @ApiImplicitParams({@ApiImplicitParam(name = "domainName", value = "企业域名称", required = true, paramType = "query", dataType = "string"), @ApiImplicitParam(name = "username", value = "用户名", required = true, paramType = "query", dataType = "string")})
    @ApiOperation(value = "调试登录-获取用户列表", notes = "调试登录-获取用户列表")
    @GetMapping(path = {"/api/debuglogin/getUserList"})
    @ResponseBody
    public JSON getUserList(@RequestParam(required = true) String str, @RequestParam(required = false) String str2) {
        try {
            Collection userByLoginnoLikeAndDoaminName = AuthTimeServiceManager.userRuntimeService().getUserByLoginnoLikeAndDoaminName(str, str2, 1, 10);
            ArrayList arrayList = new ArrayList();
            Iterator it = userByLoginnoLikeAndDoaminName.iterator();
            while (it.hasNext()) {
                arrayList.add(((UserVO) it.next()).getLoginno());
            }
            return result("1", "成功", "userList", arrayList, null, null);
        } catch (Exception e) {
            return result("0", "失败", "userList", null, null, null);
        }
    }

    @ApiImplicitParams({@ApiImplicitParam(name = DublinCoreProperties.LANGUAGE, value = "语言", required = true, paramType = "query", dataType = "string")})
    @ApiOperation(value = "调试登录-获取登陆页面所需的多语言字段", notes = "调试登录-获取登陆页面所需的多语言字段")
    @GetMapping(path = {"/api/debuglogin/getMultiLangWordList"})
    @ResponseBody
    public JSON getMultiLangWordList(@RequestParam String str, HttpServletRequest httpServletRequest) {
        try {
            Map loginMultiLangWordList = getLoginMultiLangWordList(str);
            Cookie cookie = new Cookie("USERLANGUAGE", str);
            cookie.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
            cookie.setMaxAge(7200);
            this.response.addCookie(cookie);
            return result("1", "成功", "multiLangWordList", loginMultiLangWordList, null, null);
        } catch (Exception e) {
            return result("0", "失败", "multiLangWordList", null, null, null);
        }
    }

    @PostMapping({"/api/debuglogin/loginWithCiphertext2"})
    @ApiImplicitParams({@ApiImplicitParam(name = "domainName", value = "企业域名称", required = true, paramType = "query", dataType = "string"), @ApiImplicitParam(name = "username", value = "用户名", required = true, paramType = "query", dataType = "string")})
    @ApiOperation(value = "调试登录-登陆", notes = "调试登录-登陆")
    @ResponseBody
    public JSON login2(@RequestBody JSONObject jSONObject) throws Exception {
        try {
            UserVO userByLoginnoAndDoaminName = AuthTimeServiceManager.userRuntimeService().getUserByLoginnoAndDoaminName(jSONObject.getString("username").split("\\(")[0], jSONObject.getString("domainName"));
            String token = Security.getToken(userByLoginnoAndDoaminName.getId());
            String byPropName = PropertyUtil.getByPropName("skin", "homePage");
            Cookie cookie = new Cookie("debugToken", token);
            cookie.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
            this.response.addCookie(cookie);
            return isAgent(userByLoginnoAndDoaminName) ? result("1", "代理登陆页面", "returnUrl", "../login/agent.html?id=" + userByLoginnoAndDoaminName.getId(), null, null) : result("1", "登陆成功", "returnUrl", "../signon/dispatcher.html?skin=" + byPropName, "checkcodeImg", PdfObject.NOTHING);
        } catch (Exception e) {
            return result("0", "登陆失败", "returnUrl", PdfObject.NOTHING, "checkcodeImg", PdfObject.NOTHING);
        }
    }

    @PostMapping(path = {"/api/runtime/logout"})
    @ResponseBody
    @ApiOperation(value = "退出登录", notes = "退出登录")
    public JSON logout() throws Exception {
        CookieUtil.clearCookie("verify_login", this.response);
        CookieUtil.clearCookie("autologin", this.response);
        CookieUtil.clearCookie("accessToken", this.response);
        CookieUtil.clearCookie("isFromLogin", this.response);
        this.request.getSession().removeAttribute("SPRING_SECURITY_CONTEXT");
        return result("ok", "ok", "data", "/static/signon/index.html?yes=1", null, null);
    }

    @PostMapping({"/api/runtime/login/smsSend"})
    @ApiOperation(value = "发送短信验证码", notes = "发送短信验证码")
    public JSON doSmsSend(String str, String str2) {
        return result("ok", "发送成功", "status", true, null, null);
    }

    public String getLogoutRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return "sso".equals(PropertyUtil.get("authentication.type")) ? PropertyUtil.get("sso.logout.redirect") : "/signon/";
    }

    public String getDispatchURL(String str, ServletRequest servletRequest, ServletResponse servletResponse) {
        if (StringUtil.isBlank(str)) {
            return null;
        }
        if (str.indexOf("/portal/dispatch/") != -1) {
            String str2 = (String) ((HttpServletRequest) servletRequest).getSession().getAttribute("SKINTYPE");
            if (str2 == null) {
                str2 = "H5";
            }
            str = str.replace("dispatch", str2);
        }
        return str;
    }

    @RequestMapping({"/api/runtime/login/getMenuList"})
    public AjaxResult getMenuList() throws Exception {
        return AjaxResult.success((String) null, getMenus());
    }

    @RequestMapping({"/api/runtime/login/getPoliceRoles"})
    public AjaxResult getPoliceRoles(String str, String str2, Map<String, String> map) throws Exception {
        return AjaxResult.success((String) null, getPoliceRoleList(str, str2, map));
    }

    public JSONArray getMenus() throws Exception {
        List<ResourceVO> deepQueryAll;
        List<Application> list = DesignTimeServiceManager.applicationDesignTimeService().list(PdfObject.NOTHING, (String) null);
        JSONArray jSONArray = new JSONArray();
        ResourceDesignTimeService resourceDesignTimeService = DesignTimeServiceManager.resourceDesignTimeService();
        int i = 1;
        for (Application application : list) {
            if (!application.getName().contains("平台运营管理") && !application.getName().contains("组织权益") && (deepQueryAll = resourceDesignTimeService.deepQueryAll(application.getId(), "menu")) != null && deepQueryAll.size() != 0) {
                JSONObject jSONObject = new JSONObject();
                jSONObject.put("id", application.getId());
                jSONObject.put("name", application.getName());
                int i2 = i;
                i++;
                jSONObject.put("seq", Integer.valueOf(i2));
                jSONArray.add(jSONObject);
                for (ResourceVO resourceVO : deepQueryAll) {
                    JSONObject jSONObject2 = new JSONObject();
                    jSONObject2.put("id", resourceVO.getId());
                    jSONObject2.put("name", resourceVO.getName());
                    jSONObject2.put("parentId", resourceVO.getParentId());
                    jSONObject2.put("seq", resourceVO.getOrderno());
                    jSONArray.add(jSONObject2);
                    if (resourceVO.getChildren() != null && resourceVO.getChildren().size() > 0) {
                        getSubMenuList(jSONArray, resourceVO);
                    }
                }
            }
        }
        return jSONArray;
    }

    public void getSubMenuList(JSONArray jSONArray, ResourceVO resourceVO) throws Exception {
        for (ResourceVO resourceVO2 : resourceVO.getChildren()) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("id", resourceVO2.getId());
            jSONObject.put("name", resourceVO2.getName());
            jSONObject.put("parentId", resourceVO2.getParentId());
            jSONObject.put("seq", resourceVO2.getOrderno());
            jSONArray.add(jSONObject);
            if (resourceVO2.getChildren() != null && resourceVO2.getChildren().size() > 0) {
                getSubMenuList(jSONArray, resourceVO2);
            }
        }
    }

    public List<String> getPoliceRoleList(String str, String str2, Map<String, String> map) throws Exception {
        RoleDesignTimeService roleRuntimeService = AuthTimeServiceManager.roleRuntimeService();
        ArrayList arrayList = new ArrayList();
        List<Application> list = DesignTimeServiceManager.applicationDesignTimeService().list(PdfObject.NOTHING, (String) null);
        if (list.size() == 0) {
            return arrayList;
        }
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        for (Application application : list) {
            if (2 != application.getType()) {
                Role findByRoleNo = roleRuntimeService.findByRoleNo(str, application.getId());
                if (findByRoleNo == null) {
                    findByRoleNo = new Role();
                    findByRoleNo.setRoleNo(str);
                    findByRoleNo.setStatus(1);
                    findByRoleNo.setName(str2);
                    findByRoleNo.setParentId(application.getId());
                    findByRoleNo.setApplicationid(application.getId());
                    findByRoleNo.setSortId(Sequence.getTimeSequence());
                    findByRoleNo.setId(Sequence.getDesignTimeSequence());
                    roleRuntimeService.save(findByRoleNo);
                }
                ResourceDesignTimeService resourceDesignTimeService = DesignTimeServiceManager.resourceDesignTimeService();
                for (ResourceVO resourceVO : resourceDesignTimeService.deepQueryAll(application.getId(), "menu")) {
                    arrayList2.add(resourceVO.getId());
                    if ("public".equals(resourceVO.getPermissionType())) {
                        arrayList3.add(PermissionUtil.createPermissionResource(findByRoleNo.getId(), resourceVO.getId()));
                    } else {
                        if (map.get(resourceVO.getId()) != null) {
                            arrayList3.add(PermissionUtil.createPermissionResource(findByRoleNo.getId(), resourceVO.getId()));
                        }
                        getSubMenuPermission(resourceDesignTimeService, findByRoleNo.getId(), map, resourceVO.getId(), arrayList2, arrayList3);
                    }
                }
                PermissionUtil.removeAuth(arrayList2, findByRoleNo);
                PermissionUtil.pushAuth(arrayList3, findByRoleNo);
                roleRuntimeService.update(findByRoleNo);
                arrayList.add(findByRoleNo.getId());
            }
        }
        Environment.cleanPermissionMap();
        PermissionUtil.initPermissionMap();
        return arrayList;
    }

    private void getSubMenuPermission(ResourceDesignTimeService resourceDesignTimeService, String str, Map<String, String> map, String str2, List<String> list, List<Permission> list2) throws Exception {
        List<ResourceVO> childsByParentId = resourceDesignTimeService.getChildsByParentId(str2, PdfObject.NOTHING);
        if (childsByParentId == null || childsByParentId.size() <= 0) {
            return;
        }
        for (ResourceVO resourceVO : childsByParentId) {
            list.add(resourceVO.getId());
            if ("public".equals(resourceVO.getPermissionType())) {
                list2.add(PermissionUtil.createPermissionResource(str, resourceVO.getId()));
            } else {
                if (map.get(resourceVO.getId()) != null) {
                    list2.add(PermissionUtil.createPermissionResource(str, resourceVO.getId()));
                }
                getSubMenuPermission(resourceDesignTimeService, str, map, resourceVO.getId(), list, list2);
            }
        }
    }
}
