package cn.gtmap.gtc.sso.service.impl;

import cn.gtmap.gtc.feign.common.util.ObjectMapperUtils;
import cn.gtmap.gtc.sso.domain.dto.AuthUserDetails;
import cn.gtmap.gtc.sso.domain.dto.BaseResultDto;
import cn.gtmap.gtc.sso.domain.dto.UserDto;
import cn.gtmap.gtc.sso.domain.enums.EnableStatusEnum;
import cn.gtmap.gtc.sso.manager.UserManager;
import cn.gtmap.gtc.sso.model.builder.RoleViewBuilder;
import cn.gtmap.gtc.sso.model.builder.UserViewBuilder;
import cn.gtmap.gtc.sso.model.entity.Role;
import cn.gtmap.gtc.sso.model.entity.User;
import cn.gtmap.gtc.sso.model.entity.UserInfo;
import cn.gtmap.gtc.sso.service.AuthUserDetailsService;
import cn.gtmap.gtc.sso.service.UserService;
import cn.gtmap.gtc.sso.util.BaseUtils;
import cn.gtmap.gtc.sso.util.EscapeUnescapeUtil;
import cn.gtmap.gtc.sso.util.UrlAccessCacheUtils;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional(readOnly = true)
@Service
/* loaded from: input_file:BOOT-INF/classes/cn/gtmap/gtc/sso/service/impl/AuthUserDetailsServiceImpl.class */
public class AuthUserDetailsServiceImpl implements AuthUserDetailsService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AuthUserDetailsService.class);
    private static final String ROLE_PERFIX = "ROLE_";

    @Autowired
    private UserManager userManager;

    @Autowired
    private HttpServletRequest request;

    @Autowired
    private UrlAccessCacheUtils urlAccessCacheUtils;

    @Autowired
    private UserService userService;

    @Override // org.springframework.security.core.userdetails.UserDetailsService
    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        User findByUsername;
        if ("CA".equals(BaseUtils.getRequestParam(null, "loginType"))) {
            findByUsername = this.userManager.findByCaNumber(str);
            caAuth(findByUsername);
        } else {
            findByUsername = this.userManager.findByUsername(str);
        }
        if (null == findByUsername) {
            this.request.getSession().setAttribute("USERNAME_LOGIN_FAIL", null);
            throw new UsernameNotFoundException(str);
        }
        if (findByUsername.getLocked() == 1) {
            this.request.getSession().setAttribute("USERNAME_LOGIN_FAIL", null);
        } else {
            this.request.getSession().setAttribute("USERNAME_LOGIN_FAIL", findByUsername.getUsername());
        }
        return buildUserDetails(findByUsername, this.userManager.listAllEnableUserRoles(findByUsername.getId()));
    }

    private void caAuth(User user) {
        if (null != user) {
            BaseResultDto signCa = this.userService.signCa(EscapeUnescapeUtil.unescape(BaseUtils.getRequestParam(null, "clientCert")), EscapeUnescapeUtil.unescape(BaseUtils.getRequestParam(null, "password")));
            if (signCa.getCode() != BaseResultDto.BaseResultCode.FAILURE.intValue()) {
                this.request.setAttribute("CA_AUTH_RESULT", "true");
                return;
            }
            this.request.getSession().setAttribute("USERNAME_LOGIN_FAIL", null);
            logger.warn(ObjectMapperUtils.toJson(signCa));
            this.request.setAttribute("CA_AUTH_RESULT", "false");
            throw new UsernameNotFoundException(signCa.getMsg());
        }
    }

    private UserDetails buildUserDetails(User user, Set<Role> set) {
        AuthUserDetails authUserDetails = new AuthUserDetails();
        BeanUtils.copyProperties(user, authUserDetails);
        HashSet hashSet = new HashSet();
        if (null != set) {
            set.stream().forEach(role -> {
                hashSet.add(new SimpleGrantedAuthority(ROLE_PERFIX + role.getName().toUpperCase()));
            });
        }
        authUserDetails.setAuthorities(hashSet);
        authUserDetails.setRemoteAddr(BaseUtils.getLoginIp(this.request));
        UserDto buildUserDetail = UserViewBuilder.buildUserDetail(user);
        if (this.userManager.hasSuperAdminRole(set)) {
            buildUserDetail.setAdmin(EnableStatusEnum.ENABLED.intValue());
            authUserDetails.setAdmin(EnableStatusEnum.ENABLED.intValue());
        }
        buildUserDetail.setRoleRecordList(RoleViewBuilder.buildRoleRecords(set));
        this.urlAccessCacheUtils.addUserCache(user.getUsername(), buildUserDetail);
        return authUserDetails;
    }

    private void initUserInfo(AuthUserDetails authUserDetails, UserInfo userInfo) {
        if (null != userInfo) {
            BeanUtils.copyProperties(userInfo, authUserDetails, "id");
        }
    }
}
