package org.openea.eap.module.system.service.auth;

import cn.hutool.core.util.ObjectUtil;
import com.google.common.annotations.VisibleForTesting;
import com.xingyuv.captcha.model.common.ResponseModel;
import com.xingyuv.captcha.model.vo.CaptchaVO;
import com.xingyuv.captcha.service.CaptchaService;
import java.util.Objects;
import javax.annotation.Resource;
import javax.validation.Validator;
import org.openea.eap.framework.common.enums.CommonStatusEnum;
import org.openea.eap.framework.common.enums.UserTypeEnum;
import org.openea.eap.framework.common.exception.util.ServiceExceptionUtil;
import org.openea.eap.framework.common.util.monitor.TracerUtils;
import org.openea.eap.framework.common.util.servlet.ServletUtils;
import org.openea.eap.framework.common.util.validation.ValidationUtils;
import org.openea.eap.module.system.api.logger.dto.LoginLogCreateReqDTO;
import org.openea.eap.module.system.api.sms.SmsCodeApi;
import org.openea.eap.module.system.api.social.dto.SocialUserBindReqDTO;
import org.openea.eap.module.system.api.social.dto.SocialUserRespDTO;
import org.openea.eap.module.system.controller.admin.auth.vo.AuthLoginReqVO;
import org.openea.eap.module.system.controller.admin.auth.vo.AuthLoginRespVO;
import org.openea.eap.module.system.controller.admin.auth.vo.AuthSmsLoginReqVO;
import org.openea.eap.module.system.controller.admin.auth.vo.AuthSmsSendReqVO;
import org.openea.eap.module.system.controller.admin.auth.vo.AuthSocialLoginReqVO;
import org.openea.eap.module.system.convert.auth.AuthConvert;
import org.openea.eap.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
import org.openea.eap.module.system.dal.dataobject.user.AdminUserDO;
import org.openea.eap.module.system.enums.ErrorCodeConstants;
import org.openea.eap.module.system.enums.logger.LoginLogTypeEnum;
import org.openea.eap.module.system.enums.logger.LoginResultEnum;
import org.openea.eap.module.system.enums.sms.SmsSceneEnum;
import org.openea.eap.module.system.service.logger.LoginLogService;
import org.openea.eap.module.system.service.member.MemberService;
import org.openea.eap.module.system.service.oauth2.OAuth2TokenService;
import org.openea.eap.module.system.service.social.SocialUserService;
import org.openea.eap.module.system.service.user.AdminUserService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/openea/eap/module/system/service/auth/AdminAuthServiceImpl.class */
public class AdminAuthServiceImpl implements AdminAuthService {
    private static final Logger log = LoggerFactory.getLogger(AdminAuthServiceImpl.class);

    @Resource
    protected AdminUserService userService;

    @Resource
    private LoginLogService loginLogService;

    @Resource
    protected OAuth2TokenService oauth2TokenService;

    @Resource
    protected SocialUserService socialUserService;

    @Resource
    private MemberService memberService;

    @Resource
    private Validator validator;

    @Resource
    private CaptchaService captchaService;

    @Resource
    private SmsCodeApi smsCodeApi;

    @Value("${eap.captcha.enable:true}")
    private Boolean captchaEnable;

    @Override // org.openea.eap.module.system.service.auth.AdminAuthService
    public AdminUserDO authenticate(String str, String str2) {
        LoginLogTypeEnum loginLogTypeEnum = LoginLogTypeEnum.LOGIN_USERNAME;
        AdminUserDO userByUsername = this.userService.getUserByUsername(str);
        if (userByUsername == null) {
            createLoginLog(null, str, loginLogTypeEnum, LoginResultEnum.BAD_CREDENTIALS);
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.AUTH_LOGIN_BAD_CREDENTIALS);
        }
        if (!this.userService.isPasswordMatch(str2, userByUsername.getPassword())) {
            createLoginLog(userByUsername.getId(), str, loginLogTypeEnum, LoginResultEnum.BAD_CREDENTIALS);
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.AUTH_LOGIN_BAD_CREDENTIALS);
        }
        if (!CommonStatusEnum.isDisable(userByUsername.getStatus())) {
            return userByUsername;
        }
        createLoginLog(userByUsername.getId(), str, loginLogTypeEnum, LoginResultEnum.USER_DISABLED);
        throw ServiceExceptionUtil.exception(ErrorCodeConstants.AUTH_LOGIN_USER_DISABLED);
    }

    @Override // org.openea.eap.module.system.service.auth.AdminAuthService
    public AuthLoginRespVO login(AuthLoginReqVO authLoginReqVO) {
        validateCaptcha(authLoginReqVO);
        AdminUserDO authenticate = authenticate(authLoginReqVO.getUsername(), authLoginReqVO.getPassword());
        if (authLoginReqVO.getSocialType() != null) {
            this.socialUserService.bindSocialUser(new SocialUserBindReqDTO(authenticate.getId(), getUserType().getValue(), authLoginReqVO.getSocialType(), authLoginReqVO.getSocialCode(), authLoginReqVO.getSocialState()));
        }
        return createTokenAfterLoginSuccess(authenticate.getId(), authLoginReqVO.getUsername(), LoginLogTypeEnum.LOGIN_USERNAME);
    }

    @Override // org.openea.eap.module.system.service.auth.AdminAuthService
    public void sendSmsCode(AuthSmsSendReqVO authSmsSendReqVO) {
        if (this.userService.getUserByMobile(authSmsSendReqVO.getMobile()) == null) {
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.AUTH_MOBILE_NOT_EXISTS);
        }
        this.smsCodeApi.sendSmsCode(AuthConvert.INSTANCE.convert(authSmsSendReqVO).setCreateIp(ServletUtils.getClientIP()));
    }

    @Override // org.openea.eap.module.system.service.auth.AdminAuthService
    public AuthLoginRespVO smsLogin(AuthSmsLoginReqVO authSmsLoginReqVO) {
        this.smsCodeApi.useSmsCode(AuthConvert.INSTANCE.convert(authSmsLoginReqVO, SmsSceneEnum.ADMIN_MEMBER_LOGIN.getScene(), ServletUtils.getClientIP()));
        AdminUserDO userByMobile = this.userService.getUserByMobile(authSmsLoginReqVO.getMobile());
        if (userByMobile == null) {
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.USER_NOT_EXISTS);
        }
        return createTokenAfterLoginSuccess(userByMobile.getId(), authSmsLoginReqVO.getMobile(), LoginLogTypeEnum.LOGIN_MOBILE);
    }

    protected void createLoginLog(Long l, String str, LoginLogTypeEnum loginLogTypeEnum, LoginResultEnum loginResultEnum) {
        LoginLogCreateReqDTO loginLogCreateReqDTO = new LoginLogCreateReqDTO();
        loginLogCreateReqDTO.setLogType(loginLogTypeEnum.getType());
        loginLogCreateReqDTO.setTraceId(TracerUtils.getTraceId());
        loginLogCreateReqDTO.setUserId(l);
        loginLogCreateReqDTO.setUserType(getUserType().getValue());
        loginLogCreateReqDTO.setUsername(str);
        loginLogCreateReqDTO.setUserAgent(ServletUtils.getUserAgent());
        loginLogCreateReqDTO.setUserIp(ServletUtils.getClientIP());
        loginLogCreateReqDTO.setResult(loginResultEnum.getResult());
        this.loginLogService.createLoginLog(loginLogCreateReqDTO);
        if (l == null || !Objects.equals(LoginResultEnum.SUCCESS.getResult(), loginResultEnum.getResult())) {
            return;
        }
        this.userService.updateUserLogin(l, ServletUtils.getClientIP());
    }

    @Override // org.openea.eap.module.system.service.auth.AdminAuthService
    public AuthLoginRespVO socialLogin(AuthSocialLoginReqVO authSocialLoginReqVO) {
        SocialUserRespDTO socialUser = this.socialUserService.getSocialUser(UserTypeEnum.ADMIN.getValue(), authSocialLoginReqVO.getType(), authSocialLoginReqVO.getCode(), authSocialLoginReqVO.getState());
        if (socialUser == null) {
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.AUTH_THIRD_LOGIN_NOT_BIND);
        }
        AdminUserDO user = this.userService.getUser(socialUser.getUserId());
        if (user == null) {
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.USER_NOT_EXISTS);
        }
        return createTokenAfterLoginSuccess(user.getId(), user.getUsername(), LoginLogTypeEnum.LOGIN_SOCIAL);
    }

    @VisibleForTesting
    protected void validateCaptcha(AuthLoginReqVO authLoginReqVO) {
        if (this.captchaEnable.booleanValue()) {
            ValidationUtils.validate(this.validator, authLoginReqVO, new Class[]{AuthLoginReqVO.CodeEnableGroup.class});
            CaptchaVO captchaVO = new CaptchaVO();
            captchaVO.setCaptchaVerification(authLoginReqVO.getCaptchaVerification());
            ResponseModel verification = this.captchaService.verification(captchaVO);
            if (verification.isSuccess()) {
                return;
            }
            createLoginLog(null, authLoginReqVO.getUsername(), LoginLogTypeEnum.LOGIN_USERNAME, LoginResultEnum.CAPTCHA_CODE_ERROR);
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.AUTH_LOGIN_CAPTCHA_CODE_ERROR, new Object[]{verification.getRepMsg()});
        }
    }

    private AuthLoginRespVO createTokenAfterLoginSuccess(Long l, String str, LoginLogTypeEnum loginLogTypeEnum) {
        createLoginLog(l, str, loginLogTypeEnum, LoginResultEnum.SUCCESS);
        return AuthConvert.INSTANCE.convert(this.oauth2TokenService.createAccessToken(l, str, getUserType().getValue(), "default", null));
    }

    @Override // org.openea.eap.module.system.service.auth.AdminAuthService
    public AuthLoginRespVO refreshToken(String str) {
        return AuthConvert.INSTANCE.convert(this.oauth2TokenService.refreshAccessToken(str, "default"));
    }

    @Override // org.openea.eap.module.system.service.auth.AdminAuthService
    public void logout(String str, Integer num) {
        OAuth2AccessTokenDO removeAccessToken = this.oauth2TokenService.removeAccessToken(str);
        if (removeAccessToken == null) {
            return;
        }
        createLogoutLog(removeAccessToken.getUserId(), removeAccessToken.getUserType(), num);
    }

    private void createLogoutLog(Long l, Integer num, Integer num2) {
        LoginLogCreateReqDTO loginLogCreateReqDTO = new LoginLogCreateReqDTO();
        loginLogCreateReqDTO.setLogType(num2);
        loginLogCreateReqDTO.setTraceId(TracerUtils.getTraceId());
        loginLogCreateReqDTO.setUserId(l);
        loginLogCreateReqDTO.setUserType(num);
        if (ObjectUtil.equal(getUserType().getValue(), num)) {
            loginLogCreateReqDTO.setUsername(getUsername(l));
        } else {
            loginLogCreateReqDTO.setUsername(this.memberService.getMemberUserMobile(l));
        }
        loginLogCreateReqDTO.setUserAgent(ServletUtils.getUserAgent());
        loginLogCreateReqDTO.setUserIp(ServletUtils.getClientIP());
        loginLogCreateReqDTO.setResult(LoginResultEnum.SUCCESS.getResult());
        this.loginLogService.createLoginLog(loginLogCreateReqDTO);
    }

    protected String getUsername(Long l) {
        AdminUserDO user;
        if (l == null || (user = this.userService.getUser(l)) == null) {
            return null;
        }
        return user.getUsername();
    }

    protected UserTypeEnum getUserType() {
        return UserTypeEnum.ADMIN;
    }
}
