package com.qianwen.smartman.modules.auth.granter;

import java.time.Duration;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import com.qianwen.smartman.common.cache.CacheNames;
import com.qianwen.smartman.common.cache.ParamCache;
import com.qianwen.smartman.common.constant.CommonConstant;
import com.qianwen.smartman.common.utils.MessageUtils;
import com.qianwen.core.log.exception.ServiceException;
import com.qianwen.core.redis.cache.BladeRedis;
import com.qianwen.core.tool.utils.DigestUtil;
import com.qianwen.core.tool.utils.Func;
import com.qianwen.core.tool.utils.StringUtil;
import com.qianwen.core.tool.utils.WebUtil;
import com.qianwen.smartman.modules.auth.enums.UserEnum;
import com.qianwen.smartman.modules.auth.provider.ITokenGranter;
import com.qianwen.smartman.modules.auth.provider.TokenParameter;
import com.qianwen.smartman.modules.auth.utils.TokenUtil;
import com.qianwen.smartman.modules.system.entity.Tenant;
import com.qianwen.smartman.modules.system.entity.UserInfo;
import com.qianwen.smartman.modules.system.service.IRoleService;
import com.qianwen.smartman.modules.system.service.ITenantService;
import com.qianwen.smartman.modules.system.service.IUserService;
import org.springframework.stereotype.Component;

@Component
/* loaded from: blade-api.jar:BOOT-INF/classes/org/springblade/modules/auth/granter/CaptchaTokenGranter.class */
public class CaptchaTokenGranter implements ITokenGranter {
    public static final String GRANT_TYPE = "captcha";
    public static final Integer FAIL_COUNT = 5;
    private final IUserService userService;
    private final IRoleService roleService;
    private final ITenantService tenantService;
    private final BladeRedis bladeRedis;

    public CaptchaTokenGranter(final IUserService userService, final IRoleService roleService, final ITenantService tenantService, final BladeRedis bladeRedis) {
        this.userService = userService;
        this.roleService = roleService;
        this.tenantService = tenantService;
        this.bladeRedis = bladeRedis;
    }

    @Override // org.springblade.modules.auth.provider.ITokenGranter
    public UserInfo grant(TokenParameter tokenParameter) {
        HttpServletRequest request = WebUtil.getRequest();
        String headerDept = request.getHeader(TokenUtil.DEPT_HEADER_KEY);
        String headerRole = request.getHeader(TokenUtil.ROLE_HEADER_KEY);
        String key = request.getHeader(TokenUtil.CAPTCHA_HEADER_KEY);
        String code = request.getHeader(TokenUtil.CAPTCHA_HEADER_CODE);
        String redisCode = (String) this.bladeRedis.get(CacheNames.CAPTCHA_KEY + key);
        if (code == null || !StringUtil.equalsIgnoreCase(redisCode, code)) {
            throw new ServiceException(MessageUtils.message(TokenUtil.CAPTCHA_NOT_CORRECT, new Object[0]));
        }
        String tenantId = tokenParameter.getArgs().getStr("tenantId");
        String username = tokenParameter.getArgs().getStr("username");
        String password = tokenParameter.getArgs().getStr(PasswordTokenGranter.GRANT_TYPE);
        int cnt = Func.toInt(this.bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username)), 0);
        int failCount = Func.toInt(ParamCache.getValue(CommonConstant.FAIL_COUNT_VALUE), FAIL_COUNT.intValue());
        if (cnt >= failCount) {
            throw new ServiceException(MessageUtils.message(TokenUtil.USER_HAS_TOO_MANY_FAILS, new Object[0]));
        }
        UserInfo userInfo = null;
        if (Func.isNoneBlank(new CharSequence[]{username, password})) {
            Tenant tenant = this.tenantService.getByTenantId(tenantId);
            if (TokenUtil.judgeTenant(tenant)) {
                throw new ServiceException(MessageUtils.message(TokenUtil.USER_HAS_NO_TENANT_PERMISSION, new Object[0]));
            }
            userInfo = getUserInfo(tokenParameter, tenantId, username, password);
        }
        if (userInfo == null || userInfo.getUser() == null) {
            this.bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username), Integer.valueOf(cnt + 1), Duration.ofMinutes(30L));
        }
        if (Func.isNotEmpty(headerDept) && userInfo != null && userInfo.getUser().getDeptId().contains(headerDept)) {
            userInfo.getUser().setDeptId(headerDept);
        }
        if (Func.isNotEmpty(headerRole) && userInfo != null && userInfo.getUser().getRoleId().contains(headerRole)) {
            List<String> roleResult = this.roleService.getRoleAliases(headerRole);
            userInfo.setRoles(roleResult);
            userInfo.getUser().setRoleId(headerRole);
        }
        this.bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username));
        return userInfo;
    }

    private UserInfo getUserInfo(TokenParameter tokenParameter, String tenantId, String username, String password) {
        UserInfo userInfo;
        String userType = tokenParameter.getArgs().getStr("userType");
        if (userType.equals(UserEnum.WEB.getName())) {
            userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.WEB);
        } else if (userType.equals(UserEnum.APP.getName())) {
            userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.APP);
        } else {
            userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.OTHER);
        }
        return userInfo;
    }
}