package com.dtyunxi.yundt.cube.center.identity.biz.service.impl;

import cn.hutool.core.map.MapUtil;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.PropertyFilter;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.dtyunxi.cube.commons.exceptions.BizException;
import com.dtyunxi.huieryun.cache.api.ICacheService;
import com.dtyunxi.util.MD5Util;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.AuthLoginReqDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.AuthLoginTokenReqDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.BindLoginWithoutAccessTokenDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.UserBindLoginThirdDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.response.ThirdLoginRespDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.response.ThirdUserInfoRespDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.response.TokenRespDto;
import com.dtyunxi.yundt.cube.center.identity.api.exception.IdentityExceptionCode;
import com.dtyunxi.yundt.cube.center.identity.biz.enums.IdentityEnum;
import com.dtyunxi.yundt.cube.center.identity.biz.service.IBindService;
import com.dtyunxi.yundt.cube.center.identity.biz.service.IThirdLoginService;
import com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService;
import com.dtyunxi.yundt.cube.center.identity.biz.service.IUserService;
import com.dtyunxi.yundt.cube.center.identity.biz.service.IVerifyCodeService;
import com.dtyunxi.yundt.cube.center.identity.strategy.AbstractThirdLoginHandler;
import com.dtyunxi.yundt.cube.center.identity.strategy.ThirdLoginContext;
import com.dtyunxi.yundt.cube.center.user.api.dto.UserDto;
import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.RandomUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
/* loaded from: input_file:com/dtyunxi/yundt/cube/center/identity/biz/service/impl/ThirdLoginServiceImpl.class */
public class ThirdLoginServiceImpl implements IThirdLoginService {

    @Value("${token.validTime}")
    private String tokenValidTime;

    @Value("${token.secretKey}")
    private String tokenSecretKey;

    @Resource
    private ITokenService tokenService;

    @Resource
    private IVerifyCodeService verifyCodeService;

    @Resource
    private IBindService bindService;

    @Resource
    private IUserService userService;

    @Resource
    private ThirdLoginContext thirdLoginContext;

    @Resource
    private ICacheService cacheService;

    @Value("${yundt.cube.center.identity.third.login.redirectHost:}")
    private String redirectUri;
    private static final Logger logger = LoggerFactory.getLogger(ThirdLoginServiceImpl.class);
    public static final PropertyFilter PASSWORD_FILTER = (obj, str, obj2) -> {
        return !"password".equals(str);
    };
    private static final Map<Integer, IdentityEnum> THIRD_IDENTITY_MAP = ImmutableMap.of(2, IdentityEnum.LOGIN_PHONE_BIND_QQ, 1, IdentityEnum.LOGIN_PHOHE_BIND_WEIXIN, 3, IdentityEnum.LOGIN_PHONE_BIND_WEIBO, 4, IdentityEnum.LOGIN_PHONE_BIND_DINGTALK, 6, IdentityEnum.LOGIN_PHONE_BIND_WECHAT_MINI_PROGRAM);

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.IThirdLoginService
    public ThirdUserInfoRespDto thirdAuth(AuthLoginReqDto authLoginReqDto) {
        AbstractThirdLoginHandler thirdLoginType = this.thirdLoginContext.getThirdLoginType(authLoginReqDto.getThirdType());
        if (StringUtils.isNotBlank(this.redirectUri) && (1 == authLoginReqDto.getThirdType().intValue() || 6 == authLoginReqDto.getThirdType().intValue())) {
            String md5ByString = MD5Util.getMd5ByString(authLoginReqDto.getRedirectUri());
            this.cacheService.add(md5ByString, authLoginReqDto.getRedirectUri());
            authLoginReqDto.setRedirectUri(this.redirectUri + "?uriKey=" + md5ByString);
        }
        return thirdLoginType.thirdAuth(authLoginReqDto);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.IThirdLoginService
    public ThirdLoginRespDto tokenAuth(AuthLoginTokenReqDto authLoginTokenReqDto) {
        return this.thirdLoginContext.getThirdLoginType(authLoginTokenReqDto.getThirdType()).tokenAuth(authLoginTokenReqDto);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.IThirdLoginService
    @Transactional(rollbackFor = {Exception.class})
    public TokenRespDto bindLogin(UserBindLoginThirdDto userBindLoginThirdDto) {
        return this.thirdLoginContext.getThirdLoginType(userBindLoginThirdDto.getThirdType()).bindLogin(userBindLoginThirdDto);
    }

    private TokenRespDto createDefaultUserWithoutAccessToken(BindLoginWithoutAccessTokenDto bindLoginWithoutAccessTokenDto) {
        Integer thirdType = bindLoginWithoutAccessTokenDto.getThirdType();
        UserDto queryThirdUser = this.bindService.queryThirdUser(bindLoginWithoutAccessTokenDto.getOpenId(), bindLoginWithoutAccessTokenDto.getUnionId(), thirdType, bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), bindLoginWithoutAccessTokenDto.getDomain());
        if (queryThirdUser != null) {
            if (bindLoginWithoutAccessTokenDto.isBlockWhenNoPhone() && StringUtils.isEmpty(queryThirdUser.getPhone())) {
                IdentityExceptionCode.throwParamException(IdentityExceptionCode.USER_NEED_PHONE_BINDED);
            }
            return this.tokenService.createTokenByPhone(thirdType, queryThirdUser, bindLoginWithoutAccessTokenDto.getValidTime());
        }
        if (bindLoginWithoutAccessTokenDto.isBlockWhenNoBind()) {
            IdentityExceptionCode.throwParamException(IdentityExceptionCode.USER_NO_EXIST);
        }
        if (StringUtils.isNotBlank(bindLoginWithoutAccessTokenDto.getDomain())) {
            Map extFields = bindLoginWithoutAccessTokenDto.getExtFields();
            if (MapUtil.isEmpty(extFields)) {
                extFields = new HashMap();
            }
            extFields.put(TokenServiceImpl.DOMAIN, bindLoginWithoutAccessTokenDto.getDomain());
            bindLoginWithoutAccessTokenDto.setExtFields(extFields);
        }
        UserDto bindThirdNo = this.bindService.bindThirdNo(bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), this.userService.addDefaultUserWithoutAccessToken(bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), bindLoginWithoutAccessTokenDto.getExtFields()).getId(), bindLoginWithoutAccessTokenDto.getOpenId(), bindLoginWithoutAccessTokenDto.getUnionId(), thirdType, bindLoginWithoutAccessTokenDto.getDomain());
        if (bindThirdNo == null) {
            IdentityExceptionCode.throwParamException(IdentityExceptionCode.BINDING_FAIL);
        }
        return this.tokenService.createTokenByPhone(thirdType, bindThirdNo, bindLoginWithoutAccessTokenDto.getValidTime());
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.IThirdLoginService
    public TokenRespDto bindLoginWithoutAccessToken(BindLoginWithoutAccessTokenDto bindLoginWithoutAccessTokenDto) {
        if (StringUtils.isEmpty(bindLoginWithoutAccessTokenDto.getOpenId()) && StringUtils.isEmpty(bindLoginWithoutAccessTokenDto.getUnionId())) {
            IdentityExceptionCode.throwParamException(IdentityExceptionCode.EMPTY_OPENID_UNIONID_ERROR);
        }
        return StringUtils.isEmpty(bindLoginWithoutAccessTokenDto.getPhone()) ? createDefaultUserWithoutAccessToken(bindLoginWithoutAccessTokenDto) : thirdLoginWithPhone(bindLoginWithoutAccessTokenDto);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.IThirdLoginService
    public void redirectUri(String str, String str2, HttpServletResponse httpServletResponse) {
        logger.info("微信网页授权code={}, uri={}", str, str2);
        String str3 = (String) this.cacheService.getCache(str2, String.class);
        if (StringUtils.isBlank(str3)) {
            throw new BizException("缺少redirectUri，请刷新重试!");
        }
        try {
            httpServletResponse.sendRedirect(str3 + (str3.indexOf("?") > 0 ? "&code=" + str : "?code=" + str));
        } catch (IOException e) {
            logger.error("忽略重定向异常");
        }
    }

    private TokenRespDto thirdLoginWithPhone(BindLoginWithoutAccessTokenDto bindLoginWithoutAccessTokenDto) {
        if (StringUtils.isNotEmpty(bindLoginWithoutAccessTokenDto.getCheckCodeUniqueId()) && StringUtils.isNotEmpty(bindLoginWithoutAccessTokenDto.getPhone()) && !bindLoginWithoutAccessTokenDto.getCheckCodeUniqueId().contains(bindLoginWithoutAccessTokenDto.getPhone())) {
            IdentityExceptionCode.throwParamException(IdentityExceptionCode.VERIFYCODE_PHONE_ERROR);
        }
        if (StringUtils.isNotEmpty(bindLoginWithoutAccessTokenDto.getCheckCode()) && StringUtils.isNotEmpty(bindLoginWithoutAccessTokenDto.getCheckCodeUniqueId()) && !this.verifyCodeService.checkPhoneCode(bindLoginWithoutAccessTokenDto.getCheckCode(), bindLoginWithoutAccessTokenDto.getCheckCodeUniqueId())) {
            IdentityExceptionCode.throwParamException(IdentityExceptionCode.CODE_NO_VALID);
        }
        UserDto queryThirdUser = this.bindService.queryThirdUser(bindLoginWithoutAccessTokenDto.getOpenId(), bindLoginWithoutAccessTokenDto.getUnionId(), bindLoginWithoutAccessTokenDto.getThirdType(), bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), bindLoginWithoutAccessTokenDto.getDomain());
        if (queryThirdUser == null) {
            UserDto userDto = new UserDto();
            userDto.setInstanceId(bindLoginWithoutAccessTokenDto.getInstanceId());
            HashMap hashMap = new HashMap();
            hashMap.put(TokenServiceImpl.DOMAIN, bindLoginWithoutAccessTokenDto.getDomain());
            userDto.setExtFields(hashMap);
            UserDto queryByLoginStr = this.userService.queryByLoginStr(bindLoginWithoutAccessTokenDto.getPhone(), userDto);
            if (queryByLoginStr != null) {
                queryThirdUser = this.bindService.bindThirdNo(bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), queryByLoginStr.getId(), bindLoginWithoutAccessTokenDto.getOpenId(), bindLoginWithoutAccessTokenDto.getUnionId(), bindLoginWithoutAccessTokenDto.getThirdType(), bindLoginWithoutAccessTokenDto.getDomain());
                if (logger.isDebugEnabled()) {
                    logger.debug("绑定的已有用户:{}", JSON.toJSONString(queryThirdUser, PASSWORD_FILTER, new SerializerFeature[0]));
                }
            } else {
                if (bindLoginWithoutAccessTokenDto.isCreateWhenPhoneInReq()) {
                    logger.debug("要直接注册用户绑定");
                } else if (bindLoginWithoutAccessTokenDto.isBlockWhenNoBind() || bindLoginWithoutAccessTokenDto.isBlockWhenNoPhone()) {
                    logger.debug("请求要求不存在用户则返回错误码");
                    IdentityExceptionCode.throwParamException(IdentityExceptionCode.USER_NO_EXIST);
                }
                if (StringUtils.isNotBlank(bindLoginWithoutAccessTokenDto.getDomain())) {
                    Map extFields = bindLoginWithoutAccessTokenDto.getExtFields();
                    if (MapUtil.isEmpty(extFields)) {
                        extFields = new HashMap();
                    }
                    extFields.put(TokenServiceImpl.DOMAIN, bindLoginWithoutAccessTokenDto.getDomain());
                    bindLoginWithoutAccessTokenDto.setExtFields(extFields);
                }
                queryThirdUser = this.bindService.bindThirdNo(bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), this.userService.addUserByPhone(bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), bindLoginWithoutAccessTokenDto.getPhone(), getRomPassword(), 1, bindLoginWithoutAccessTokenDto.getExtFields()).getId(), bindLoginWithoutAccessTokenDto.getOpenId(), bindLoginWithoutAccessTokenDto.getUnionId(), bindLoginWithoutAccessTokenDto.getThirdType(), bindLoginWithoutAccessTokenDto.getDomain());
                if (logger.isDebugEnabled()) {
                    logger.debug("注册并绑定的用户:{}", JSON.toJSONString(queryThirdUser, PASSWORD_FILTER, new SerializerFeature[0]));
                }
            }
        } else if (StringUtils.isNotEmpty(bindLoginWithoutAccessTokenDto.getPhone())) {
            this.userService.updateUserPhone(queryThirdUser.getId(), bindLoginWithoutAccessTokenDto.getPhone(), bindLoginWithoutAccessTokenDto.getInstanceId(), bindLoginWithoutAccessTokenDto.getTenantId(), bindLoginWithoutAccessTokenDto.getDomain());
        }
        IdentityEnum identityEnum = THIRD_IDENTITY_MAP.get(bindLoginWithoutAccessTokenDto.getThirdType());
        Integer num = null;
        if (identityEnum != null) {
            num = identityEnum.getCode();
        }
        return this.tokenService.createTokenByPhone(num, queryThirdUser, bindLoginWithoutAccessTokenDto.getValidTime());
    }

    private String getRomPassword() {
        return Arrays.toString(RandomUtils.nextBytes(20));
    }
}
