package com.qianwen.smartman.modules.auth.endpoint;

import com.github.xiaoymin.knife4j.annotations.ApiSort;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import com.qianwen.smartman.common.utils.MessageUtils;
import com.qianwen.core.log.annotation.ApiLog;
import com.qianwen.core.tenant.annotation.NonDS;
import com.qianwen.core.tool.support.Kv;
import com.qianwen.core.tool.utils.Func;
import com.qianwen.core.tool.utils.WebUtil;
import com.qianwen.smartman.modules.auth.granter.PasswordTokenGranter;
import com.qianwen.smartman.modules.auth.granter.RefreshTokenGranter;
import com.qianwen.smartman.modules.auth.provider.ITokenGranter;
import com.qianwen.smartman.modules.auth.provider.TokenGranterBuilder;
import com.qianwen.smartman.modules.auth.provider.TokenParameter;
import com.qianwen.smartman.modules.auth.utils.TokenUtil;
import com.qianwen.smartman.modules.system.entity.UserInfo;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"blade-auth"})
@Api(value = "资源授权认证", tags = {"授权接口"})
@RestController
@NonDS
@ApiSort(1)
/* loaded from: blade-api.jar:BOOT-INF/classes/org/springblade/modules/auth/endpoint/ResourceTokenEndPoint.class */
public class ResourceTokenEndPoint {
    @PostMapping({"/resource/{resourceType}/token"})
    @ApiLog("登录资源验证")
    @ApiOperation(value = "获取认证令牌", notes = "资源类型：machine，employee; 身份; PIN码")
    public Kv token(@PathVariable("resourceType") @ApiParam(value = "资源类型", required = true) String resourceType, @RequestParam(required = false) @ApiParam(value = "账号", required = true) String username, @RequestParam(required = false) @ApiParam(value = "PIN码", required = true) String password) {
        boolean z;
        Kv authInfo = Kv.create();
        String refreshToken = WebUtil.getRequest().getParameter(RefreshTokenGranter.GRANT_TYPE);
        String grantType = WebUtil.getRequest().getParameter("grant_type");
        if (Func.isEmpty(grantType)) {
            z = false;
        } else {
            z = grantType.equals(RefreshTokenGranter.GRANT_TYPE);
        }
        boolean isRefreshToken = z;
        TokenParameter tokenParameter = new TokenParameter();
        tokenParameter.getArgs().set("username", username).set(PasswordTokenGranter.GRANT_TYPE, password).set("refreshToken", refreshToken).set("isRefreshToken", Boolean.valueOf(isRefreshToken)).set("grantType", resourceType);
        ITokenGranter granter = TokenGranterBuilder.getGranter(resourceType);
        UserInfo userInfo = granter.grant(tokenParameter);
        if (null == userInfo || null == userInfo.getUser()) {
            return authInfo.set("error_code", 400).set("error_description", MessageUtils.message(TokenUtil.RESOURCE_NOT_FOUND, new Object[0]));
        }
        int errorCode = 200;
        String message = "";
        if (null == userInfo.getUser().getStatus() || 1 != userInfo.getUser().getStatus().intValue()) {
            errorCode = 400;
            message = MessageUtils.message(TokenUtil.USER_BLOCKED, new Object[0]);
        }
        if (200 != errorCode) {
            return authInfo.set("error_code", Integer.valueOf(errorCode)).set("error_description", message);
        }
        return TokenUtil.createAuthInfo(userInfo);
    }
}