package com.chinamcloud.spider.auth.controller;

import com.alibaba.fastjson.JSON;
import com.chinamcloud.common.util.StringUtil;
import com.chinamcloud.spider.auth.dto.GranterDto;
import com.chinamcloud.spider.auth.service.RegisterAuthentication;
import com.chinamcloud.spider.auth.service.TokenService;
import com.chinamcloud.spider.auth.service.impl.AuthTokenAsyncHandle;
import com.chinamcloud.spider.auth.utils.AESUtil;
import com.chinamcloud.spider.auth.utils.SpiderAccessToken;
import com.chinamcloud.spider.auth.vo.AuthVo;
import com.chinamcloud.spider.base.ResultDTO;
import com.chinamcloud.spider.code.communityUser.GrantTypeConstant;
import com.chinamcloud.spider.exception.AuthAccessExcetption;
import com.chinamcloud.spider.exception.SpiderException;
import com.chinamcloud.spider.utils.RequestUtil;
import com.chinamcloud.spider.utils.StringUtils;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.CollectionUtils;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

@Api(description = "获取access_token/用户信息")
@RequestMapping({"/auth"})
@RestController
/* loaded from: input_file:com/chinamcloud/spider/auth/controller/TokenEndpoint.class */
public class TokenEndpoint {
    private static final Logger log = LoggerFactory.getLogger(TokenEndpoint.class);

    @Autowired
    private TokenService tokenService;

    @Autowired
    private RegisterAuthentication registerAuthentication;

    @Autowired
    private AESUtil aesUtil;

    @Autowired
    private AuthTokenAsyncHandle authTokenAsyncHandle;

    @RequestMapping(value = {"/auth/token"}, method = {RequestMethod.POST, RequestMethod.GET})
    @ApiOperation(value = "获取授权认证的access_token", notes = "grant_type：授权类型,如：spider_session,token:第三方token或sessionId，tenantId：租户id，这三个参数必传，在header头中传递")
    @ResponseBody
    protected ResultDTO<GranterDto> createToken(HttpServletRequest httpServletRequest, AuthVo authVo) {
        try {
            Cookie[] cookies = httpServletRequest.getCookies();
            String header = httpServletRequest.getHeader("login_cmc_id");
            String header2 = httpServletRequest.getHeader("login_cmc_tid");
            if (StringUtils.isEmpty(header)) {
                header = httpServletRequest.getHeader("login_chinamcloud_id");
            }
            if (StringUtils.isEmpty(header2)) {
                header2 = httpServletRequest.getHeader("login_chinamcloud_tid");
            }
            log.info("收到的参数：{}", JSON.toJSONString(authVo));
            if (cookies != null) {
                for (Cookie cookie : cookies) {
                    if ("login_cmc_id".equals(cookie.getName())) {
                        header = cookie.getValue();
                    }
                    if (StringUtils.isEmpty(header) && "login_chinamcloud_id".equals(cookie.getName())) {
                        header = cookie.getValue();
                    }
                    if ("login_cmc_tid".equals(cookie.getName())) {
                        header2 = cookie.getValue();
                    }
                    if (StringUtils.isEmpty(header2) && "login_chinamcloud_tid".equals(cookie.getName())) {
                        header2 = cookie.getValue();
                    }
                }
            }
            String value = RequestUtil.getValue(httpServletRequest, SpiderAccessToken.GRANT_TYPE);
            if (StringUtils.isEmpty(authVo.getTenantId())) {
                authVo.setTenantId(RequestUtil.getValue(httpServletRequest, "tenantId"));
            }
            if (StringUtils.isEmpty(authVo.getToken())) {
                authVo.setToken(RequestUtil.getValue(httpServletRequest, "token"));
            }
            if (StringUtils.isEmpty(authVo.getUid())) {
                authVo.setUid(RequestUtil.getValue(httpServletRequest, "uid"));
            }
            authVo.setGrantType(value);
            authVo.setLoginId(header);
            authVo.setLoginTid(header2);
            Integer isencrypt = authVo.getIsencrypt();
            if (isencrypt != null && isencrypt.intValue() == 1) {
                String password = authVo.getPassword();
                if (StringUtils.isNotEmpty(password)) {
                    authVo.setPassword(this.aesUtil.decrypt(password, AESUtil.DEFAULT_KEY));
                }
            }
            ResultDTO<GranterDto> createAuthToken = this.registerAuthentication.createAuthToken(authVo);
            Map<String, Object> sessionAttribute = this.tokenService.getSessionAttribute(((GranterDto) createAuthToken.getData()).getAccess_token());
            if (CollectionUtils.isEmpty(sessionAttribute)) {
                throw new SpiderException("根据token获取不到用户信息");
            }
            String obj = sessionAttribute.get("userId").toString();
            if (StringUtil.isEmpty(obj)) {
                throw new SpiderException("缓存初始化关注信息时获取不到userId");
            }
            this.authTokenAsyncHandle.syncMessage(obj, authVo.getTenantId());
            return createAuthToken;
        } catch (AuthAccessExcetption e) {
            return ResultDTO.fail(e.getErrorCode().intValue(), e.getMessage());
        }
    }

    @RequestMapping(value = {"auth/get/me"}, method = {RequestMethod.POST, RequestMethod.GET})
    @ApiImplicitParams({@ApiImplicitParam(name = "accessToken", value = "后台认证的accessToken", required = true, dataType = "String", paramType = "query")})
    @ApiOperation("根据授权认证的access_token获取用户信息")
    @ResponseBody
    protected ResultDTO<Map<String, Object>> getInfo(String str) {
        log.debug("{} 查询用户是属性", str);
        return ResultDTO.success(this.tokenService.getSessionAttribute(str));
    }

    @RequestMapping(value = {"/auth/token/inside"}, method = {RequestMethod.POST, RequestMethod.GET})
    protected ResultDTO<GranterDto> createTokenForSelf(@Validated AuthVo authVo) {
        try {
            log.info("进入新的内部认证方式member_inside:{}", authVo.toString());
            authVo.setGrantType(GrantTypeConstant.MEMBER_INSIDE.getCode());
            ResultDTO<GranterDto> createAuthToken = this.registerAuthentication.createAuthToken(authVo);
            Map<String, Object> sessionAttribute = this.tokenService.getSessionAttribute(((GranterDto) createAuthToken.getData()).getAccess_token());
            if (CollectionUtils.isEmpty(sessionAttribute)) {
                throw new SpiderException("根据token获取不到用户信息");
            }
            if (StringUtil.isEmpty(sessionAttribute.get("userId").toString())) {
                throw new SpiderException("缓存初始化关注信息时获取不到userId");
            }
            return createAuthToken;
        } catch (AuthAccessExcetption e) {
            return ResultDTO.fail(e.getErrorCode().intValue(), e.getMessage());
        }
    }
}
