package com.fr.decision.webservice.v10.remote;

import com.fr.data.NetworkHelper;
import com.fr.decision.authority.data.User;
import com.fr.decision.config.LoginLockConfig;
import com.fr.decision.config.PasswordStrategyConfig;
import com.fr.decision.webservice.exception.login.UserPasswordNeedUpdateException;
import com.fr.decision.webservice.exception.login.UserPwdErrorException;
import com.fr.decision.webservice.utils.ControllerFactory;
import com.fr.decision.webservice.utils.WebServiceUtils;
import com.fr.decision.webservice.utils.controller.AuthenticController;
import com.fr.decision.webservice.v10.login.lock.LoginLockService;
import com.fr.decision.webservice.v10.password.strategy.PasswordStrategyService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.exception.RemoteDesignPermissionDeniedException;
import com.fr.general.ComparatorUtils;
import com.fr.general.GeneralUtils;
import com.fr.general.IOUtils;
import com.fr.intelli.record.FocusPoint;
import com.fr.intelli.record.MetricRegistry;
import com.fr.intelli.record.Original;
import com.fr.locale.InterProviderFactory;
import com.fr.log.FineLoggerFactory;
import com.fr.report.util.RemoteDesignAuthHelper;
import com.fr.security.JwtUtils;
import com.fr.security.SecurityConfig;
import com.fr.security.encryption.SystemEncryptionManager;
import com.fr.security.encryption.mode.EncryptionMode;
import com.fr.security.encryption.storage.StorageEncryptors;
import com.fr.security.encryption.transmission.TransmissionEncryptors;
import com.fr.security.encryption.transmission.impl.SM4TransmissionEncryption;
import com.fr.stable.StringUtils;
import com.fr.stable.web.Device;
import com.fr.web.service.RemoteDesignAuthorityDataService;
import com.fr.workspace.WorkContext;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/fr/decision/webservice/v10/remote/RemoteDesignService.class */
public class RemoteDesignService {
    private static final String REMOTE_DESIGN_ID = "function_com.fr.remote.design";
    private static final String REMOTE_DESIGN = InterProviderFactory.getFrontProvider().getLocText("Fine-Dec_Focus_Point_Remote_Design");
    private static volatile RemoteDesignService instance = null;

    public static RemoteDesignService getInstance() {
        if (instance == null) {
            synchronized (RemoteDesignService.class) {
                if (instance == null) {
                    instance = new RemoteDesignService();
                }
            }
        }
        return instance;
    }

    private RemoteDesignService() {
        try {
            WorkContext.registerValidator(new RpcValidator());
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error(e.getMessage(), e);
        }
    }

    public String getRemoteToken(String str, String str2, String str3) throws Exception {
        if (StringUtils.isEmpty(str3) && !ComparatorUtils.equals(StorageEncryptors.getInstance().getCurrentEncryptionMode(), EncryptionMode.RSA)) {
            throw new RemoteDesignPermissionDeniedException();
        }
        if (RemoteDesignAuthHelper.doAuthenticate(str, str2)) {
            return generateToken(str);
        }
        User userByUserName = UserService.getInstance().getUserByUserName(str);
        if (userByUserName == null || !RemoteDesignAuthorityDataService.getInstance().hasAuthority(userByUserName.getId())) {
            throw new RemoteDesignPermissionDeniedException();
        }
        return generateToken(str);
    }

    private String generateToken(String str) throws Exception {
        String createDefaultJWT = JwtUtils.createDefaultJWT(str);
        RemoteDesignStatusService.loginStatusService().put(createDefaultJWT, str, RemoteDesignStatusService.LOGIN_TIMEOUT);
        return createDefaultJWT;
    }

    public String saferGetRemoteToken(HttpServletRequest httpServletRequest) throws Exception {
        String hTTPRequestParameter = NetworkHelper.getHTTPRequestParameter(httpServletRequest, "username");
        String decrypt = TransmissionEncryptors.getInstance().decrypt(NetworkHelper.getHTTPRequestParameter(httpServletRequest, "password"));
        String ipInfoFromRequest = WebServiceUtils.getIpInfoFromRequest(httpServletRequest);
        User userByUserName = UserService.getInstance().getUserByUserName(hTTPRequestParameter);
        if (userByUserName == null) {
            throw new UserPwdErrorException();
        }
        AuthenticController authenticController = ControllerFactory.getInstance().getAuthenticController(userByUserName.getId());
        doUserAuthentication(authenticController, userByUserName, decrypt, NetworkHelper.getDevice(httpServletRequest), ipInfoFromRequest);
        String createDefaultJWT = JwtUtils.createDefaultJWT(hTTPRequestParameter);
        if (authenticController.passwordChangeable(userByUserName)) {
            checkUpdateInitPassword(userByUserName);
            PasswordStrategyService.getInstance().checkPasswordStrength(decrypt, hTTPRequestParameter, createDefaultJWT);
            PasswordStrategyService.getInstance().checkPasswordNeedUpdate(userByUserName, createDefaultJWT);
        }
        if (!RemoteDesignAuthHelper.getUserInfo(hTTPRequestParameter).isRoot() && !RemoteDesignAuthorityDataService.getInstance().hasAuthority(userByUserName.getId())) {
            throw new RemoteDesignPermissionDeniedException();
        }
        RemoteDesignStatusService.loginStatusService().put(createDefaultJWT, hTTPRequestParameter, RemoteDesignStatusService.LOGIN_TIMEOUT);
        return createDefaultJWT;
    }

    private void doUserAuthentication(AuthenticController authenticController, User user, String str, Device device, String str2) throws Exception {
        String lockObject = LoginLockConfig.getInstance().getLockObject();
        String displayName = ComparatorUtils.equals(lockObject, "ip") ? str2 : user.getDisplayName();
        authenticController.dealWithLoginLock(user, device, lockObject, displayName);
        if (authenticController.doAuthentication(user, str, device)) {
            LoginLockService.getInstance().unlockObject(user.getId(), lockObject, displayName);
        } else {
            authenticController.dealWithPasswordError(user, device, lockObject, displayName);
            throw new UserPwdErrorException();
        }
    }

    private void checkUpdateInitPassword(User user) {
        Date passwordChangeTime = user.getPasswordChangeTime();
        if (PasswordStrategyConfig.getInstance().isUpdateInitPassword() && passwordChangeTime == null) {
            throw new UserPasswordNeedUpdateException();
        }
    }

    public void recordConnection(String str, String str2) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("designerJarVersion", StringUtils.alwaysNotNull(str));
        hashMap.put("serverJarVersion", GeneralUtils.readBuildNO());
        MetricRegistry.getMetric().submit(FocusPoint.newBuilder().id(REMOTE_DESIGN_ID).text(REMOTE_DESIGN).source(Original.EMBED).username(str2).body(hashMap).build());
    }

    public Map<String, Object> checkInfo() {
        HashMap hashMap = new HashMap();
        hashMap.put("frontSeed", SecurityConfig.getInstance().getFrontSeed());
        hashMap.put("frontSM4Key", SM4TransmissionEncryption.getInstance().getTransmissionKey());
        hashMap.put("transmissionEncryption", SystemEncryptionManager.getInstance().getTransmissionEncryption().getType());
        return hashMap;
    }

    public void onMessage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        httpServletResponse.getOutputStream().write(WorkContext.handleMessage(IOUtils.inputStream2Bytes(httpServletRequest.getInputStream())));
    }
}
