package y9.controller;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.FailedLoginException;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.CentralAuthenticationService;
import org.apereo.cas.authentication.AuthenticationResult;
import org.apereo.cas.authentication.AuthenticationSystemSupport;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.credential.RememberMeUsernamePasswordCredential;
import org.apereo.cas.authentication.principal.Service;
import org.apereo.cas.authentication.principal.ServiceFactory;
import org.apereo.cas.rest.BadRestRequestException;
import org.apereo.cas.ticket.Ticket;
import org.apereo.cas.web.cookie.CasCookieBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import y9.entity.Y9User;
import y9.service.Y9UserService;
import y9.util.Y9Context;
import y9.util.Y9MessageDigest;
import y9.util.common.Base64Util;
import y9.util.common.CheckPassWord;
import y9.util.common.RSAUtil;

@RequestMapping({"/api"})
@Lazy(false)
@RestController
/* loaded from: input_file:y9/controller/LogonController.class */
public class LogonController {

    @Generated
    private static final Logger LOGGER = LoggerFactory.getLogger(LogonController.class);
    private final CentralAuthenticationService centralAuthenticationService;
    private final CasCookieBuilder ticketGrantingTicketCookieGenerator;
    private final AuthenticationSystemSupport authenticationSystemSupport;
    private final ServiceFactory webApplicationServiceFactory;
    private final Y9UserService y9UserService;

    public LogonController(CentralAuthenticationService centralAuthenticationService, @Qualifier("ticketGrantingTicketCookieGenerator") CasCookieBuilder casCookieBuilder, @Qualifier("defaultAuthenticationSystemSupport") AuthenticationSystemSupport authenticationSystemSupport, @Qualifier("webApplicationServiceFactory") ServiceFactory serviceFactory, Y9UserService y9UserService) {
        this.centralAuthenticationService = centralAuthenticationService;
        this.ticketGrantingTicketCookieGenerator = casCookieBuilder;
        this.authenticationSystemSupport = authenticationSystemSupport;
        this.webApplicationServiceFactory = serviceFactory;
        this.y9UserService = y9UserService;
        LOGGER.info("LoginController created.");
    }

    public Map<String, Object> checkSsoLoginInfo(String str, String str2, String str3, String str4, String str5, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String decode;
        List<Y9User> findByTenantShortNameAndMobile;
        HashMap hashMap = new HashMap();
        try {
            String decode2 = Base64Util.decode(str2, "Unicode");
            if (StringUtils.isNotBlank(str4)) {
                str3 = RSAUtil.privateDecrypt(str3, Y9Context.getProperty("y9.rsaPrivateKey"));
            }
            decode = Base64Util.decode(str3, "Unicode");
            if (decode2.contains("&")) {
                decode2 = decode2.substring(decode2.indexOf("&") + 1);
                str = "operation";
            }
            findByTenantShortNameAndMobile = "mobile".equals(str5) ? this.y9UserService.findByTenantShortNameAndMobile(str, decode2) : this.y9UserService.findByTenantShortNameAndLoginName(str, decode2);
        } catch (Exception e) {
            hashMap.put("success", false);
            hashMap.put("msg", "认证失败!");
            LOGGER.warn(e.getMessage(), e);
        }
        if (findByTenantShortNameAndMobile.isEmpty()) {
            hashMap.put("msg", "该账号不存在，请检查账号输入是否正确！");
            hashMap.put("success", false);
            return hashMap;
        }
        if (!Y9MessageDigest.bcryptMatch(decode, findByTenantShortNameAndMobile.get(0).getPassword())) {
            hashMap.put("msg", "密码错误!");
            hashMap.put("success", false);
            return hashMap;
        }
        if (CheckPassWord.isSimplePassWord(decode)) {
            hashMap.put("msg", "密码过于简单,请重新设置密码！");
        }
        hashMap.put("success", true);
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    @PostMapping(value = {"/logon"}, consumes = {"*/*"})
    public final ResponseEntity<Map<String, Object>> logon(RememberMeUsernamePasswordCredential rememberMeUsernamePasswordCredential, @RequestBody(required = false) MultiValueMap<String, String> multiValueMap, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        HashMap hashMap = new HashMap();
        hashMap.put("success", false);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_JSON);
        try {
            if (rememberMeUsernamePasswordCredential == null) {
                throw new BadRestRequestException("No credentials are provided or extracted to authenticate the REST request");
            }
            String username = rememberMeUsernamePasswordCredential.getUsername();
            String password = rememberMeUsernamePasswordCredential.toPassword();
            Map customFields = rememberMeUsernamePasswordCredential.getCustomFields();
            Map<String, Object> checkSsoLoginInfo = checkSsoLoginInfo((String) customFields.get("tenantShortName"), username, password, httpServletRequest.getParameter("rsaPublicKey"), (String) customFields.get("loginType"), httpServletRequest, httpServletResponse);
            if (checkSsoLoginInfo.get("success").toString().equals("false")) {
                return new ResponseEntity<>(checkSsoLoginInfo, httpHeaders, HttpStatus.UNAUTHORIZED);
            }
            Service createService = this.webApplicationServiceFactory.createService(httpServletRequest);
            AuthenticationResult finalizeAuthenticationTransaction = this.authenticationSystemSupport.finalizeAuthenticationTransaction(createService, new Credential[]{rememberMeUsernamePasswordCredential});
            if (finalizeAuthenticationTransaction == null) {
                throw new FailedLoginException("Authentication failed");
            }
            String id = this.centralAuthenticationService.createTicketGrantingTicket(finalizeAuthenticationTransaction).getId();
            this.ticketGrantingTicketCookieGenerator.addCookie(httpServletRequest, httpServletResponse, id);
            Ticket grantServiceTicket = this.centralAuthenticationService.grantServiceTicket(id, createService, finalizeAuthenticationTransaction);
            checkSsoLoginInfo.put("success", true);
            checkSsoLoginInfo.put("msg", grantServiceTicket.getId());
            return new ResponseEntity<>(checkSsoLoginInfo, httpHeaders, HttpStatus.OK);
        } catch (Exception e) {
            hashMap.put("success", false);
            hashMap.put("msg", e.getMessage());
            LOGGER.error(e.getMessage(), e);
            return new ResponseEntity<>(hashMap, httpHeaders, HttpStatus.UNAUTHORIZED);
        }
    }
}
