package cool.scx.ext.organization.auth;

import com.fasterxml.jackson.core.type.TypeReference;
import cool.scx.core.ScxContext;
import cool.scx.ext.core.WSParam;
import cool.scx.ext.core.WSParamHandlerRegister;
import cool.scx.ext.organization.base.BaseDeptService;
import cool.scx.ext.organization.base.BaseRoleService;
import cool.scx.ext.organization.base.BaseUser;
import cool.scx.ext.organization.base.BaseUserService;
import cool.scx.ext.organization.base.PermsModel;
import cool.scx.ext.organization.exception.AuthException;
import cool.scx.ext.organization.exception.UnknownDeviceException;
import cool.scx.ext.organization.exception.UnknownLoginHandlerException;
import cool.scx.sql.base.Query;
import cool.scx.sql.where.WhereOption;
import cool.scx.util.ObjectUtils;
import cool.scx.util.RandomUtils;
import cool.scx.util.StringUtils;
import cool.scx.util.ansi.Ansi;
import cool.scx.util.ansi.AnsiElement;
import io.vertx.core.http.Cookie;
import io.vertx.ext.web.RoutingContext;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;

/* loaded from: input_file:cool/scx/ext/organization/auth/ScxAuth.class */
public final class ScxAuth {
    static final String SCX_AUTH_TOKEN_KEY = "S-Token";
    static final String SCX_AUTH_DEVICE_KEY = "S-Device";
    private static final AlreadyLoginClientMap ALREADY_LOGIN_CLIENT_MAP = new AlreadyLoginClientMap();
    private static final Path SCX_SESSION_CACHE_PATH = ScxContext.getPathByAppRoot("AppRoot:scx-session.cache");
    private static final Map<String, ThirdPartyLoginHandler<?>> THIRD_PARTY_LOGIN_HANDLER_MAP = new HashMap();
    private static BaseUserService<?> userService;
    private static BaseRoleService<?> roleService;
    private static BaseDeptService<?> deptService;

    public static void initAuth(Class<? extends BaseUserService<?>> cls, Class<? extends BaseDeptService<?>> cls2, Class<? extends BaseRoleService<?>> cls3) {
        WSParamHandlerRegister.addHandler("bind-websocket-by-token", ScxAuth::bindWebSocketByToken);
        ScxContext.scxMappingConfiguration().setScxMappingInterceptor(new PermsAnnotationInterceptor());
        ScxContext.router().corsHandler().allowedHeader(SCX_AUTH_TOKEN_KEY).allowedHeader(SCX_AUTH_DEVICE_KEY);
        ScxContext.router().vertxRouter().route().order(1).handler(new ScxAuthCookieHandler());
        userService = (BaseUserService) ScxContext.getBean(cls);
        roleService = (BaseRoleService) ScxContext.getBean(cls3);
        deptService = (BaseDeptService) ScxContext.getBean(cls2);
    }

    public static <T extends BaseUser> T getLoginUser() {
        return (T) getLoginUser(ScxContext.routingContext());
    }

    public static PermsWrapper getPerms() {
        return getPerms(getLoginUser());
    }

    public static void readSessionFromFile() {
        try {
            InputStream newInputStream = Files.newInputStream(SCX_SESSION_CACHE_PATH, new OpenOption[0]);
            try {
                AlreadyLoginClient[] alreadyLoginClientArr = (AlreadyLoginClient[]) ObjectUtils.jsonMapper(new ObjectUtils.Option[0]).readValue(newInputStream, new TypeReference<AlreadyLoginClient[]>() { // from class: cool.scx.ext.organization.auth.ScxAuth.1
                });
                ALREADY_LOGIN_CLIENT_MAP.put(alreadyLoginClientArr);
                Ansi.out().brightGreen("成功从 " + SCX_SESSION_CACHE_PATH + " 中恢复 " + alreadyLoginClientArr.length + " 条数据!!!", new AnsiElement[0]).println();
                if (newInputStream != null) {
                    newInputStream.close();
                }
            } finally {
            }
        } catch (Exception e) {
        }
    }

    public static void writeSessionToFile() {
        try {
            OutputStream newOutputStream = Files.newOutputStream(SCX_SESSION_CACHE_PATH, new OpenOption[0]);
            try {
                newOutputStream.write(ObjectUtils.toJson(ALREADY_LOGIN_CLIENT_MAP.getAllAlreadyLoginClients(), new ObjectUtils.Option[0]).getBytes(StandardCharsets.UTF_8));
                Ansi.out().red("保存 Session 到 " + SCX_SESSION_CACHE_PATH + " 中!!!", new AnsiElement[0]).println();
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
            } finally {
            }
        } catch (IOException e) {
        }
    }

    public static <T extends BaseUser> T getLoginUser(RoutingContext routingContext) {
        return (T) getLoginUserByToken(getToken(routingContext));
    }

    static void addLoginItem(String str, BaseUser baseUser, DeviceType deviceType) {
        AlreadyLoginClient alreadyLoginClient = new AlreadyLoginClient();
        alreadyLoginClient.token = str;
        alreadyLoginClient.userID = baseUser.id;
        alreadyLoginClient.loginDevice = deviceType;
        ALREADY_LOGIN_CLIENT_MAP.put(alreadyLoginClient);
    }

    public static <T extends BaseUser> T getLoginUserByToken(String str) {
        AlreadyLoginClient byToken = ALREADY_LOGIN_CLIENT_MAP.getByToken(str);
        if (byToken != null) {
            return (T) userService.get(byToken.userID.longValue());
        }
        return null;
    }

    public static AlreadyLoginClient getAlreadyLoginClient() {
        return ALREADY_LOGIN_CLIENT_MAP.getByToken(getToken(ScxContext.routingContext()));
    }

    static String getTokenFromCookie(RoutingContext routingContext) {
        Cookie cookie = routingContext.request().getCookie(SCX_AUTH_TOKEN_KEY);
        if (cookie != null) {
            return cookie.getValue();
        }
        return null;
    }

    static String getTokenFromHeader(RoutingContext routingContext) {
        return routingContext.request().getHeader(SCX_AUTH_TOKEN_KEY);
    }

    public static DeviceType getDeviceTypeByHeader(RoutingContext routingContext) {
        String header = routingContext.request().getHeader(SCX_AUTH_DEVICE_KEY);
        return header == null ? DeviceType.WEBSITE : DeviceType.of(header);
    }

    private static String getToken(RoutingContext routingContext) {
        switch (getDeviceTypeByHeader(routingContext)) {
            case WEBSITE:
                return getTokenFromCookie(routingContext);
            case ADMIN:
            case APPLE:
            case ANDROID:
                return getTokenFromHeader(routingContext);
            default:
                return null;
        }
    }

    public static void removeAuthUser(RoutingContext routingContext) {
        ALREADY_LOGIN_CLIENT_MAP.removeByToken(getToken(routingContext));
    }

    private static void bindWebSocketByToken(WSParam wSParam) {
        AlreadyLoginClient byToken;
        String str = (String) ObjectUtils.convertValue(((Map) ObjectUtils.convertValue(wSParam.data(), ObjectUtils.MAP_TYPE, new ObjectUtils.Option[0])).get("token"), String.class, new ObjectUtils.Option[0]);
        String binaryHandlerID = wSParam.webSocket().binaryHandlerID();
        if (!StringUtils.notBlank(str) || (byToken = ALREADY_LOGIN_CLIENT_MAP.getByToken(str)) == null) {
            return;
        }
        byToken.webSocketBinaryHandlerID = binaryHandlerID;
    }

    public static AlreadyLoginClient[] allAlreadyLoginClients() {
        return ALREADY_LOGIN_CLIENT_MAP.getAllAlreadyLoginClients();
    }

    public static PermsWrapper getPerms(BaseUser baseUser) {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(deptService.getDeptListByUser(baseUser));
        arrayList.addAll(roleService.getRoleListByUser(baseUser));
        HashSet hashSet = new HashSet();
        HashSet hashSet2 = new HashSet();
        HashSet hashSet3 = new HashSet();
        HashSet hashSet4 = new HashSet();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            PermsModel permsModel = (PermsModel) it.next();
            if (permsModel.pagePerms != null) {
                hashSet2.addAll(permsModel.pagePerms);
            }
            if (permsModel.pageElementPerms != null) {
                hashSet.addAll(permsModel.pageElementPerms);
            }
            if (permsModel.perms != null) {
                hashSet3.addAll(permsModel.perms);
            }
            if (permsModel.apiPerms != null) {
                hashSet4.addAll(permsModel.apiPerms);
            }
        }
        return new PermsWrapper(hashSet3, hashSet2, hashSet, hashSet4);
    }

    public static boolean hasPerm(String str) {
        BaseUser loginUser = getLoginUser();
        if (loginUser == null) {
            return false;
        }
        if (loginUser.isAdmin.booleanValue()) {
            return true;
        }
        boolean z = false;
        boolean z2 = false;
        if (loginUser.deptIDs != null && loginUser.deptIDs.size() > 0) {
            z = deptService.count(new Query().in("id", loginUser.deptIDs, new WhereOption[0]).jsonContains("perms", str, new WhereOption[0])) > 0;
        }
        if (loginUser.roleIDs != null && loginUser.roleIDs.size() > 0) {
            z2 = roleService.count(new Query().in("id", loginUser.roleIDs, new WhereOption[0]).jsonContains("perms", str, new WhereOption[0])) > 0;
        }
        return z || z2;
    }

    public static boolean hasPerm(PermFlag permFlag) {
        return hasPerm(permFlag.permString());
    }

    private static String tryGetAuthToken(RoutingContext routingContext, DeviceType deviceType) throws AuthException {
        switch (deviceType) {
            case WEBSITE:
                return getTokenFromCookie(routingContext);
            case ADMIN:
            case APPLE:
            case ANDROID:
                return RandomUtils.randomUUID();
            case UNKNOWN:
                throw new UnknownDeviceException();
            default:
                throw new IncompatibleClassChangeError();
        }
    }

    public static String login(String str, String str2, RoutingContext routingContext) {
        DeviceType deviceTypeByHeader = getDeviceTypeByHeader(routingContext);
        String tryGetAuthToken = tryGetAuthToken(routingContext, deviceTypeByHeader);
        BaseUser tryLogin = userService.tryLogin(str, str2);
        addLoginItem(tryGetAuthToken, tryLogin, deviceTypeByHeader);
        userService.updateLastLoginDateAndIP(tryLogin, "PASSWORD");
        return tryGetAuthToken;
    }

    /* JADX WARN: Type inference failed for: r0v6, types: [cool.scx.ext.organization.base.BaseUser] */
    public static String loginByThirdParty(String str, String str2, String str3, RoutingContext routingContext) {
        DeviceType deviceTypeByHeader = getDeviceTypeByHeader(routingContext);
        String tryGetAuthToken = tryGetAuthToken(routingContext, deviceTypeByHeader);
        ?? tryLogin = findThirdPartyLoginHandler(str3).tryLogin(str, str2);
        addLoginItem(tryGetAuthToken, tryLogin, deviceTypeByHeader);
        userService.updateLastLoginDateAndIP(tryLogin, str3);
        return tryGetAuthToken;
    }

    /* JADX WARN: Type inference failed for: r0v6, types: [cool.scx.ext.organization.base.BaseUser] */
    public static BaseUser signupByThirdParty(String str, String str2, String str3) {
        BaseUser baseUser = new BaseUser();
        baseUser.username = "scx_" + RandomUtils.randomString(8, true);
        baseUser.isAdmin = false;
        return findThirdPartyLoginHandler(str3).signup(str, str2, baseUser);
    }

    public static ThirdPartyLoginHandler<?> findThirdPartyLoginHandler(String str) {
        ThirdPartyLoginHandler<?> thirdPartyLoginHandler = THIRD_PARTY_LOGIN_HANDLER_MAP.get(str);
        if (thirdPartyLoginHandler == null) {
            throw new UnknownLoginHandlerException();
        }
        return thirdPartyLoginHandler;
    }

    public static void addThirdPartyLoginHandler(String str, ThirdPartyLoginHandler<?> thirdPartyLoginHandler) {
        THIRD_PARTY_LOGIN_HANDLER_MAP.put(str, thirdPartyLoginHandler);
    }

    public static AlreadyLoginClientMap alreadyLoginClientMap() {
        return ALREADY_LOGIN_CLIENT_MAP;
    }
}
