package com.dtyunxi.yundt.cube.center.identity.biz.service.impl;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.PropertyFilter;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.dtyunxi.app.ServiceContext;
import com.dtyunxi.cube.commons.exceptions.BizException;
import com.dtyunxi.cube.enhance.CubeResource;
import com.dtyunxi.cube.utils.TokenUtil;
import com.dtyunxi.cube.utils.bean.CubeBeanUtils;
import com.dtyunxi.cube.utils.bean.RegexUtils;
import com.dtyunxi.huieryun.cache.api.ICacheService;
import com.dtyunxi.rest.RestResponse;
import com.dtyunxi.yundt.cube.center.identity.api.constants.LoginStatus;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.CheckTokenReqDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.LoginReqDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.LoginSendMsgReqDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.RefreshTokenReqDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.request.UserLoginReqDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.response.LoginRespDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.response.RefreshTokenRespDto;
import com.dtyunxi.yundt.cube.center.identity.api.dto.response.TokenRespDto;
import com.dtyunxi.yundt.cube.center.identity.api.exception.IdentityExceptionCode;
import com.dtyunxi.yundt.cube.center.identity.api.vo.PwdMonitorStrategyVo;
import com.dtyunxi.yundt.cube.center.identity.biz.config.IdpUrlProperties;
import com.dtyunxi.yundt.cube.center.identity.biz.enums.IdentityEnum;
import com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService;
import com.dtyunxi.yundt.cube.center.identity.biz.service.IUserLoginConfigService;
import com.dtyunxi.yundt.cube.center.identity.biz.service.IUserService;
import com.dtyunxi.yundt.cube.center.identity.biz.service.IVerifyCodeService;
import com.dtyunxi.yundt.cube.center.identity.conf.ext.ILoginLogManageExt;
import com.dtyunxi.yundt.cube.center.identity.conf.ext.IPwdMonitorStrategyExt;
import com.dtyunxi.yundt.cube.center.identity.conf.param.AutoRedirectParam;
import com.dtyunxi.yundt.cube.center.identity.event.LoginEventDto;
import com.dtyunxi.yundt.cube.center.identity.event.LogoutEventDto;
import com.dtyunxi.yundt.cube.center.identity.mq.event.LoginEventPublisher;
import com.dtyunxi.yundt.cube.center.identity.mq.event.LogoutEventPublisher;
import com.dtyunxi.yundt.cube.center.identity.util.TokenBizUtil;
import com.dtyunxi.yundt.cube.center.identity.util.weixin.WeiXinUtil;
import com.dtyunxi.yundt.cube.center.user.api.constant.LoginNameType;
import com.dtyunxi.yundt.cube.center.user.api.constant.ValidTypeEnum;
import com.dtyunxi.yundt.cube.center.user.api.dto.AccessDto;
import com.dtyunxi.yundt.cube.center.user.api.dto.AppInstanceDto;
import com.dtyunxi.yundt.cube.center.user.api.dto.RoleDto;
import com.dtyunxi.yundt.cube.center.user.api.dto.TenantDto;
import com.dtyunxi.yundt.cube.center.user.api.dto.UserDto;
import com.dtyunxi.yundt.cube.center.user.api.dto.request.UserByLoginNameTypeQueryDto;
import com.dtyunxi.yundt.cube.center.user.api.dto.vo.UserAccessVo;
import com.dtyunxi.yundt.cube.center.user.api.query.IAccessQueryApi;
import com.dtyunxi.yundt.cube.center.user.api.query.IApplicationQueryApi;
import com.dtyunxi.yundt.cube.center.user.api.query.IUserQueryApi;
import com.google.common.collect.Sets;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.annotation.Resource;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Service;
import org.springframework.util.Assert;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.RestTemplate;

@Service
/* loaded from: input_file:com/dtyunxi/yundt/cube/center/identity/biz/service/impl/TokenServiceImpl.class */
public class TokenServiceImpl implements ITokenService {
    private static Logger logger = LoggerFactory.getLogger(TokenServiceImpl.class);
    public static final PropertyFilter PASSWORD_FILTER = (obj, str, obj2) -> {
        return !"password".equals(str);
    };
    public static final String IDP_LOGIN_OUT_URL = "%s/oauth/logout?access_token=%s";

    @Value("${identity.loginLog:true}")
    private boolean loginLog;

    @Value("${yundt.cube.center.identity.setTokenUserNameSameWithDb:0}")
    private int setTokenUserNameSameWithDb;

    @Value("${yundt.cube.center.identity.shareTokenWithSameLoginSource:true}")
    private boolean shareTokenWithSameLoginSource;

    @Autowired
    AsyncLoginLog asyncLoginLog;

    @Resource
    private IUserQueryApi userQueryApi;

    @Resource
    private IAccessQueryApi accessQueryApi;

    @Resource
    private IApplicationQueryApi applicationQueryApi;

    @Resource
    private IVerifyCodeService verifyCodeService;

    @Resource
    private IUserLoginConfigService userLoginConfigService;

    @Autowired
    private ICacheService cacheService;

    @Resource
    LoginEventPublisher loginEventPublisher;

    @Resource
    LogoutEventPublisher logoutEventPublisher;

    @Resource
    private IUserService userService;

    @Autowired
    IdpUrlProperties idpUrlProperties;

    @CubeResource
    private AutoRedirectParam autoRedirectParam;

    @CubeResource
    private IPwdMonitorStrategyExt pwdMonitorStrategyExt;

    @CubeResource
    private ILoginLogManageExt loginLogManageExt;

    @Value("${token.validTime}")
    private String tokenValidTime;

    @Value("${token.secretKey}")
    private String tokenSecretKey;

    @Value("${code.error.validTime}")
    private Integer errorValidTime;

    @Value("${login.error.limit.count}")
    private Integer errorLimitCount;
    private static final String TOKEN_KEY_PREFIX = "token#";
    public static final String ERROR_COUNT_CACHE = "identity&login&error";
    private static final String TOKEN_LOGIN_SOURCE = "loginSource";
    public static final String DOMAIN = "domain";
    public static final String TOKEN_LABEL = "label";
    public static final String TOKEN_LABEL_A = "a";
    public static final String TOKEN_LABEL_B = "b";

    @Value("${token.refreshTime:1800}")
    private int tokenRefreshTime;

    private String getTokenKey(Map map) {
        return TOKEN_KEY_PREFIX + map.get("id");
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public Map<String, Object> checkToken(String str) {
        return parseTokenByKeyAndTm(str);
    }

    private Map<String, Object> parseTokenByKeyAndTm(String str) {
        try {
            Map<String, Object> parse = TokenUtil.parse(str, this.tokenSecretKey);
            if (str.equals((String) this.cacheService.getCache(getFinalTokenKey(parse), String.class))) {
                return parse;
            }
            throw new BizException(IdentityExceptionCode.TOKEN_CODE_NO_VALID.getCode(), IdentityExceptionCode.TOKEN_CODE_NO_VALID.getMsg());
        } catch (Exception e) {
            logger.error("解析token出错", e);
            throw new BizException(IdentityExceptionCode.TOKEN_CODE_NO_VALID.getCode(), IdentityExceptionCode.TOKEN_CODE_NO_VALID.getMsg());
        }
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public Map<String, Object> checkToken(CheckTokenReqDto checkTokenReqDto) {
        Map<String, Object> parseTokenByKeyAndTm = parseTokenByKeyAndTm(checkTokenReqDto.getToken());
        Long valueOf = Long.valueOf(Long.parseLong(parseTokenByKeyAndTm.get("tenantId").toString()));
        Long valueOf2 = Long.valueOf(Long.parseLong(parseTokenByKeyAndTm.get("instanceId").toString()));
        TenantDto tenantDto = getTenantDto(checkTokenReqDto.getTenantId(), checkTokenReqDto.getInstanceId());
        if (tenantDto.getInstanceId().equals(valueOf2)) {
            return parseTokenByKeyAndTm;
        }
        if (2 == tenantDto.getIsolation().intValue()) {
            IdentityExceptionCode.throwBizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg());
        } else {
            if (tenantDto.getId().equals(valueOf)) {
                return parseTokenByKeyAndTm;
            }
            String[] splitTrustDomain = TokenBizUtil.splitTrustDomain(tenantDto.getTrustDomain());
            if (null != splitTrustDomain) {
                for (String str : splitTrustDomain) {
                    if (str.equals(valueOf)) {
                        return parseTokenByKeyAndTm;
                    }
                }
            }
        }
        throw new BizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg());
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public void deleteToken(String str) {
        String str2 = TOKEN_KEY_PREFIX + str;
        String str3 = (String) this.cacheService.getCache(str2, String.class);
        if (StringUtils.isNotBlank(str3)) {
            this.cacheService.delCache(str2);
            Map parse = TokenUtil.parse(str3, this.tokenSecretKey);
            if (parse.get(TOKEN_LOGIN_SOURCE) != null) {
                this.cacheService.delCache(str2 + "-" + parse.get(TOKEN_LOGIN_SOURCE).toString());
            }
            saveLoginOutLog(str, str3);
        }
    }

    private void saveLoginOutLog(String str, String str2) {
        UserDto userDto = new UserDto();
        userDto.setId(Long.valueOf(str));
        saveLoginLog(new UserLoginReqDto(), userDto, str2, LoginStatus.LOGIN_OUT);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public void deleteLoginToken(String str, String str2) {
        String str3 = TOKEN_KEY_PREFIX + str;
        String str4 = TOKEN_KEY_PREFIX + str + "-" + str2;
        String str5 = (String) this.cacheService.getCache(str3, String.class);
        this.cacheService.delCache(str4);
        saveLoginOutLog(str, str5);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public TokenRespDto createTokenByPhone(Integer num, UserDto userDto, Integer num2) {
        UserLoginReqDto userLoginReqDto = new UserLoginReqDto();
        userLoginReqDto.setLoginType(num);
        userLoginReqDto.setInstanceId(userDto.getInstanceId());
        userLoginReqDto.setTenantId(userDto.getTenantId());
        userLoginReqDto.setPhone(userDto.getPhone());
        userLoginReqDto.setTokenValidTime(num2);
        return createTokenRespDto(userLoginReqDto, userLoginReqDto.getPhone(), userDto, null);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public TokenRespDto createSsoToken(UserLoginReqDto userLoginReqDto) {
        String appKey = userLoginReqDto.getAppKey();
        String appSign = userLoginReqDto.getAppSign();
        AppInstanceDto appInstanceDto = (AppInstanceDto) this.applicationQueryApi.queryByHostName(appKey, "{\"tenantId\":" + userLoginReqDto.getTenantId() + ",\"instanceId\":" + userLoginReqDto.getInstanceId() + "}").getData();
        Assert.notNull(appInstanceDto, "应用实例不存在");
        Assert.isTrue(TokenUtil.isValid(appSign, appInstanceDto.getAppSecret()), "APP 签名不合法");
        return createToken(userLoginReqDto);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public void deleteSsoToken(String str, String str2) {
        Set set = (Set) this.cacheService.getCache(str2, Set.class);
        if (set == null) {
            return;
        }
        if (set.isEmpty()) {
            this.cacheService.delCache(str2);
        }
        set.remove(str);
        this.cacheService.setCache(str2, set);
        try {
            Long l = MapUtils.getLong(TokenUtil.parse(str2, this.tokenSecretKey), "id");
            if (l != null) {
                saveLoginOutLog(l.toString(), str2);
            }
        } catch (Exception e) {
            logger.info("token_code_no_valid,addLoginLog failed");
        }
    }

    private boolean needImageCode(Integer num) {
        return num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_CODE.getCode());
    }

    private boolean needPhoneCode(Integer num) {
        return num.equals(IdentityEnum.LOGIN_PHOHE_CODE.getCode());
    }

    private boolean needSlideCode(Integer num) {
        return num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_SLIDE_CODE.getCode());
    }

    private void checkImageCode(String str, String str2) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            IdentityExceptionCode.throwBizException(IdentityExceptionCode.IMAGE_CODE_PARAM_ERROR);
        }
        if (this.verifyCodeService.checkImageCode(str2, str)) {
            return;
        }
        IdentityExceptionCode.throwBizException(IdentityExceptionCode.IMAGE_CODE_NO_VALID);
    }

    private void checkCode(String str, String str2, String str3) {
        if (StringUtils.isEmpty(str2) || StringUtils.isEmpty(str3)) {
            IdentityExceptionCode.throwBizException(IdentityExceptionCode.PHONE_CODE_PARAM_ERROR);
        }
        if (!str2.contains(str)) {
            IdentityExceptionCode.throwBizException(IdentityExceptionCode.VERIFYCODE_CONFIRM_ERROR);
        }
        if (this.verifyCodeService.checkPhoneCode(str3, str2)) {
            return;
        }
        IdentityExceptionCode.throwBizException(IdentityExceptionCode.VERIFYCODE_CONFIRM_ERROR);
    }

    private void checkSlideCode(Integer num, String str) {
        if (num == null) {
            IdentityExceptionCode.throwBizException(IdentityExceptionCode.EMPTY_PARAM_ERROR.getCode(), IdentityExceptionCode.EMPTY_PARAM_ERROR.getMsg() + "slideX 不能为空");
        }
        if (StringUtils.isEmpty(str)) {
            IdentityExceptionCode.throwBizException(IdentityExceptionCode.EMPTY_PARAM_ERROR.getCode(), IdentityExceptionCode.EMPTY_PARAM_ERROR.getMsg() + "slideUniqueId 不能为空");
        }
        if (this.verifyCodeService.checkSlideCode(num, str, true)) {
            return;
        }
        IdentityExceptionCode.throwBizException(IdentityExceptionCode.VERIFYCODE_CONFIRM_ERROR);
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public TokenRespDto createToken(UserLoginReqDto userLoginReqDto) {
        PwdMonitorStrategyVo execute;
        String str = null;
        boolean isNeedValidPassWord = isNeedValidPassWord(userLoginReqDto.getLoginType());
        HashMap hashMap = new HashMap();
        if (userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_MULTIPLE_PASSWORD.getCode())) {
            hashMap.put("userName", userLoginReqDto.getUserName());
            hashMap.put("phone", userLoginReqDto.getPhone());
            hashMap.put("email", userLoginReqDto.getEmail());
        }
        if (!userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_MULTIPLE_PASSWORD.getCode())) {
            str = getLoginStr(userLoginReqDto);
            validParam(str, userLoginReqDto);
        }
        TenantDto tenantDto = getTenantDto(userLoginReqDto.getTenantId(), userLoginReqDto.getInstanceId());
        UserDto userDto = null;
        if (tenantDto == null) {
            if (userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_MULTIPLE_PASSWORD.getCode())) {
                if (null != hashMap.get("phone") && checkLoginStr((String) hashMap.get("phone")).getCode().equals(IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode())) {
                    str = (String) hashMap.get("phone");
                    userLoginReqDto.setLoginType(IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode());
                    userDto = getUserDtoOldMultiple(userLoginReqDto, str);
                }
                if (null == userDto && null != hashMap.get("userName")) {
                    str = (String) hashMap.get("userName");
                    userLoginReqDto.setLoginType(IdentityEnum.LOGIN_USERNAME_PASSWORD.getCode());
                    userDto = getUserDtoOldMultiple(userLoginReqDto, str);
                }
                if (null == userDto && null != hashMap.get("email") && checkLoginStr((String) hashMap.get("email")).getCode().equals(IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode())) {
                    str = (String) hashMap.get("email");
                    userLoginReqDto.setLoginType(IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode());
                    userDto = getUserDtoOldMultiple(userLoginReqDto, str);
                }
            } else {
                userDto = getUserDtoOld(userLoginReqDto, str);
            }
            checkLoginAppLimit(userLoginReqDto, userDto);
        } else if (userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_MULTIPLE_PASSWORD.getCode())) {
            if (null != hashMap.get("phone") && checkLoginStr((String) hashMap.get("phone")).getCode().equals(IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode())) {
                str = (String) hashMap.get("phone");
                userLoginReqDto.setLoginType(IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode());
                userDto = getUserDtoMultiple(userLoginReqDto, str, tenantDto, isNeedValidPassWord);
            }
            if (null == userDto && null != hashMap.get("userName")) {
                str = (String) hashMap.get("userName");
                userLoginReqDto.setLoginType(IdentityEnum.LOGIN_USERNAME_PASSWORD.getCode());
                userDto = getUserDtoMultiple(userLoginReqDto, str, tenantDto, isNeedValidPassWord);
            }
            if (null == userDto && null != hashMap.get("email") && checkLoginStr((String) hashMap.get("email")).getCode().equals(IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode())) {
                str = (String) hashMap.get("email");
                userLoginReqDto.setLoginType(IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode());
                userDto = getUserDtoMultiple(userLoginReqDto, str, tenantDto, isNeedValidPassWord);
            }
        } else {
            userDto = getUserDto(userLoginReqDto, str, tenantDto, isNeedValidPassWord);
        }
        if (null == userDto) {
            throw new BizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg() + "或该用户已被禁用，请联系管理员");
        }
        logger.info("Find user,userDto-info:id:" + userDto.getId() + "  TenantId:" + userDto.getTenantId() + "  InstanceId:" + userDto.getInstanceId() + " userName:" + userDto.getUserName());
        boolean z = false;
        if (isNeedValidPassWord && (execute = this.pwdMonitorStrategyExt.execute(userDto)) != null) {
            z = execute.isOpen();
            if (!execute.isResult()) {
                IdentityExceptionCode.throwBizException(IdentityExceptionCode.FAIL.getCode(), IdentityExceptionCode.FAIL.getMsg());
            }
        }
        if (tenantDto != null) {
            this.userService.handleValidResult(userDto.isValid(), userDto.getId(), z, userDto.getIllegalReason());
        } else {
            IdentityExceptionCode.throwBizException(IdentityExceptionCode.TENANT_NOT_EXIST.getCode(), IdentityExceptionCode.TENANT_NOT_EXIST.getMsg());
        }
        if (ValidTypeEnum.TEMP.getCode().equals(userDto.getValidType()) && userDto.getValidEndDate() != null && new Date().after(userDto.getValidEndDate())) {
            throw new BizException(IdentityExceptionCode.USER_ACCOUNT_OVERDUE.getCode(), IdentityExceptionCode.USER_ACCOUNT_OVERDUE.getMsg());
        }
        AppInstanceDto appInstanceDto = tenantDto.getAppInstanceDto();
        LoginSendMsgReqDto loginSendMsgReqDto = new LoginSendMsgReqDto();
        if (null != appInstanceDto) {
            loginSendMsgReqDto.setTenantName(tenantDto.getTenantName());
            loginSendMsgReqDto.setAppInstanceName(appInstanceDto.getAppName());
        }
        return createTokenRespDto(userLoginReqDto, str, userDto, loginSendMsgReqDto);
    }

    private TenantDto getTenantDto(Long l, Long l2) {
        if (l == null) {
            logger.error("====================appInstanceId========================={}", l2);
            RestResponse queryInsById = this.applicationQueryApi.queryInsById(l2, "{}");
            if (!WeiXinUtil.QY_WEIXIN_SUCCESS.equals(queryInsById.getResultCode()) || queryInsById.getData() == null) {
                IdentityExceptionCode.throwBizException(IdentityExceptionCode.APP_INSTANCE_NO_EXIST_BY_INSTANCE_ID.getCode(), IdentityExceptionCode.APP_INSTANCE_NO_EXIST_BY_INSTANCE_ID.getMsg());
            }
        }
        RestResponse queryTenantByInstanceId = this.userQueryApi.queryTenantByInstanceId(l2);
        if (!WeiXinUtil.QY_WEIXIN_SUCCESS.equals(queryTenantByInstanceId.getResultCode()) || queryTenantByInstanceId.getData() == null) {
            return null;
        }
        TenantDto tenantDto = (TenantDto) queryTenantByInstanceId.getData();
        tenantDto.setInstanceId(l2);
        return tenantDto;
    }

    protected TokenRespDto createTokenRespDto(UserLoginReqDto userLoginReqDto, String str, UserDto userDto, LoginSendMsgReqDto loginSendMsgReqDto) {
        TokenRespDto generateToken = generateToken(userLoginReqDto, str, userDto);
        saveLoginLog(userLoginReqDto, userDto, generateToken.getToken(), LoginStatus.LOGIN_IN);
        generateToken.setUserId(userDto.getId());
        return generateToken;
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public void saveLoginLog(UserLoginReqDto userLoginReqDto, UserDto userDto, String str, Integer num) {
        if (this.loginLog) {
            if (LoginStatus.LOGIN_IN.equals(num)) {
                LoginEventDto loginEventDto = new LoginEventDto();
                loginEventDto.setUserId(userDto.getId());
                this.loginEventPublisher.send(loginEventDto);
            } else if (LoginStatus.LOGIN_OUT.equals(num)) {
                LogoutEventDto logoutEventDto = new LogoutEventDto();
                logoutEventDto.setUserId(userDto.getId());
                this.logoutEventPublisher.send(logoutEventDto);
            }
            if (this.loginLogManageExt.saveLoginLog(userLoginReqDto, userDto, str, num) == null) {
                this.asyncLoginLog.saveLoginLog(userLoginReqDto, userDto, str, num);
            }
        }
    }

    private UserDto getUserDtoOld(UserLoginReqDto userLoginReqDto, String str) {
        RestResponse queryByPhone = IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode().equals(userLoginReqDto.getLoginType()) ? this.userQueryApi.queryByPhone(userLoginReqDto.getPhone(), userLoginReqDto.toQueryFilter()) : this.userQueryApi.queryByLoginStr(str, userLoginReqDto.getInstanceId(), userLoginReqDto.toQueryFilter());
        if (!queryByPhone.getResultCode().equals(WeiXinUtil.QY_WEIXIN_SUCCESS) || queryByPhone.getData() == null) {
            throw new BizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg());
        }
        if (((UserDto) queryByPhone.getData()).getStatus().equals(1)) {
            return (UserDto) queryByPhone.getData();
        }
        throw new BizException(IdentityExceptionCode.USER_DISABLE.getCode(), IdentityExceptionCode.USER_DISABLE.getMsg());
    }

    private UserDto getUserDtoOldMultiple(UserLoginReqDto userLoginReqDto, String str) {
        return (UserDto) (IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode().equals(userLoginReqDto.getLoginType()) ? this.userQueryApi.queryByPhone(userLoginReqDto.getPhone(), userLoginReqDto.toQueryFilter()) : this.userQueryApi.queryByLoginStr(str, userLoginReqDto.getInstanceId(), userLoginReqDto.toQueryFilter())).getData();
    }

    private IdentityEnum checkLoginStr(String str) {
        return (null == str || !RegexUtils.isMobile(str)) ? (null == str || !RegexUtils.isEmail(str)) ? IdentityEnum.LOGIN_MULTIPLE_PASSWORD : IdentityEnum.LOGIN_EMAIL_PASSWORD : IdentityEnum.LOGIN_PHOHE_PASSWORD;
    }

    private UserDto getUserDto(UserLoginReqDto userLoginReqDto, String str, TenantDto tenantDto, boolean z) {
        Long id = tenantDto.getId();
        LoginNameType loginNameType = getLoginNameType(userLoginReqDto);
        Integer isolation = tenantDto.getIsolation();
        if (isolation != null && isolation.intValue() == 2) {
            RestResponse queryByLoginNameAndType = this.userQueryApi.queryByLoginNameAndType(toUserByLoginNameTypeQueryDto(userLoginReqDto, str, Integer.valueOf(loginNameType.getCode()), id, tenantDto.getInstanceId(), z));
            if (queryByLoginNameAndType.getResultCode().equals(WeiXinUtil.QY_WEIXIN_SUCCESS) && queryByLoginNameAndType.getData() != null) {
                return (UserDto) queryByLoginNameAndType.getData();
            }
            if (!queryByLoginNameAndType.getResultCode().equals(WeiXinUtil.QY_WEIXIN_SUCCESS) || queryByLoginNameAndType.getData() == null) {
                throw new BizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg());
            }
            throw new BizException(IdentityExceptionCode.USER_DISABLE.getCode(), IdentityExceptionCode.USER_DISABLE.getMsg());
        }
        UserDto userDtoByTenantId = getUserDtoByTenantId(userLoginReqDto, str, loginNameType, id, z);
        if (null != userDtoByTenantId) {
            return userDtoByTenantId;
        }
        String[] splitTrustDomain = TokenBizUtil.splitTrustDomain(tenantDto.getTrustDomain());
        if (splitTrustDomain == null || splitTrustDomain.length == 0) {
            throw new BizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg());
        }
        for (String str2 : splitTrustDomain) {
            UserDto userDtoByTenantId2 = getUserDtoByTenantId(userLoginReqDto, str, loginNameType, Long.valueOf(str2), z);
            if (userDtoByTenantId2 != null) {
                return userDtoByTenantId2;
            }
        }
        throw new BizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg());
    }

    private UserDto getUserDtoMultiple(UserLoginReqDto userLoginReqDto, String str, TenantDto tenantDto, boolean z) {
        String[] splitTrustDomain;
        Long id = tenantDto.getId();
        LoginNameType loginNameType = getLoginNameType(userLoginReqDto);
        Integer isolation = tenantDto.getIsolation();
        if (isolation != null && isolation.intValue() == 2) {
            RestResponse queryByLoginNameAndType = this.userQueryApi.queryByLoginNameAndType(toUserByLoginNameTypeQueryDto(userLoginReqDto, str, Integer.valueOf(loginNameType.getCode()), id, tenantDto.getInstanceId(), z));
            if (queryByLoginNameAndType.getResultCode().equals(WeiXinUtil.QY_WEIXIN_SUCCESS) && queryByLoginNameAndType.getData() != null) {
                return (UserDto) queryByLoginNameAndType.getData();
            }
            if (!queryByLoginNameAndType.getResultCode().equals(WeiXinUtil.QY_WEIXIN_SUCCESS) || queryByLoginNameAndType.getData() == null) {
                throw new BizException(IdentityExceptionCode.USER_NO_EXIST.getCode(), IdentityExceptionCode.USER_NO_EXIST.getMsg());
            }
            throw new BizException(IdentityExceptionCode.USER_DISABLE.getCode(), IdentityExceptionCode.USER_DISABLE.getMsg());
        }
        UserDto userDtoByTenantId = getUserDtoByTenantId(userLoginReqDto, str, loginNameType, id, z);
        if (null == userDtoByTenantId && (splitTrustDomain = TokenBizUtil.splitTrustDomain(tenantDto.getTrustDomain())) != null) {
            for (String str2 : splitTrustDomain) {
                userDtoByTenantId = getUserDtoByTenantId(userLoginReqDto, str, loginNameType, Long.valueOf(str2), z);
                if (userDtoByTenantId != null) {
                    return userDtoByTenantId;
                }
            }
        }
        return userDtoByTenantId;
    }

    private UserByLoginNameTypeQueryDto toUserByLoginNameTypeQueryDto(UserLoginReqDto userLoginReqDto, String str, Integer num, Long l, Long l2, boolean z) {
        UserByLoginNameTypeQueryDto userByLoginNameTypeQueryDto = new UserByLoginNameTypeQueryDto();
        userByLoginNameTypeQueryDto.setLoginName(str);
        userByLoginNameTypeQueryDto.setLoginNameType(num);
        userByLoginNameTypeQueryDto.setTenantId(l);
        userByLoginNameTypeQueryDto.setInstanceId(l2);
        if (null != userLoginReqDto.getExtFields() && null != userLoginReqDto.getExtFields().get(DOMAIN)) {
            userByLoginNameTypeQueryDto.setDomain((String) userLoginReqDto.getExtFields().get(DOMAIN));
        }
        userByLoginNameTypeQueryDto.setExtFields((Map) null);
        if (z) {
            userByLoginNameTypeQueryDto.setPassword(userLoginReqDto.getPassword());
        }
        return userByLoginNameTypeQueryDto;
    }

    private LoginNameType getLoginNameType(UserLoginReqDto userLoginReqDto) {
        if (null != userLoginReqDto.getLoginType()) {
            Integer loginType = userLoginReqDto.getLoginType();
            if (loginType.intValue() == IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode().intValue()) {
                return LoginNameType.EMAIL;
            }
            if (loginType.intValue() == IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode().intValue() || loginType.intValue() == IdentityEnum.LOGIN_PHOHE_CODE.getCode().intValue()) {
                return LoginNameType.PHONE;
            }
            if (loginType.intValue() == IdentityEnum.LOGIN_USERNAME_PASSWORD.getCode().intValue() || loginType.intValue() == IdentityEnum.LOGIN_USERNAME_PASSWORD_CODE.getCode().intValue()) {
                return LoginNameType.USER_NAME;
            }
            if (loginType.intValue() == IdentityEnum.LOGIN_IDCARD_PASSWORD.getCode().intValue()) {
                return LoginNameType.USER_NAME;
            }
        }
        return LoginNameType.USER_NAME;
    }

    private UserDto getUserDtoByTenantId(UserLoginReqDto userLoginReqDto, String str, LoginNameType loginNameType, Long l, boolean z) {
        RestResponse queryByLoginNameAndType = this.userQueryApi.queryByLoginNameAndType(toUserByLoginNameTypeQueryDto(userLoginReqDto, str, Integer.valueOf(loginNameType.getCode()), l, null, z));
        if (!queryByLoginNameAndType.getResultCode().equals(WeiXinUtil.QY_WEIXIN_SUCCESS) || queryByLoginNameAndType.getData() == null) {
            return null;
        }
        return (UserDto) queryByLoginNameAndType.getData();
    }

    private void validParam(String str, UserLoginReqDto userLoginReqDto) {
        String code = IdentityExceptionCode.EMPTY_PARAM_ERROR.getCode();
        String msg = IdentityExceptionCode.EMPTY_PARAM_ERROR.getMsg();
        if (null == userLoginReqDto.getInstanceId()) {
            IdentityExceptionCode.throwBizException(code, msg + "应用实例Id不能为空");
        }
        if (StringUtils.isEmpty(str)) {
            if (userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_IDCARD_PASSWORD.getCode())) {
                IdentityExceptionCode.throwBizException(code, msg + " idCode 不能为空");
            }
            if (userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode()) || userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_PHOHE_CODE.getCode())) {
                IdentityExceptionCode.throwBizException(code, msg + " phone 不能为空");
            }
            if (userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_USERNAME_PASSWORD.getCode()) || userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_SLIDE_CODE.getCode())) {
                IdentityExceptionCode.throwBizException(code, msg + " userName 不能为空");
            }
            if (userLoginReqDto.getLoginType().equals(IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode())) {
                IdentityExceptionCode.throwBizException(code, msg + " email 不能为空");
            }
        }
        if (isNeedValidPassWord(userLoginReqDto.getLoginType()) && StringUtils.isEmpty(userLoginReqDto.getPassword())) {
            IdentityExceptionCode.throwBizException(code, msg + " password 不能为空");
        }
        if (isNeedValidCode(userLoginReqDto.getLoginType()).booleanValue()) {
            checkValidCode(userLoginReqDto.getLoginType(), userLoginReqDto);
        }
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public Boolean isNeedValidCode(Integer num) {
        if (num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_CODE.getCode()) || num.equals(IdentityEnum.LOGIN_PHOHE_CODE.getCode())) {
            return true;
        }
        return Boolean.valueOf(num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_SLIDE_CODE.getCode()));
    }

    private void checkValidCode(Integer num, UserLoginReqDto userLoginReqDto) {
        if (num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_CODE.getCode())) {
            checkImageCode(userLoginReqDto.getUniqueId(), userLoginReqDto.getCode());
        }
        if (num.equals(IdentityEnum.LOGIN_PHOHE_CODE.getCode())) {
            checkCode(userLoginReqDto.getPhone(), userLoginReqDto.getCheckCodeUniqueId(), userLoginReqDto.getCheckCode());
        }
        if (num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_SLIDE_CODE.getCode())) {
            checkSlideCode(userLoginReqDto.getSlideX(), userLoginReqDto.getSlideUniqueId());
        }
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public boolean isNeedValidPassWord(Integer num) {
        return num.equals(IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode()) || num.equals(IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode()) || num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD.getCode()) || num.equals(IdentityEnum.LOGIN_IDCARD_PASSWORD.getCode()) || num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_CODE.getCode()) || num.equals(IdentityEnum.LOGIN_MULTIPLE_PASSWORD.getCode()) || num.equals(IdentityEnum.LOGIN_USERNAME_PASSWORD_SLIDE_CODE.getCode());
    }

    private String getLoginStr(UserLoginReqDto userLoginReqDto) {
        Integer loginType = userLoginReqDto.getLoginType();
        String str = "";
        if (loginType.intValue() == IdentityEnum.LOGIN_EMAIL_PASSWORD.getCode().intValue()) {
            str = userLoginReqDto.getEmail();
        } else if (loginType.intValue() == IdentityEnum.LOGIN_PHOHE_PASSWORD.getCode().intValue() || loginType.intValue() == IdentityEnum.LOGIN_PHOHE_CODE.getCode().intValue()) {
            str = userLoginReqDto.getPhone();
        } else if (loginType.intValue() == IdentityEnum.LOGIN_USERNAME_PASSWORD.getCode().intValue() || loginType.intValue() == IdentityEnum.LOGIN_USERNAME_PASSWORD_CODE.getCode().intValue() || loginType.intValue() == IdentityEnum.LOGIN_USERNAME_PASSWORD_SLIDE_CODE.getCode().intValue()) {
            str = userLoginReqDto.getUserName();
        } else if (loginType.intValue() == IdentityEnum.LOGIN_IDCARD_PASSWORD.getCode().intValue()) {
            str = userLoginReqDto.getIdCode();
        }
        return str;
    }

    private void addLoginErrorCount(String str) {
        Integer num = (Integer) this.cacheService.getCache(ERROR_COUNT_CACHE + str, Integer.class);
        if (num == null) {
            this.cacheService.add(ERROR_COUNT_CACHE + str, 1, this.errorValidTime.intValue());
        } else {
            this.cacheService.setCache(ERROR_COUNT_CACHE + str, Integer.valueOf(num.intValue() + 1), this.errorValidTime.intValue());
        }
    }

    protected TokenRespDto generateToken(UserLoginReqDto userLoginReqDto, String str, UserDto userDto) {
        String str2;
        long toLiveTime;
        TokenRespDto tokenRespDto = new TokenRespDto();
        String loginSource = userLoginReqDto.getLoginSource();
        if (StringUtils.isNotBlank(loginSource)) {
            String str3 = TOKEN_KEY_PREFIX + userDto.getId() + "-" + loginSource;
            str2 = (String) this.cacheService.getCache(str3, String.class);
            toLiveTime = this.cacheService.getToLiveTime(str3);
        } else {
            String str4 = TOKEN_KEY_PREFIX + userDto.getId();
            str2 = (String) this.cacheService.getCache(str4, String.class);
            toLiveTime = this.cacheService.getToLiveTime(str4);
        }
        if (StringUtils.isNotBlank(str2) && this.shareTokenWithSameLoginSource) {
            tokenRespDto.setToken(str2);
            tokenRespDto.setTokenValidTime(Integer.valueOf(Long.valueOf(toLiveTime).intValue()));
            return tokenRespDto;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("id", userDto.getId());
        if (this.setTokenUserNameSameWithDb == 1) {
            hashMap.put("loginName", userDto.getUserName());
        } else {
            hashMap.put("loginName", str);
        }
        hashMap.put("instanceId", userDto.getInstanceId());
        hashMap.put("tenantId", userDto.getTenantId());
        hashMap.put(TOKEN_LOGIN_SOURCE, userLoginReqDto.getLoginSource());
        if (StringUtils.isNotBlank(userDto.getDomain())) {
            hashMap.put(DOMAIN, userDto.getDomain());
        } else if (null != userDto.getExtFields() && StringUtils.isNotBlank((String) userDto.getExtFields().get(DOMAIN))) {
            hashMap.put(DOMAIN, userDto.getExtFields().get(DOMAIN));
        }
        int parseInt = Integer.parseInt(this.tokenValidTime);
        if (userLoginReqDto.getTokenValidTime() != null && userLoginReqDto.getTokenValidTime().intValue() > 0) {
            parseInt = userLoginReqDto.getTokenValidTime().intValue();
        }
        String generate = TokenUtil.generate(this.tokenSecretKey, parseInt, hashMap);
        cacheToken(userLoginReqDto, getTokenKey(hashMap), generate, parseInt);
        tokenRespDto.setToken(generate);
        tokenRespDto.setTokenValidTime(Integer.valueOf(parseInt));
        return tokenRespDto;
    }

    protected void cacheToken(UserLoginReqDto userLoginReqDto, String str, String str2, int i) {
        if (StringUtils.isNotBlank(userLoginReqDto.getLoginSource())) {
            this.cacheService.setCache(str + "-" + userLoginReqDto.getLoginSource(), str2, i);
        } else {
            this.cacheService.setCache(str, str2, i);
        }
        if (StringUtils.isNotBlank(userLoginReqDto.getAppKey())) {
            this.cacheService.setCache(str2, Sets.newHashSet(new String[]{userLoginReqDto.getAppKey()}), i);
        }
    }

    private void checkLoginAppLimit(UserLoginReqDto userLoginReqDto, UserDto userDto) {
        if (StringUtils.isBlank(userLoginReqDto.getAppKey()) && StringUtils.isBlank(userLoginReqDto.getAppSign())) {
            return;
        }
        Long instanceId = userDto.getInstanceId();
        UserAccessVo userAccessVo = (UserAccessVo) this.accessQueryApi.queryUserAccess(userDto.getInstanceId(), userDto.getId(), "{\"tenantId\":" + userDto.getTenantId() + ",\"instanceId\":" + instanceId + "}").getData();
        Assert.notNull(userAccessVo, "用户权限未定义");
        boolean z = false;
        for (AccessDto accessDto : userAccessVo.getAccessSet()) {
            if (accessDto.getResourceType().intValue() == 3 && instanceId.compareTo(accessDto.getResourceId()) == 0 && accessDto.getPermissions().intValue() > 0) {
                z = true;
            }
        }
        Assert.isTrue(z, "没有登录此实例权限");
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public LoginRespDto login(LoginReqDto loginReqDto) {
        UserLoginReqDto userLoginReqDto = new UserLoginReqDto();
        CubeBeanUtils.copyProperties(userLoginReqDto, loginReqDto, new String[0]);
        userLoginReqDto.setTenantId(ServiceContext.getContext().getRequestTenantId());
        userLoginReqDto.setInstanceId(ServiceContext.getContext().getRequestInstanceId());
        if (userLoginReqDto.getLoginType() == null) {
            userLoginReqDto.setLoginType(0);
            userLoginReqDto.setPhone(loginReqDto.getUserName());
            userLoginReqDto.setEmail(loginReqDto.getUserName());
        }
        logger.info("tokenApi.createToken request param:{}", JSON.toJSONString(userLoginReqDto, PASSWORD_FILTER, new SerializerFeature[0]));
        TokenRespDto createToken = createToken(userLoginReqDto);
        LoginRespDto loginRespDto = new LoginRespDto();
        loginRespDto.setUserId(createToken.getUserId());
        loginRespDto.setToken(createToken.getToken());
        loginRespDto.setNeedModifyPassword(createToken.getNeedModifyPassword());
        loginRespDto.setTenantId(ServiceContext.getContext().getRequestTenantId());
        loginRespDto.setInstanceId(ServiceContext.getContext().getRequestInstanceId());
        loginRespDto.setTokenValidTime(createToken.getTokenValidTime());
        RestResponse queryUserAccess = this.accessQueryApi.queryUserAccess(ServiceContext.getContext().getRequestInstanceId(), createToken.getUserId(), "{}");
        if (!WeiXinUtil.QY_WEIXIN_SUCCESS.equals(queryUserAccess.getResultCode())) {
            throw new BizException(queryUserAccess.getResultCode(), queryUserAccess.getResultMsg());
        }
        Set roleSet = ((UserAccessVo) queryUserAccess.getData()).getRoleSet();
        if (CollectionUtils.isNotEmpty(roleSet)) {
            Iterator it = roleSet.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                RoleDto roleDto = (RoleDto) it.next();
                if ("BOCMANAGER".equalsIgnoreCase(roleDto.getCode())) {
                    loginRespDto.setRoleCode("BOCMANAGER");
                    break;
                }
                if ("APPMANAGER".equalsIgnoreCase(roleDto.getCode())) {
                    loginRespDto.setRoleCode("APPMANAGER");
                    break;
                }
                if ("SUPER_ADMIN".equalsIgnoreCase(roleDto.getCode())) {
                    loginRespDto.setRoleCode("SUPER_ADMIN");
                    loginRespDto.setTenantId((Long) null);
                    break;
                }
                if ("TENANT_ADMIN".equalsIgnoreCase(roleDto.getCode())) {
                    loginRespDto.setRoleCode("TENANT_ADMIN");
                    break;
                }
            }
        }
        return loginRespDto;
    }

    /* JADX WARN: Code restructure failed: missing block: B:45:0x01cb, code lost:
    
        r0 = 0;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v116, types: [java.util.List] */
    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.dtyunxi.yundt.cube.center.identity.api.dto.response.SsoRespDto ssoLogin(com.dtyunxi.yundt.cube.center.identity.api.dto.request.UserLoginReqDto r6) {
        /*
            Method dump skipped, instructions count: 720
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.dtyunxi.yundt.cube.center.identity.biz.service.impl.TokenServiceImpl.ssoLogin(com.dtyunxi.yundt.cube.center.identity.api.dto.request.UserLoginReqDto):com.dtyunxi.yundt.cube.center.identity.api.dto.response.SsoRespDto");
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public RefreshTokenRespDto refreshToken(RefreshTokenReqDto refreshTokenReqDto) {
        Map<String, Object> parseTokenByKeyAndTm = parseTokenByKeyAndTm(refreshTokenReqDto.getToken());
        String finalTokenKey = getFinalTokenKey(parseTokenByKeyAndTm);
        long toLiveTime = this.cacheService.getToLiveTime(finalTokenKey);
        if (toLiveTime > this.tokenRefreshTime) {
            RefreshTokenRespDto refreshTokenRespDto = new RefreshTokenRespDto();
            refreshTokenRespDto.setToken(refreshTokenReqDto.getToken());
            refreshTokenRespDto.setTokenValidTime(Integer.valueOf(Long.valueOf(toLiveTime).intValue()));
            return refreshTokenRespDto;
        }
        if (!this.shareTokenWithSameLoginSource) {
            return getRefreshTokenRespDto(refreshTokenReqDto, parseTokenByKeyAndTm, finalTokenKey);
        }
        String obj = parseTokenByKeyAndTm.get(TOKEN_LABEL) != null ? parseTokenByKeyAndTm.get(TOKEN_LABEL).toString() : "";
        if (TOKEN_LABEL_A.equals(obj)) {
            return getRefreshTokenRespDtoByLabel(refreshTokenReqDto, parseTokenByKeyAndTm, TOKEN_LABEL_B);
        }
        if (TOKEN_LABEL_B.equals(obj)) {
            return getRefreshTokenRespDtoByLabel(refreshTokenReqDto, parseTokenByKeyAndTm, TOKEN_LABEL_A);
        }
        RefreshTokenRespDto refreshTokenRespDto2 = new RefreshTokenRespDto();
        String finalTokenKeyByLabel = getFinalTokenKeyByLabel(parseTokenByKeyAndTm, TOKEN_LABEL_A);
        String str = (String) this.cacheService.getCache(finalTokenKeyByLabel, String.class);
        String finalTokenKeyByLabel2 = getFinalTokenKeyByLabel(parseTokenByKeyAndTm, TOKEN_LABEL_B);
        String str2 = (String) this.cacheService.getCache(finalTokenKeyByLabel2, String.class);
        if (StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2)) {
            long toLiveTime2 = this.cacheService.getToLiveTime(finalTokenKeyByLabel);
            long toLiveTime3 = this.cacheService.getToLiveTime(finalTokenKeyByLabel2);
            if (toLiveTime2 > toLiveTime3) {
                refreshTokenRespDto2.setToken(str);
                refreshTokenRespDto2.setTokenValidTime(Integer.valueOf(Long.valueOf(toLiveTime2).intValue()));
            } else {
                refreshTokenRespDto2.setToken(str2);
                refreshTokenRespDto2.setTokenValidTime(Integer.valueOf(Long.valueOf(toLiveTime3).intValue()));
            }
            return refreshTokenRespDto2;
        }
        if (StringUtils.isNotBlank(str)) {
            long toLiveTime4 = this.cacheService.getToLiveTime(finalTokenKeyByLabel);
            refreshTokenRespDto2.setToken(str);
            refreshTokenRespDto2.setTokenValidTime(Integer.valueOf(Long.valueOf(toLiveTime4).intValue()));
            return refreshTokenRespDto2;
        }
        if (!StringUtils.isNotBlank(str2)) {
            parseTokenByKeyAndTm.put(TOKEN_LABEL, TOKEN_LABEL_A);
            return getRefreshTokenRespDto(refreshTokenReqDto, parseTokenByKeyAndTm, finalTokenKeyByLabel);
        }
        long toLiveTime5 = this.cacheService.getToLiveTime(finalTokenKeyByLabel2);
        refreshTokenRespDto2.setToken(str2);
        refreshTokenRespDto2.setTokenValidTime(Integer.valueOf(Long.valueOf(toLiveTime5).intValue()));
        return refreshTokenRespDto2;
    }

    @Override // com.dtyunxi.yundt.cube.center.identity.biz.service.ITokenService
    public void exitLogin(String str, String str2, Long l) {
        deleteToken(str2);
        String str3 = (String) this.cacheService.getCache("", str, String.class);
        String format = String.format(IDP_LOGIN_OUT_URL, this.idpUrlProperties.getRedirectHost().get(l), str3);
        try {
            new RestTemplate().exchange(format, HttpMethod.GET, (HttpEntity) null, String.class, new Object[0]);
        } catch (HttpClientErrorException e) {
            logger.info("[ERROR]退出idp登录失败，请求头Authorization: [{}],url: [{}],错误信息: [{}]", new Object[]{str3, format, e.getMessage()});
        }
        if (StringUtils.isNotEmpty((String) this.cacheService.getCache("", str, String.class))) {
            this.cacheService.delCache("", str);
        }
    }

    private RefreshTokenRespDto getRefreshTokenRespDtoByLabel(RefreshTokenReqDto refreshTokenReqDto, Map<String, Object> map, String str) {
        String finalTokenKeyByLabel = getFinalTokenKeyByLabel(map, str);
        String str2 = (String) this.cacheService.getCache(finalTokenKeyByLabel, String.class);
        if (!StringUtils.isNotBlank(str2)) {
            map.put(TOKEN_LABEL, str);
            return getRefreshTokenRespDto(refreshTokenReqDto, map, finalTokenKeyByLabel);
        }
        RefreshTokenRespDto refreshTokenRespDto = new RefreshTokenRespDto();
        refreshTokenRespDto.setToken(str2);
        refreshTokenRespDto.setTokenValidTime(Integer.valueOf(Long.valueOf(this.cacheService.getToLiveTime(finalTokenKeyByLabel)).intValue()));
        return refreshTokenRespDto;
    }

    private String getFinalTokenKey(Map<String, Object> map) {
        String tokenKey = getTokenKey(map);
        if (map.get(TOKEN_LOGIN_SOURCE) != null) {
            tokenKey = tokenKey + "-" + map.get(TOKEN_LOGIN_SOURCE).toString();
        }
        if (map.get(TOKEN_LABEL) != null) {
            tokenKey = tokenKey + "-" + map.get(TOKEN_LABEL).toString();
        }
        return tokenKey;
    }

    private String getFinalTokenKeyByLabel(Map<String, Object> map, String str) {
        String tokenKey = getTokenKey(map);
        if (map.get(TOKEN_LOGIN_SOURCE) != null) {
            tokenKey = tokenKey + "-" + map.get(TOKEN_LOGIN_SOURCE).toString();
        }
        return tokenKey + "-" + str;
    }

    private RefreshTokenRespDto getRefreshTokenRespDto(RefreshTokenReqDto refreshTokenReqDto, Map<String, Object> map, String str) {
        RefreshTokenRespDto refreshTokenRespDto = new RefreshTokenRespDto();
        int parseInt = Integer.parseInt(this.tokenValidTime);
        if (refreshTokenReqDto.getTokenValidTime() != null && refreshTokenReqDto.getTokenValidTime().intValue() > 0) {
            parseInt = refreshTokenReqDto.getTokenValidTime().intValue();
        }
        String generate = TokenUtil.generate(this.tokenSecretKey, parseInt, map);
        this.cacheService.setCache(str, generate, parseInt);
        refreshTokenRespDto.setToken(generate);
        refreshTokenRespDto.setTokenValidTime(Integer.valueOf(parseInt));
        return refreshTokenRespDto;
    }
}
