package com.goldgov.kduck.module.password.service.impl;

import com.goldgov.kduck.cache.CacheHelper;
import com.goldgov.kduck.module.message.constant.MessageConstants;
import com.goldgov.kduck.module.message.exception.NotSupportSenderException;
import com.goldgov.kduck.module.message.sender.MessageSender;
import com.goldgov.kduck.module.password.service.CipherResetService;
import com.goldgov.kduck.module.password.service.ResetType;
import com.goldgov.kduck.module.user.service.User;
import com.goldgov.kduck.module.user.service.UserService;
import com.kcloud.ms.authentication.baseaccount.service.Account;
import com.kcloud.ms.authentication.baseaccount.service.AccountConfigService;
import com.kcloud.ms.authentication.baseaccount.service.AccountService;
import com.kcloud.ms.authentication.baseaccount.service.config.AccountAllocateConfig;
import com.kcloud.ms.authentication.baseaccount.service.config.AccountSecurityConfig;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import java.util.Random;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.util.PropertyPlaceholderHelper;
import org.springframework.util.StringUtils;

@Service
/* loaded from: input_file:com/goldgov/kduck/module/password/service/impl/CipherResetServiceImpl.class */
public class CipherResetServiceImpl implements CipherResetService {

    @Autowired
    private AccountService accountService;

    @Autowired
    private UserService userService;

    @Autowired
    private AccountConfigService accountConfigService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private List<MessageSender> messageSenderList;

    @Value("${kduck.resetpassword.verifyCodeExpired}")
    private Integer verifyCodeExpired;

    @Value("${kduck.resetpassword.verifyCodeLength}")
    private Integer verifyCodeLength;

    @Value("${message.sms.resetpassword}")
    private String phoneTemplateCode;

    @Value("${message.email.resetpassword}")
    private String emailTemplateCode;
    private final Log logger = LogFactory.getLog(getClass());
    private PropertyPlaceholderHelper propertyPlaceholderHelper = new PropertyPlaceholderHelper("{", "}");

    private MessageSender getSender(String str) {
        for (MessageSender messageSender : this.messageSenderList) {
            if (messageSender.support(str)) {
                return messageSender;
            }
        }
        throw new NotSupportSenderException(String.format("没有对应[%s]的发送方式", str));
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public String getUserByAccountName(String str) {
        Account accountByName = this.accountService.getAccountByName(str);
        if (accountByName != null) {
            return accountByName.getUserId();
        }
        throw new RuntimeException("没有找到对应的账号");
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public ResetType[] getResetTypes(String str) {
        User user = this.userService.getUser(str);
        AccountSecurityConfig accountSecurityConfig = (AccountSecurityConfig) this.accountConfigService.loadConfig("ACCOUNT_SECURITY_CONFIG", AccountSecurityConfig.class);
        ArrayList arrayList = new ArrayList();
        if (accountSecurityConfig.getSecurityRule().getAuthenticationMode() != null && Arrays.binarySearch(accountSecurityConfig.getSecurityRule().getAuthenticationMode(), AccountSecurityConfig.AUTHENTICATION_MODE_MOBILE) > -1) {
            String phone = user.getPhone();
            if (StringUtils.hasText(phone)) {
                arrayList.add(new ResetType(phone, CipherResetService.PHONE_REC));
            }
        }
        if (accountSecurityConfig.getSecurityRule().getAuthenticationMode() != null && Arrays.binarySearch(accountSecurityConfig.getSecurityRule().getAuthenticationMode(), AccountSecurityConfig.AUTHENTICATION_MODE_EMAIL) > -1) {
            String email = user.getEmail();
            if (StringUtils.hasText(email)) {
                arrayList.add(new ResetType(email, CipherResetService.EMAIL_REC));
            }
        }
        return (ResetType[]) arrayList.toArray(new ResetType[0]);
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public void sendCode(String str, String str2) {
        String randomCode = getRandomCode(this.verifyCodeLength.intValue());
        User user = this.userService.getUser(str);
        if (CipherResetService.PHONE_REC.equals(str2)) {
            String phone = user.getPhone();
            if (StringUtils.hasText(phone)) {
                sendCodeBySms(phone, randomCode);
            }
        } else if (CipherResetService.EMAIL_REC.equals(str2)) {
            String email = user.getEmail();
            if (StringUtils.hasText(email)) {
                sendCodeByEmail(email, randomCode);
            }
        }
        CacheHelper.put(CipherResetService.CACHE_VERIFY_CODE, str, randomCode, this.verifyCodeExpired.intValue());
    }

    public void sendCodeBySms(String str, String str2) {
        MessageSender sender = getSender(MessageConstants.SEND_WAY_OUTER_SMS);
        HashMap hashMap = new HashMap();
        hashMap.put("verifyCode", str2);
        ArrayList arrayList = new ArrayList();
        User user = new User();
        user.setPhone(str);
        arrayList.add(user);
        sender.send(this.phoneTemplateCode, hashMap, arrayList, (z, str3, user2, str4, str5) -> {
            if (z) {
                return;
            }
            this.logger.error("短信验证码发送失败。手机号 : " + str);
        });
    }

    public void sendCodeByEmail(String str, String str2) {
        MessageSender sender = getSender(MessageConstants.SEND_WAY_OUTER_EMAIL);
        HashMap hashMap = new HashMap();
        hashMap.put("messageName", "密码修改验证码");
        ArrayList arrayList = new ArrayList();
        User user = new User();
        user.setEmail(str);
        arrayList.add(user);
        Properties properties = new Properties();
        properties.setProperty("verifyCode", str2);
        sender.send(this.propertyPlaceholderHelper.replacePlaceholders(this.emailTemplateCode, properties), hashMap, arrayList, (z, str3, user2, str4, str5) -> {
            if (z) {
                return;
            }
            this.logger.error("邮件验证码发送失败。邮箱地址 : " + str + str5);
        });
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public boolean verifyCode(String str, String str2) {
        Object byCacheName = CacheHelper.getByCacheName(CipherResetService.CACHE_VERIFY_CODE, str);
        return byCacheName != null && byCacheName.toString().equals(str2);
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public void resetPassword(String str, String str2, String str3) {
        if (!verifyCode(str, str3)) {
            throw new RuntimeException("验证码不正确");
        }
        Account accountByUserId = this.accountService.getAccountByUserId(str);
        accountByUserId.setPassword(this.passwordEncoder.encode(str2));
        accountByUserId.setLastModifyPasswdTime(new Date());
        this.accountService.update(accountByUserId);
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public Integer[] getAuthenticationScene() {
        return ((AccountSecurityConfig) this.accountConfigService.loadConfig("ACCOUNT_SECURITY_CONFIG", AccountSecurityConfig.class)).getSecurityRule().getAuthenticationScene();
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public AccountSecurityConfig.PasswordStrength getPasswordRule() {
        return ((AccountSecurityConfig) this.accountConfigService.loadConfig("ACCOUNT_SECURITY_CONFIG", AccountSecurityConfig.class)).getPasswordStrength();
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public boolean needModifyPassword(String str) {
        AccountAllocateConfig accountAllocateConfig = (AccountAllocateConfig) this.accountConfigService.loadConfig("ACCOUNT_ALLOCATE_CONFIG", AccountAllocateConfig.class);
        AccountSecurityConfig accountSecurityConfig = (AccountSecurityConfig) this.accountConfigService.loadConfig("ACCOUNT_SECURITY_CONFIG", AccountSecurityConfig.class);
        Boolean valueOf = Boolean.valueOf(AccountAllocateConfig.STATUS_YES == accountAllocateConfig.getExtendRule().getFirstLoginUpdateForce());
        Account accountByUserId = this.accountService.getAccountByUserId(str);
        if (accountByUserId == null) {
            throw new RuntimeException("没有找到对应的账号信息");
        }
        Date lastModifyPasswdTime = accountByUserId.getLastModifyPasswdTime();
        if (valueOf != null && valueOf.booleanValue() && lastModifyPasswdTime == null) {
            return true;
        }
        Boolean valueOf2 = Boolean.valueOf(AccountSecurityConfig.STATUS_YES == accountSecurityConfig.getSecurityRule().getChangePasswordRegularly());
        if (valueOf2 == null || !valueOf2.booleanValue()) {
            return false;
        }
        Date date = lastModifyPasswdTime;
        if (date == null) {
            date = accountByUserId.getCreateTime();
        }
        Integer changePasswordCycleDays = accountSecurityConfig.getSecurityRule().getChangePasswordCycleDays();
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        Calendar calendar2 = Calendar.getInstance();
        calendar.add(5, changePasswordCycleDays.intValue());
        return calendar.before(calendar2);
    }

    @Override // com.goldgov.kduck.module.password.service.CipherResetService
    public void updatePassword(String str, String str2, String str3) {
        Account accountByUserId = this.accountService.getAccountByUserId(str);
        if (!this.passwordEncoder.matches(str2, accountByUserId.getPassword())) {
            throw new RuntimeException("旧密码不正确");
        }
        accountByUserId.setPassword(this.passwordEncoder.encode(str3));
        accountByUserId.setLastModifyPasswdTime(new Date());
        this.accountService.update(accountByUserId);
    }

    private static String getRandomCode(int i) {
        return String.format("%06d", Integer.valueOf(new Random().nextInt(((int) Math.pow(10.0d, i)) - 1)));
    }
}
