package cc.hiver.core.common.utils;

import cc.hiver.core.base.iot.IotBaseService;
import cc.hiver.core.common.constant.AppToBConstant;
import cc.hiver.core.common.constant.CommonConstant;
import cc.hiver.core.common.constant.SecurityConstant;
import cc.hiver.core.common.constant.UserConstant;
import cc.hiver.core.common.exception.HiverException;
import cc.hiver.core.common.redis.RedisTemplateHelper;
import cc.hiver.core.common.vo.TokenMember;
import cc.hiver.core.common.vo.TokenUser;
import cc.hiver.core.config.properties.HiverAppTokenProperties;
import cc.hiver.core.config.properties.HiverTokenProperties;
import cc.hiver.core.dao.DepartmentDao;
import cc.hiver.core.dao.MemberDao;
import cc.hiver.core.dao.UserDao;
import cc.hiver.core.dao.mapper.PermissionMapper;
import cc.hiver.core.dao.mapper.UserRoleMapper;
import cc.hiver.core.entity.Department;
import cc.hiver.core.entity.Member;
import cc.hiver.core.entity.Role;
import cc.hiver.core.entity.User;
import cc.hiver.core.service.mybatis.IUserRoleService;
import cc.hiver.core.vo.PermissionDTO;
import cc.hiver.core.vo.RoleDTO;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:cc/hiver/core/common/utils/SecurityUtil.class */
public class SecurityUtil {

    @Autowired
    private HiverTokenProperties tokenProperties;

    @Autowired
    private HiverAppTokenProperties appTokenProperties;

    @Autowired
    private UserDao userDao;

    @Autowired
    private UserRoleMapper userRoleMapper;

    @Autowired
    private PermissionMapper permissionMapper;

    @Autowired
    private IUserRoleService iUserRoleService;

    @Autowired
    private DepartmentDao departmentDao;

    @Autowired
    private MemberDao memberDao;

    @Autowired
    private RedisTemplateHelper redisTemplate;

    public User findUserByUsername(String str) {
        String str2 = "username::" + str;
        String str3 = this.redisTemplate.get(str2);
        if (StrUtil.isNotBlank(str3)) {
            return userToDTO((User) new Gson().fromJson(str3, User.class));
        }
        User userToDTO = userToDTO(this.userDao.findByUsername(str));
        this.redisTemplate.set(str2, new Gson().toJson(userToDTO), 15L, TimeUnit.DAYS);
        return userToDTO;
    }

    public User findUserByMobile(String str) {
        return userToDTO(this.userDao.findByMobile(str));
    }

    public User findUserByEmail(String str) {
        return userToDTO(this.userDao.findByEmail(str));
    }

    public User userToDTO(User user) {
        if (user == null) {
            return null;
        }
        user.setRoles((List) this.userRoleMapper.findByUserId(user.getId()).stream().map(role -> {
            return new RoleDTO().setId(role.getId()).setName(role.getName());
        }).collect(Collectors.toList()));
        user.setPermissions((List) this.permissionMapper.findByUserId(user.getId()).stream().filter(permission -> {
            return CommonConstant.PERMISSION_OPERATION.equals(permission.getType());
        }).map(permission2 -> {
            return new PermissionDTO().setTitle(permission2.getTitle()).setPath(permission2.getPath());
        }).collect(Collectors.toList()));
        return user;
    }

    public User checkUserPassword(String str, String str2) {
        User findUserByEmail = NameUtil.mobile(str) ? findUserByEmail(str) : NameUtil.email(str) ? findUserByEmail(str) : findUserByUsername(str);
        if (findUserByEmail != null && Boolean.valueOf(new BCryptPasswordEncoder().matches(str2, findUserByEmail.getPassword())).booleanValue()) {
            return findUserByEmail;
        }
        return null;
    }

    public String getToken(String str, Boolean bool) {
        if (StrUtil.isBlank(str)) {
            throw new HiverException("username不能为空");
        }
        return getToken(findUserByUsername(str), bool);
    }

    public String getToken(User user, Boolean bool) {
        TokenUser tokenUser;
        String str;
        if (user == null) {
            throw new HiverException("user不能为空");
        }
        if (UserConstant.USER_STATUS_LOCK.equals(user.getStatus())) {
            throw new HiverException("账户被禁用，请联系管理员");
        }
        Boolean bool2 = false;
        if (bool == null || bool.booleanValue()) {
            bool2 = true;
            if (!this.tokenProperties.getRedis().booleanValue()) {
                this.tokenProperties.setTokenExpireTime(Integer.valueOf(this.tokenProperties.getSaveLoginTime().intValue() * 60 * 24));
            }
        }
        if (this.tokenProperties.getRedis().booleanValue()) {
            str = IdUtil.simpleUUID();
            tokenUser = new TokenUser(user, this.tokenProperties.getStorePerms(), bool2);
            if (this.tokenProperties.getSdl().booleanValue()) {
                String str2 = this.redisTemplate.get(SecurityConstant.USER_TOKEN + user.getUsername());
                if (StrUtil.isNotBlank(str2)) {
                    this.redisTemplate.delete(SecurityConstant.TOKEN_PRE + str2);
                }
            }
            if (bool2.booleanValue()) {
                this.redisTemplate.set(SecurityConstant.USER_TOKEN + user.getUsername(), str, this.tokenProperties.getSaveLoginTime().intValue(), TimeUnit.DAYS);
                this.redisTemplate.set(SecurityConstant.TOKEN_PRE + str, new Gson().toJson(tokenUser), this.tokenProperties.getSaveLoginTime().intValue(), TimeUnit.DAYS);
            } else {
                this.redisTemplate.set(SecurityConstant.USER_TOKEN + user.getUsername(), str, this.tokenProperties.getTokenExpireTime().intValue(), TimeUnit.MINUTES);
                this.redisTemplate.set(SecurityConstant.TOKEN_PRE + str, new Gson().toJson(tokenUser), this.tokenProperties.getTokenExpireTime().intValue(), TimeUnit.MINUTES);
            }
        } else {
            tokenUser = new TokenUser(user, false, null);
            str = SecurityConstant.TOKEN_SPLIT + Jwts.builder().setSubject(new Gson().toJson(tokenUser)).setExpiration(new Date(System.currentTimeMillis() + (this.tokenProperties.getTokenExpireTime().intValue() * 60 * IotBaseService.DEFAULT_BATCH_SIZE))).signWith(SignatureAlgorithm.HS512, SecurityConstant.JWT_SIGN_KEY).compact();
        }
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(tokenUser, (Object) null, (Collection) null));
        return str;
    }

    public User getCurrUser() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated() || authentication.getName() == null || (authentication instanceof AnonymousAuthenticationToken)) {
            throw new HiverException("未检测到登录用户");
        }
        return findUserByUsername(authentication.getName());
    }

    public User getCurrUserSimple() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated() || authentication.getName() == null || (authentication instanceof AnonymousAuthenticationToken)) {
            throw new HiverException("未检测到登录用户");
        }
        TokenUser tokenUser = (TokenUser) authentication.getPrincipal();
        User type = new User().setUsername(tokenUser.getUsername()).setNickname(tokenUser.getNickname()).setMobile(tokenUser.getMobile()).setEmail(tokenUser.getEmail()).setDepartmentId(tokenUser.getDepartmentId()).setType(tokenUser.getType());
        if (tokenUser.getPermissions() != null && !tokenUser.getPermissions().isEmpty()) {
            type.setPermissions((List) tokenUser.getPermissions().stream().map(str -> {
                return new PermissionDTO().setTitle(str);
            }).collect(Collectors.toList()));
        }
        type.setId(tokenUser.getId());
        return type;
    }

    public Boolean isSelfDataPerm() {
        List<String> deparmentIds = getDeparmentIds();
        if (deparmentIds == null) {
            return false;
        }
        return Boolean.valueOf(deparmentIds.contains(AppToBConstant.SCAN_LOGIN_STATUS_EXPIRED));
    }

    /* JADX WARN: Type inference failed for: r2v5, types: [cc.hiver.core.common.utils.SecurityUtil$1] */
    public List<String> getDeparmentIds() {
        ArrayList arrayList = new ArrayList();
        User currUserSimple = getCurrUserSimple();
        String str = "userRole::depIds:" + currUserSimple.getId();
        String str2 = this.redisTemplate.get(str);
        if (StrUtil.isNotBlank(str2)) {
            return (List) new Gson().fromJson(str2, new TypeToken<List<String>>() { // from class: cc.hiver.core.common.utils.SecurityUtil.1
            }.getType());
        }
        List<Role> findByUserId = this.iUserRoleService.findByUserId(currUserSimple.getId());
        Boolean bool = false;
        for (Role role : findByUserId) {
            if (role.getDataType() == null || role.getDataType().equals(CommonConstant.DATA_TYPE_ALL)) {
                bool = true;
                break;
            }
        }
        if (bool.booleanValue()) {
            return null;
        }
        for (Role role2 : findByUserId) {
            if (role2.getDataType().equals(CommonConstant.DATA_TYPE_UNDER)) {
                if (StrUtil.isBlank(currUserSimple.getDepartmentId())) {
                    arrayList.add(AppToBConstant.SCAN_LOGIN_STATUS_CANCEL);
                } else {
                    ArrayList arrayList2 = new ArrayList();
                    getDepRecursion(currUserSimple.getDepartmentId(), arrayList2);
                    arrayList.addAll(arrayList2);
                }
            } else if (role2.getDataType().equals(CommonConstant.DATA_TYPE_SAME)) {
                if (StrUtil.isBlank(currUserSimple.getDepartmentId())) {
                    arrayList.add(AppToBConstant.SCAN_LOGIN_STATUS_CANCEL);
                } else {
                    arrayList.add(currUserSimple.getDepartmentId());
                }
            } else if (role2.getDataType().equals(CommonConstant.DATA_TYPE_CUSTOM)) {
                List<String> findDepIdsByUserId = this.iUserRoleService.findDepIdsByUserId(currUserSimple.getId());
                if (findDepIdsByUserId == null || findDepIdsByUserId.size() == 0) {
                    arrayList.add(AppToBConstant.SCAN_LOGIN_STATUS_CANCEL);
                } else {
                    arrayList.addAll(findDepIdsByUserId);
                }
            } else if (role2.getDataType().equals(CommonConstant.DATA_TYPE_SELF)) {
                arrayList.add(AppToBConstant.SCAN_LOGIN_STATUS_EXPIRED);
            }
        }
        LinkedHashSet linkedHashSet = new LinkedHashSet(arrayList.size());
        linkedHashSet.addAll(arrayList);
        arrayList.clear();
        arrayList.addAll(linkedHashSet);
        this.redisTemplate.set(str, new Gson().toJson(arrayList), 15L, TimeUnit.DAYS);
        return arrayList;
    }

    private void getDepRecursion(String str, List<String> list) {
        Department department = (Department) this.departmentDao.getById(str);
        list.add(department.getId());
        if (department.getIsParent() == null || !department.getIsParent().booleanValue()) {
            return;
        }
        this.departmentDao.findByParentIdAndStatusOrderBySortOrder(str, CommonConstant.STATUS_NORMAL).forEach(department2 -> {
            getDepRecursion(department2.getId(), list);
        });
    }

    public List<GrantedAuthority> getCurrUserPerms(String str) {
        ArrayList arrayList = new ArrayList();
        User findUserByUsername = findUserByUsername(str);
        if (findUserByUsername == null || findUserByUsername.getPermissions() == null || findUserByUsername.getPermissions().isEmpty()) {
            return arrayList;
        }
        Iterator<PermissionDTO> it = findUserByUsername.getPermissions().iterator();
        while (it.hasNext()) {
            arrayList.add(new SimpleGrantedAuthority(it.next().getTitle()));
        }
        return arrayList;
    }

    public Member findMemberByUsername(String str) {
        return this.memberDao.findByUsername(str);
    }

    public Member findMemberByMobile(String str) {
        String str2 = "member::" + str;
        String str3 = this.redisTemplate.get(str2);
        if (StrUtil.isNotBlank(str3)) {
            return (Member) new Gson().fromJson(str3, Member.class);
        }
        Member findByMobile = this.memberDao.findByMobile(str);
        this.redisTemplate.set(str2, new Gson().toJson(findByMobile), 15L, TimeUnit.DAYS);
        return findByMobile;
    }

    public String getAppToken(String str, Integer num) {
        if (StrUtil.isBlank(str)) {
            throw new HiverException("username不能为空");
        }
        return getAppToken(findMemberByUsername(str), num);
    }

    public String getAppToken(Member member, Integer num) {
        TokenMember tokenMember;
        String str;
        if (member == null) {
            throw new HiverException("member不能为空");
        }
        if (UserConstant.USER_STATUS_LOCK.equals(member.getStatus())) {
            throw new HiverException("账户被禁用，请联系管理员");
        }
        if (this.appTokenProperties.getRedis().booleanValue()) {
            str = IdUtil.simpleUUID();
            tokenMember = new TokenMember(member, num);
            String str2 = SecurityConstant.MEMBER_TOKEN + tokenMember.getUsername() + ":" + num;
            if (this.appTokenProperties.getSpl().booleanValue()) {
                String str3 = this.redisTemplate.get(str2);
                if (StrUtil.isNotBlank(str3)) {
                    this.redisTemplate.delete(SecurityConstant.TOKEN_MEMBER_PRE + str3);
                }
            }
            this.redisTemplate.set(str2, str, this.appTokenProperties.getTokenExpireTime().intValue(), TimeUnit.DAYS);
            this.redisTemplate.set(SecurityConstant.TOKEN_MEMBER_PRE + str, new Gson().toJson(tokenMember), this.appTokenProperties.getTokenExpireTime().intValue(), TimeUnit.DAYS);
        } else {
            tokenMember = new TokenMember(member, num);
            str = SecurityConstant.TOKEN_SPLIT + Jwts.builder().setSubject(new Gson().toJson(tokenMember)).setExpiration(new Date(System.currentTimeMillis() + (this.appTokenProperties.getTokenExpireTime().intValue() * 60 * IotBaseService.DEFAULT_BATCH_SIZE))).signWith(SignatureAlgorithm.HS512, SecurityConstant.JWT_SIGN_KEY).compact();
        }
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(tokenMember, (Object) null, (Collection) null));
        return str;
    }

    public Member getCurrMember() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated() || authentication.getName() == null || (authentication instanceof AnonymousAuthenticationToken)) {
            throw new HiverException("未检测到登录会员");
        }
        return findMemberByUsername(authentication.getName());
    }

    public Member getCurrMemberSimple() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null || !authentication.isAuthenticated() || authentication.getName() == null || (authentication instanceof AnonymousAuthenticationToken)) {
            throw new HiverException("未检测到登录会员");
        }
        TokenMember tokenMember = (TokenMember) authentication.getPrincipal();
        Member platform = new Member().setUsername(tokenMember.getUsername()).setNickname(tokenMember.getNickname()).setMobile(tokenMember.getMobile()).setEmail(tokenMember.getEmail()).setType(tokenMember.getType()).setPermissions(tokenMember.getPermissions()).setPlatform(tokenMember.getPlatform());
        platform.setId(tokenMember.getId());
        return platform;
    }
}
