package cn.kduck.dingtalk.controller;

import cn.kduck.dingtalk.domain.UserDTO;
import cn.kduck.dingtalk.service.AuthService;
import cn.kduck.secrity.baseapp.application.BaseAppApplicationService;
import cn.kduck.secrity.baseapp.domain.entity.BaseApp;
import cn.kduck.secrity.baseapp.domain.service.impl.ClientDetailsService;
import cn.kduck.security.LoginProperties;
import com.goldgov.kduck.cache.CacheHelper;
import com.goldgov.kduck.utils.MessageUtils;
import com.goldgov.kduck.web.json.JsonObject;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import java.util.Collections;
import java.util.HashMap;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerEndpointsConfiguration;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/dingtalk/auth"})
@RestController
@CrossOrigin({"*"})
/* loaded from: input_file:cn/kduck/dingtalk/controller/AuthController.class */
public class AuthController {
    private final AuthService authService;

    @Autowired
    private LoginProperties loginProperties;

    @Autowired
    private AuthorizationServerEndpointsConfiguration endpoints;

    @Autowired
    private BaseAppApplicationService baseAppApplicationService;

    @Autowired
    private ClientDetailsService clientDetailsService;

    public AuthController(AuthService authService) {
        this.authService = authService;
    }

    @PostMapping({"/login"})
    @ApiImplicitParams({@ApiImplicitParam(name = "authCode", required = true, value = "免登临时authCode", paramType = "form"), @ApiImplicitParam(name = "appId", required = true, value = "appid", paramType = "form")})
    @ApiOperation(value = "钉钉用户登录", tags = {"钉钉登录"})
    public JsonObject login(@RequestParam String str, String str2) throws Exception {
        UserDTO login = this.authService.login(str);
        JsonObject jsonObject = new JsonObject();
        String message = MessageUtils.getMessage("login.error.enable.no", new Object[0]);
        if (LoginProperties.STATUS_ENABLE_NO.intValue() == this.loginProperties.getLoginMode().getEnableDingtalkLogin().intValue()) {
            jsonObject.setCode(JsonObject.FAIL.getCode());
            jsonObject.setMessage(message);
            return jsonObject;
        }
        if (login != null && StringUtils.isNotEmpty(login.getUserid())) {
            BaseApp data = this.baseAppApplicationService.getData(str2);
            if (data != null && data.getStatus().intValue() != 1) {
                ClientDetails clientDetailsByClientID = this.baseAppApplicationService.getClientDetailsByClientID(data.getAppKey());
                if (clientDetailsByClientID == null || clientDetailsByClientID.getRegisteredRedirectUri().isEmpty()) {
                    jsonObject.setCode(JsonObject.FAIL.getCode());
                    jsonObject.setMessage(MessageUtils.getMessage("login.error.no.client", new Object[0]));
                    return jsonObject;
                }
                CacheHelper.clear(login.getUserid());
                HashMap hashMap = new HashMap();
                hashMap.put("username", login.getUserid());
                hashMap.put("password", DigestUtils.md5Hex(login.getUserid()));
                hashMap.put("client_id", data.getAppKey());
                hashMap.put("client_secret", data.getAppSecret());
                hashMap.put("grant_type", "password");
                String str3 = (String) clientDetailsByClientID.getRegisteredRedirectUri().stream().findFirst().get();
                if (str3.contains("http://")) {
                    str3 = str3.replace("http://", "");
                }
                if (str3.contains("https://")) {
                    str3 = str3.replace("https://", "");
                }
                hashMap.put("tenant_domain", str3);
                Assert.notNull(hashMap.get("client_id"), "client_id not null");
                Assert.notNull(hashMap.get("client_secret"), "client_secret not null");
                return new JsonObject(this.endpoints.tokenEndpoint().postAccessToken(new UsernamePasswordAuthenticationToken(hashMap.get("client_id"), hashMap.get("client_secret"), Collections.emptyList()), hashMap).getBody());
            }
            jsonObject.setCode(JsonObject.FAIL.getCode());
            jsonObject.setMessage(MessageUtils.getMessage("login.error.app.offline", new Object[0]));
        }
        jsonObject.setCode(JsonObject.FAIL.getCode());
        jsonObject.setMessage(MessageUtils.getMessage("login.error.no.user", new Object[0]));
        return jsonObject;
    }

    @PostMapping({"/config"})
    public JsonObject config(@RequestParam String str) {
        return new JsonObject(this.authService.config(str));
    }

    @GetMapping({"/getUserIdByMobile"})
    @ApiImplicitParams({@ApiImplicitParam(name = "mobile", required = true, value = "手机号")})
    @ApiOperation(value = "根据手机号获得userId", tags = {"钉钉登录"})
    public JsonObject getUserIdByMobile(String str) {
        return new JsonObject(this.authService.getUserByMobile(str));
    }
}
