package com.jxdinfo.hussar.authorization.iamdatasync.service.impl;

import com.alibaba.fastjson.JSONObject;
import com.jxdinfo.hussar.authorization.iamdatasync.service.IAMTokenToHussarTokenService;
import com.jxdinfo.hussar.encrypt.util.SM2Util;
import com.jxdinfo.hussar.platform.core.base.apiresult.ApiResponse;
import com.jxdinfo.hussar.platform.core.utils.HussarUtils;
import com.jxdinfo.hussar.support.cache.util.HussarCacheUtil;
import com.jxdinfo.hussar.support.exception.HussarException;
import com.jxdinfo.hussar.support.security.core.context.model.SecurityRequest;
import com.jxdinfo.hussar.support.security.core.context.model.SecurityResponse;
import com.jxdinfo.hussar.support.security.core.dto.PasswordEncryptDTO;
import com.jxdinfo.hussar.support.security.plugin.oauth2.customizers.HussarSecurityAuthenticationService;
import com.jxdinfo.hussar.support.security.plugin.oauth2.customizers.HussarSecurityOAuth2InterceptorCustomizers;
import com.jxdinfo.hussar.support.security.plugin.oauth2.customizers.dto.SecurityAuthenticationDto;
import com.jxdinfo.hussar.support.security.service.PasswordEncryptService;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/jxdinfo/hussar/authorization/iamdatasync/service/impl/IAMSecurityOAuth2InterceptorCustomizers.class */
public class IAMSecurityOAuth2InterceptorCustomizers implements HussarSecurityOAuth2InterceptorCustomizers {
    private static final Logger logger = LoggerFactory.getLogger(IAMSecurityOAuth2InterceptorCustomizers.class);

    @Value("${IAM.auth.refreshTime:default}")
    Integer refreshTime;

    @Value("${IAM.auth.clientId:default}")
    private String clientId;

    @Value("${IAM.auth.clientSecret:default}")
    private String clientSecret;
    private static final int IAM_EXPIRED_CODE = 777;

    @Resource
    private HussarSecurityAuthenticationService hussarSecurityAuthenticationService;

    @Resource
    private PasswordEncryptService passwordEncryptService;

    @Resource
    private IAMTokenToHussarTokenService iAMTokenToHussarTokenService;

    public void customize(SecurityRequest securityRequest, SecurityResponse securityResponse) {
        String str;
        try {
            String header = securityRequest.getHeader("iamToken");
            if (HussarUtils.isNotEmpty(header)) {
                String header2 = securityRequest.getHeader("iamClientId");
                String header3 = securityRequest.getHeader("iamRefreshToken");
                String header4 = securityRequest.getHeader("iamClientSecret");
                logger.info("解析IAMtoken参数：====iamToken={}", header);
                logger.info("解析IAMtoken参数：====iamClientId={}", header2);
                logger.info("解析IAMtoken参数：====iamRefreshToken={}", header3);
                logger.info("解析IAMtoken参数：====iamClientSecret={}", header4);
                HashMap hashMap = new HashMap();
                hashMap.put("accessToken", header);
                hashMap.put("clientId", header2);
                hashMap.put("refreshToken", header3);
                hashMap.put("clientSecret", header4);
                String str2 = (String) HussarCacheUtil.get("iam_to_hussar_token", header);
                logger.info("缓存中取hussarToken：====hussarToken={}", str2);
                if (HussarUtils.isEmpty(str2)) {
                    JSONObject userInfo = this.iAMTokenToHussarTokenService.getUserInfo(hashMap);
                    String string = userInfo.getString("errcode");
                    if (null != string) {
                        if (!"2002".equals(string)) {
                            logger.info("获取用户信息失败：msg：=============={}", userInfo.get("msg"));
                            throw new HussarException("iamToken传参有误" + userInfo.get("msg"));
                        }
                        logger.info("iamToken无效进行刷新Token：======================");
                        if (null == header3 || null == header4) {
                            logger.info("iamToken值无效且没有传iamRefreshToken或者iamClientSecret值：================");
                            throw new HussarException("iamToken值无效且没有传iamRefreshToken或者iamClientSecret值");
                        }
                        JSONObject refreshToken = this.iAMTokenToHussarTokenService.refreshToken(hashMap);
                        if (null != refreshToken.getString("errcode")) {
                            logger.info("iamToken值无效 且刷新token失败：{}======", refreshToken.getString("msg"));
                            throw new HussarException("iamToken值无效 且刷新token失败" + refreshToken.getString("msg"));
                        }
                        header = refreshToken.getString("access_token");
                        userInfo = this.iAMTokenToHussarTokenService.getUserInfo(hashMap);
                    }
                    String string2 = userInfo.getJSONArray("spRoleList").getString(0);
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("loginType", "ssoLogin");
                    hashMap2.put("loginCode", "userAccount");
                    PasswordEncryptDTO passwordEncryptInfo = this.passwordEncryptService.getPasswordEncryptInfo();
                    str = "111111";
                    str = passwordEncryptInfo.getEnabled().booleanValue() ? SM2Util.encrypt(str, passwordEncryptInfo.getEncryptKey()) : "111111";
                    SecurityAuthenticationDto securityAuthenticationDto = new SecurityAuthenticationDto();
                    securityAuthenticationDto.setClientId("hussar-base");
                    securityAuthenticationDto.setUsername(string2);
                    securityAuthenticationDto.setPassword(str);
                    securityAuthenticationDto.setParamsMapExcludeParam(hashMap2);
                    ApiResponse securityPassword = this.hussarSecurityAuthenticationService.securityPassword(securityAuthenticationDto);
                    if (securityPassword == null || !securityPassword.isSuccess()) {
                        throw new HussarException("token转换异常");
                    }
                    String obj = ((Map) securityPassword.getData()).get("access-token").toString();
                    HussarCacheUtil.put("iam_to_hussar_token", header, obj, Long.valueOf(Long.parseLong(((Map) securityPassword.getData()).get("expires-in").toString())).longValue());
                    securityRequest.setHeader("Authorization", obj);
                } else {
                    String string3 = this.iAMTokenToHussarTokenService.checkTokenValid(hashMap).getString("result");
                    if (null == string3) {
                        logger.info("iamToken传参有误：======================");
                        throw new HussarException("iamToken传参有误");
                    }
                    if ("false".equals(string3)) {
                        logger.info("iamToken无效进行刷新Token：======================");
                        if (null == header3 || null == header4) {
                            logger.info("iamToken值无效且没有传iamRefreshToken或者iamClientSecret值：================");
                            throw new HussarException("iamToken值无效且没有传iamRefreshToken或者iamClientSecret值");
                        }
                        JSONObject refreshToken2 = this.iAMTokenToHussarTokenService.refreshToken(hashMap);
                        if (null != refreshToken2.getString("errcode")) {
                            logger.info("iamToken值无效 且刷新token失败：{}======", refreshToken2.getString("msg"));
                            throw new HussarException("iamToken值无效 且刷新token失败" + refreshToken2.getString("msg"));
                        }
                        refreshToken2.getString("access_token");
                    }
                    securityRequest.setHeader("Authorization", str2);
                }
            }
            String header5 = securityRequest.getHeader("iamAuthToken");
            if (HussarUtils.isNotEmpty(header5)) {
                String header6 = securityRequest.getHeader("iamRefreshAuthToken");
                if (null == header6) {
                    logger.info("iamToken值无效且没有传iamRefreshToken================");
                    throw new HussarException("iamToken值无效且没有传iamRefreshToken");
                }
                if (header5.length() > 2) {
                    header5 = header5.substring(1, header5.length() - 1);
                }
                if (header6.length() > 2) {
                    header6 = header6.substring(1, header6.length() - 1);
                }
                logger.info("解析IAMtoken参数：====iamAuthToken={}", header5);
                logger.info("解析IAMtoken参数：====iamAuthRefreshToken={}", header6);
                HashMap hashMap3 = new HashMap();
                hashMap3.put("accessToken", header5);
                hashMap3.put("clientId", this.clientId);
                hashMap3.put("refreshToken", header6);
                hashMap3.put("clientSecret", this.clientSecret);
                JSONObject tokenInfo = this.iAMTokenToHussarTokenService.getTokenInfo(hashMap3);
                logger.info("获取jsonObject{}", tokenInfo);
                if (HussarUtils.isNotEmpty(tokenInfo.getString("errcode"))) {
                    logger.info("iamToken失效：======================");
                    throw new HussarException("iamToken失效");
                }
                if (tokenInfo.getInteger("expires_in").intValue() < this.refreshTime.intValue()) {
                    logger.info("iamToken临期进行续期Token：======================");
                    JSONObject refreshToken3 = this.iAMTokenToHussarTokenService.refreshToken(hashMap3);
                    logger.info("获取refreshTokenObject{}", refreshToken3);
                    if (null != refreshToken3.getString("errcode")) {
                        logger.info("iamToken值无效 且刷新token失败：{}======", refreshToken3.getString("msg"));
                        throw new HussarException("iamToken值无效 且刷新token失败" + refreshToken3.getString("msg"));
                    }
                    securityRequest.setHeader("iamAuthToken", refreshToken3.getString("access_token"));
                    securityRequest.setHeader("iamAuthRefreshToken", refreshToken3.getString("refresh_token"));
                }
            }
        } catch (Exception e) {
            logger.info("iamToken解析失败：========{}", e.getMessage());
            throw new HussarException(10001, "iamToken解析失败：" + e.getMessage());
        }
    }
}
