package com.qianwen.smartman.modules.auth.granter;

import java.time.Duration;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import com.qianwen.smartman.common.cache.CacheNames;
import com.qianwen.smartman.common.cache.ParamCache;
import com.qianwen.smartman.common.constant.CommonConstant;
import com.qianwen.smartman.common.utils.MessageUtils;
import com.qianwen.core.log.exception.ServiceException;
import com.qianwen.core.redis.cache.BladeRedis;
import com.qianwen.core.tool.utils.DigestUtil;
import com.qianwen.core.tool.utils.Func;
import com.qianwen.core.tool.utils.WebUtil;
import com.qianwen.smartman.modules.auth.enums.UserEnum;
import com.qianwen.smartman.modules.auth.provider.ITokenGranter;
import com.qianwen.smartman.modules.auth.provider.TokenParameter;
import com.qianwen.smartman.modules.auth.utils.TokenUtil;
import com.qianwen.smartman.modules.system.entity.Tenant;
import com.qianwen.smartman.modules.system.entity.User;
import com.qianwen.smartman.modules.system.entity.UserInfo;
import com.qianwen.smartman.modules.system.service.IRoleService;
import com.qianwen.smartman.modules.system.service.ITenantService;
import com.qianwen.smartman.modules.system.service.IUserService;
import org.springframework.stereotype.Component;

@Component
public class PasswordTokenGranter implements ITokenGranter {
    public static final String GRANT_TYPE = "password";
    public static final Integer FAIL_COUNT = 5;
    private final IUserService userService;
    private final IRoleService roleService;
    private final ITenantService tenantService;
    private final BladeRedis bladeRedis;

    public PasswordTokenGranter(IUserService userService, IRoleService roleService, ITenantService tenantService, BladeRedis bladeRedis) {
        this.userService = userService;
        this.roleService = roleService;
        this.tenantService = tenantService;
        this.bladeRedis = bladeRedis;
    }

    @Override // org.springblade.modules.auth.provider.ITokenGranter
    public UserInfo grant(TokenParameter tokenParameter) {
        HttpServletRequest request = WebUtil.getRequest();
        String headerDept = request.getHeader(TokenUtil.DEPT_HEADER_KEY);
        String headerRole = request.getHeader(TokenUtil.ROLE_HEADER_KEY);
        String tenantId = tokenParameter.getArgs().getStr("tenantId");
        String username = tokenParameter.getArgs().getStr("username");
        String password = tokenParameter.getArgs().getStr(GRANT_TYPE);
        String userId = tokenParameter.getArgs().getStr("userId");
        int cnt = 0;
        if (Func.isNotEmpty(username)) {
            cnt = Func.toInt(this.bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username)), 0);
            int failCount = Func.toInt(ParamCache.getValue(CommonConstant.FAIL_COUNT_VALUE), FAIL_COUNT.intValue());
            if (cnt >= failCount) {
                throw new ServiceException(MessageUtils.message(TokenUtil.USER_HAS_TOO_MANY_FAILS, new Object[0]));
            }
        }
        UserInfo userInfo = null;
        if (Func.isNotEmpty(userId)) {
            User user = (User) this.userService.getById(userId);
            username = user.getAccount();
            userInfo = this.userService.buildUserInfo(user);
        } else if (Func.isNoneBlank(new CharSequence[]{username, password})) {
            Tenant tenant = this.tenantService.getByTenantId(tenantId);
            if (TokenUtil.judgeTenant(tenant)) {
                throw new ServiceException(MessageUtils.message(TokenUtil.USER_HAS_NO_TENANT_PERMISSION, new Object[0]));
            }
            String userType = tokenParameter.getArgs().getStr("userType");
            if (userType.equals(UserEnum.WEB.getName())) {
                userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.WEB);
            } else if (userType.equals(UserEnum.APP.getName())) {
                userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.APP);
            } else {
                userInfo = this.userService.userInfo(tenantId, username, DigestUtil.encrypt(password), UserEnum.OTHER);
            }
        }
        if (userInfo == null || userInfo.getUser() == null) {
            this.bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username), Integer.valueOf(cnt + 1), Duration.ofMinutes(30L));
        } else {
            this.bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username));
        }
        if (Func.isNotEmpty(headerDept) && userInfo != null && userInfo.getUser().getDeptId().contains(headerDept)) {
            userInfo.getUser().setDeptId(headerDept);
        }
        if (Func.isNotEmpty(headerRole) && userInfo != null && userInfo.getUser().getRoleId().contains(headerRole)) {
            List<String> roleAliases = this.roleService.getRoleAliases(headerRole);
            userInfo.setRoles(roleAliases);
            userInfo.getUser().setRoleId(headerRole);
        }
        return userInfo;
    }
}