package y9.authen;

import com.google.common.collect.Lists;
import jakarta.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.AccountNotFoundException;
import javax.security.auth.login.FailedLoginException;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.AbstractAuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.credential.UsernamePasswordCredential;
import org.apereo.cas.authentication.principal.PrincipalFactoryUtils;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.context.request.RequestContextHolder;
import y9.entity.Y9User;
import y9.service.Y9LoginUserService;
import y9.service.Y9UserService;
import y9.util.Y9Context;
import y9.util.Y9MessageDigest;
import y9.util.common.AESUtil;
import y9.util.common.RSAUtil;

/* loaded from: input_file:y9/authen/Y9AuthenticationHandler.class */
public class Y9AuthenticationHandler extends AbstractAuthenticationHandler {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(Y9AuthenticationHandler.class);
    private final Y9UserService y9UserService;
    private final Y9LoginUserService y9LoginUserService;

    public Y9AuthenticationHandler(String str, ServicesManager servicesManager, Integer num, Y9UserService y9UserService, Y9LoginUserService y9LoginUserService) {
        super(str, servicesManager, PrincipalFactoryUtils.newPrincipalFactory(), num);
        this.y9UserService = y9UserService;
        this.y9LoginUserService = y9LoginUserService;
    }

    private static void updateCredential(HttpServletRequest httpServletRequest, UsernamePasswordCredential usernamePasswordCredential, String str, String str2, String str3) {
        usernamePasswordCredential.setUsername(str);
        usernamePasswordCredential.assignPassword(str2);
        Map customFields = usernamePasswordCredential.getCustomFields();
        if (StringUtils.isNotBlank(str3)) {
            customFields.put("tenantShortName", str3);
        }
        String parameter = httpServletRequest.getParameter("systemName");
        if (StringUtils.isNotBlank(parameter)) {
            customFields.put("systemName", parameter);
        }
        String parameter2 = httpServletRequest.getParameter("loginType");
        if (StringUtils.isNotBlank(parameter2)) {
            customFields.put("loginType", parameter2);
        }
        String parameter3 = httpServletRequest.getParameter("deptId");
        if (StringUtils.isNotBlank(parameter3)) {
            customFields.put("deptId", parameter3);
        }
        String parameter4 = httpServletRequest.getParameter("pwdEcodeType");
        if (StringUtils.isNotBlank(parameter4)) {
            customFields.put("pwdEcodeType", parameter4);
        }
        String parameter5 = httpServletRequest.getParameter("positionId");
        if (StringUtils.isNotBlank(parameter5)) {
            customFields.put("positionId", parameter5);
        }
        String parameter6 = httpServletRequest.getParameter("screenDimension");
        if (StringUtils.isNotBlank(parameter6)) {
            customFields.put("screenDimension", parameter6);
        }
        customFields.put("userAgent", httpServletRequest.getHeader("User-Agent"));
        customFields.put("userHostIP", Y9Context.getIpAddr(httpServletRequest));
        usernamePasswordCredential.setCustomFields(customFields);
    }

    public AuthenticationHandlerExecutionResult authenticate(Credential credential, Service service) throws Throwable {
        Y9User y9User;
        UsernamePasswordCredential usernamePasswordCredential = (UsernamePasswordCredential) credential;
        HttpServletRequest request = RequestContextHolder.currentRequestAttributes().getRequest();
        String parameter = request.getParameter("loginType");
        String parameter2 = request.getParameter("tenantShortName");
        String parameter3 = request.getParameter("positionId");
        String parameter4 = request.getParameter("deptId");
        String parameter5 = request.getParameter("systemName");
        String parameter6 = request.getParameter("screenDimension");
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("tenantShortName", parameter2);
        linkedHashMap.put("noLoginScreen", true);
        linkedHashMap.put("deptId", parameter4);
        linkedHashMap.put("positionId", parameter3);
        linkedHashMap.put("loginType", parameter);
        linkedHashMap.put("screenDimension", parameter6);
        linkedHashMap.put("systemName", parameter5);
        usernamePasswordCredential.setCustomFields(linkedHashMap);
        String username = usernamePasswordCredential.getUsername();
        String password = usernamePasswordCredential.toPassword();
        try {
            String property = Y9Context.getProperty("y9.rsaPrivateKey");
            String privateDecrypt = RSAUtil.privateDecrypt(username, property);
            String privateDecrypt2 = RSAUtil.privateDecrypt(password, property);
            if (privateDecrypt.contains("&")) {
                privateDecrypt = privateDecrypt.substring(0, privateDecrypt.indexOf("&"));
                String substring = privateDecrypt.substring(privateDecrypt.indexOf("&") + 1);
                updateCredential(request, usernamePasswordCredential, privateDecrypt, privateDecrypt2, null);
                List<Y9User> agentUsers = getAgentUsers(parameter4, "operation", substring);
                if (agentUsers == null || agentUsers.isEmpty()) {
                    throw new AccountNotFoundException("没有找到这个代理用户。");
                }
                y9User = (Y9User) agentUsers.getFirst();
                if (!Y9MessageDigest.bcryptMatch(privateDecrypt2, y9User.getPassword())) {
                    throw new FailedLoginException("代理用户密码错误。");
                }
            } else {
                updateCredential(request, usernamePasswordCredential, privateDecrypt, privateDecrypt2, null);
                List<Y9User> users = getUsers(parameter, parameter4, parameter2, privateDecrypt);
                if (users == null || users.isEmpty()) {
                    throw new AccountNotFoundException("没有找到这个用户。");
                }
                if ("qrCode".equals(parameter)) {
                    y9User = (Y9User) users.getFirst();
                    updateCredential(request, usernamePasswordCredential, y9User.getLoginName(), y9User.getPassword(), y9User.getTenantShortName());
                } else {
                    y9User = (Y9User) users.getFirst();
                    if (!Y9MessageDigest.bcryptMatch(privateDecrypt2, y9User.getPassword())) {
                        throw new FailedLoginException("用户密码错误。");
                    }
                }
            }
            this.y9LoginUserService.save(usernamePasswordCredential, "true", "登录成功");
            return new DefaultAuthenticationHandlerExecutionResult(this, usernamePasswordCredential, this.principalFactory.createPrincipal(privateDecrypt, buildAttributes(usernamePasswordCredential, y9User)));
        } catch (Exception e) {
            this.y9LoginUserService.save(usernamePasswordCredential, "false", "登录失败");
            throw new FailedLoginException(e.getMessage());
        }
    }

    private List<Y9User> getAgentUsers(String str, String str2, String str3) {
        return StringUtils.isNotBlank(str) ? this.y9UserService.findByTenantShortNameAndMobileAndParentId(str2, str3, str) : this.y9UserService.findByTenantShortNameAndLoginNameAndOriginal(str2, str3, Boolean.TRUE);
    }

    private List<Y9User> getUsers(String str, String str2, String str3, String str4) {
        if ("mobile".equals(str)) {
            return StringUtils.isNotBlank(str2) ? this.y9UserService.findByTenantShortNameAndMobileAndParentId(str3, str4, str2) : this.y9UserService.findByTenantShortNameAndMobileAndOriginal(str3, str4, Boolean.TRUE);
        }
        if ("loginMobileName".equals(str)) {
            return StringUtils.isNotBlank(str2) ? this.y9UserService.findByTenantShortNameAndLoginNameAndParentId(str3, str4, str2) : this.y9UserService.findByTenantShortNameAndLoginNameAndOriginal(str3, str4, Boolean.TRUE);
        }
        if (!"qrCode".equals(str)) {
            return StringUtils.isNotBlank(str2) ? this.y9UserService.findByTenantShortNameAndLoginNameAndParentId(str3, str4, str2) : this.y9UserService.findByTenantShortNameAndLoginNameAndOriginal(str3, str4, Boolean.TRUE);
        }
        String decrypt = AESUtil.decrypt(str4);
        return StringUtils.isNotBlank(decrypt) ? this.y9UserService.findByPersonIdAndOriginal(decrypt, Boolean.TRUE) : List.of();
    }

    protected Map<String, List<Object>> buildAttributes(UsernamePasswordCredential usernamePasswordCredential, Y9User y9User) {
        String username = usernamePasswordCredential.getUsername();
        Map customFields = usernamePasswordCredential.getCustomFields();
        String str = (String) customFields.get("tenantShortName");
        String str2 = (String) customFields.get("deptId");
        String str3 = (String) customFields.get("positionId");
        String str4 = (String) customFields.get("loginType");
        HashMap hashMap = new HashMap();
        hashMap.put("tenantId", toArrayList(y9User.getTenantId()));
        hashMap.put("tenantShortName", toArrayList(str));
        hashMap.put("tenantName", toArrayList(y9User.getTenantName()));
        hashMap.put("personId", toArrayList(y9User.getPersonId()));
        hashMap.put("loginName", toArrayList(username));
        hashMap.put("sex", toArrayList(y9User.getSex()));
        hashMap.put("caid", toArrayList(y9User.getCaid()));
        hashMap.put("email", toArrayList(y9User.getEmail()));
        hashMap.put("mobile", toArrayList(y9User.getMobile()));
        hashMap.put("guidPath", toArrayList(y9User.getGuidPath()));
        hashMap.put("dn", toArrayList(y9User.getDn()));
        hashMap.put("loginType", toArrayList(str4));
        hashMap.put("name", toArrayList(y9User.getName()));
        hashMap.put("parentId", toArrayList(y9User.getParentId()));
        hashMap.put("idNum", toArrayList(y9User.getIdNum()));
        hashMap.put("avator", toArrayList(y9User.getAvator()));
        hashMap.put("personType", toArrayList(y9User.getPersonType()));
        hashMap.put("password", toArrayList(y9User.getPassword()));
        Object[] objArr = new Object[1];
        objArr[0] = Boolean.valueOf(y9User.getOriginal() == null || y9User.getOriginal().booleanValue());
        hashMap.put("original", Lists.newArrayList(objArr));
        hashMap.put("originalId", toArrayList(y9User.getOriginalId()));
        Object[] objArr2 = new Object[1];
        objArr2[0] = Boolean.valueOf(y9User.getGlobalManager() != null && y9User.getGlobalManager().booleanValue());
        hashMap.put("globalManager", Lists.newArrayList(objArr2));
        hashMap.put("managerLevel", toArrayList(y9User.getManagerLevel()));
        hashMap.put("positions", toArrayList(y9User.getPositions()));
        if (!org.springframework.util.StringUtils.hasText(str3)) {
            str3 = !org.springframework.util.StringUtils.hasText(y9User.getPositions()) ? "" : y9User.getPositions().split(",")[0];
        }
        hashMap.put("positionId", toArrayList(str3));
        customFields.put("positionId", str3);
        if (!org.springframework.util.StringUtils.hasText(str2)) {
            str2 = "";
        }
        hashMap.put("deptId", toArrayList(str2));
        customFields.put("deptId", str2);
        usernamePasswordCredential.setCustomFields(customFields);
        return hashMap;
    }

    private List<Object> toArrayList(String str) {
        Object[] objArr = new Object[1];
        objArr[0] = StringUtils.isEmpty(str) ? "" : str;
        return Lists.newArrayList(objArr);
    }

    private List<Object> toArrayList(Integer num) {
        Object[] objArr = new Object[1];
        objArr[0] = Integer.valueOf(num == null ? 0 : num.intValue());
        return Lists.newArrayList(objArr);
    }

    public boolean supports(Class<? extends Credential> cls) {
        return cls.isAssignableFrom(UsernamePasswordCredential.class);
    }

    public boolean supports(Credential credential) {
        return credential instanceof UsernamePasswordCredential;
    }
}
