package cn.easy4j.admin.core.security;

import cn.easy4j.admin.core.constant.AdminConstant;
import cn.easy4j.admin.core.constant.SysConfigConstant;
import cn.easy4j.admin.core.constant.SysLogConstant;
import cn.easy4j.admin.modular.entity.LoginUser;
import cn.easy4j.admin.modular.entity.SysUser;
import cn.easy4j.admin.modular.entity.SysWxOpenUser;
import cn.easy4j.admin.modular.enums.SysUserStatusEnum;
import cn.easy4j.admin.modular.service.SysConfigService;
import cn.easy4j.admin.modular.service.SysUserCacheService;
import cn.easy4j.admin.modular.service.SysUserService;
import cn.easy4j.admin.modular.service.SysWxOpenUserService;
import cn.easy4j.admin.modular.vo.WechatConfigVO;
import cn.easy4j.common.enums.HttpStatusEnum;
import cn.easy4j.framework.http.HttpsClientRequestFactory;
import cn.easy4j.framework.util.JacksonUtil;
import com.fasterxml.jackson.databind.JsonNode;
import java.nio.charset.StandardCharsets;
import java.util.Objects;
import javax.annotation.Resource;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.BeanUtils;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;

@Component
/* loaded from: input_file:cn/easy4j/admin/core/security/UserDetailsServiceImpl.class */
public class UserDetailsServiceImpl implements UserDetailsService {

    @Resource
    private SysUserService sysUserService;

    @Resource
    private SysWxOpenUserService sysWxOpenUserService;

    @Resource
    private SysUserCacheService sysUserCacheService;

    @Resource
    private SysConfigService sysConfigService;
    private static final String GET_USER_INFO_URL = "https://api.weixin.qq.com/sns/userinfo?access_token={1}&openid={2}";
    private static final String GET_ACCESS_TOKEN_URL = "https://api.weixin.qq.com/sns/oauth2/access_token?appid={1}&secret={2}&code={3}&grant_type=authorization_code";
    private static final RestTemplate REST_TEMPLATE = new RestTemplate(new HttpsClientRequestFactory());

    public UserDetails loadUserByUsername(String str) {
        LoginPrincipal loginPrincipal = (LoginPrincipal) JacksonUtil.parse(str, LoginPrincipal.class);
        if (Objects.isNull(loginPrincipal)) {
            throw new InternalAuthenticationServiceException("登录失败，请稍后重试");
        }
        String type = loginPrincipal.getType();
        boolean z = -1;
        switch (type.hashCode()) {
            case -1177318867:
                if (type.equals(SysConfigConstant.LoginType.ACCOUNT)) {
                    z = false;
                    break;
                }
                break;
            case -791770330:
                if (type.equals(SysConfigConstant.LoginType.WECHAT)) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return getLoginUserByAccount(loginPrincipal.getPrincipal());
            case SysLogConstant.Type.SELECT /* 1 */:
                return getLoginUserByWechat(loginPrincipal.getPrincipal());
            default:
                throw new InternalAuthenticationServiceException("暂不支持此登录方式");
        }
    }

    private LoginUser getLoginUserByAccount(String str) {
        SysUser selectByAccount = this.sysUserService.selectByAccount(str);
        if (Objects.isNull(selectByAccount)) {
            throw new InternalAuthenticationServiceException("用户不存在或已被删除");
        }
        if (Objects.equals(selectByAccount.getStatus(), SysUserStatusEnum.LOCKED.getValue())) {
            throw new InternalAuthenticationServiceException("账户已被冻结");
        }
        return this.sysUserCacheService.refreshLoginUserByUserId(selectByAccount.getId());
    }

    private LoginUser getLoginUserByWechat(String str) {
        WechatConfigVO wechatLoginConfig = this.sysConfigService.getWechatLoginConfig();
        ResponseEntity<String> forEntity = REST_TEMPLATE.getForEntity(GET_ACCESS_TOKEN_URL, String.class, new Object[]{wechatLoginConfig.getAppId(), wechatLoginConfig.getAppSecret(), str});
        checkError(forEntity);
        JsonNode readValue = JacksonUtil.readValue((String) forEntity.getBody());
        ResponseEntity<String> forEntity2 = REST_TEMPLATE.getForEntity(GET_USER_INFO_URL, String.class, new Object[]{readValue.path("access_token").asText(), readValue.path("openid").asText()});
        checkError(forEntity2);
        UserInfoResponse userInfoResponse = (UserInfoResponse) JacksonUtil.parse((String) forEntity2.getBody(), UserInfoResponse.class);
        if (Objects.isNull(userInfoResponse)) {
            throw new InternalAuthenticationServiceException("登录失败，请稍后重试");
        }
        SysWxOpenUser selectByOpenId = this.sysWxOpenUserService.selectByOpenId(userInfoResponse.getOpenId());
        saveOrUpdateSysWxOpenUser(userInfoResponse, selectByOpenId);
        if (Objects.isNull(selectByOpenId) || Objects.equals(selectByOpenId.getUserId(), 0L)) {
            throw new NotBindWechatException(HttpStatusEnum.NOT_BIND_ACCOUNT.msg(), userInfoResponse);
        }
        LoginUser refreshLoginUserByUserId = this.sysUserCacheService.refreshLoginUserByUserId(selectByOpenId.getUserId());
        if (Objects.isNull(refreshLoginUserByUserId)) {
            throw new InternalAuthenticationServiceException("用户不存在或已被删除");
        }
        if (Objects.equals(refreshLoginUserByUserId.getStatus(), SysUserStatusEnum.LOCKED.getValue())) {
            throw new InternalAuthenticationServiceException("账户已被冻结");
        }
        refreshLoginUserByUserId.setPassword(new BCryptPasswordEncoder().encode(AdminConstant.DEFAULT_PASSWORD));
        return refreshLoginUserByUserId;
    }

    private void saveOrUpdateSysWxOpenUser(UserInfoResponse userInfoResponse, SysWxOpenUser sysWxOpenUser) {
        SysWxOpenUser sysWxOpenUser2 = new SysWxOpenUser();
        BeanUtils.copyProperties(userInfoResponse, sysWxOpenUser2);
        if (Objects.isNull(sysWxOpenUser)) {
            sysWxOpenUser2.setUserId(0L);
            this.sysWxOpenUserService.save(sysWxOpenUser2);
        } else {
            sysWxOpenUser2.setId(sysWxOpenUser.getId()).setUserId(sysWxOpenUser.getUserId());
            this.sysWxOpenUserService.updateById(sysWxOpenUser2);
        }
    }

    private void checkError(ResponseEntity<String> responseEntity) {
        if (responseEntity.getStatusCode().value() != HttpStatus.OK.value() || StringUtils.isBlank((CharSequence) responseEntity.getBody())) {
            throw new InternalAuthenticationServiceException("登录失败，请刷新重试");
        }
        String asText = JacksonUtil.readValue((String) responseEntity.getBody()).path("errmsg").asText();
        if (StringUtils.isNotBlank(asText)) {
            throw new InternalAuthenticationServiceException(asText);
        }
    }

    static {
        REST_TEMPLATE.getMessageConverters().set(1, new StringHttpMessageConverter(StandardCharsets.UTF_8));
    }
}
