package com.nariit.pi6000.ua.controller;

import com.nariit.pi6000.framework.crypto.Base64Util;
import com.nariit.pi6000.framework.exception.AuthenticatedException;
import com.nariit.pi6000.framework.po.ResponseResult;
import com.nariit.pi6000.framework.remoting.HessianClient;
import com.nariit.pi6000.framework.util.DateUtil;
import com.nariit.pi6000.framework.util.StringUtil;
import com.nariit.pi6000.ua.bizc.IUserBizc;
import com.nariit.pi6000.ua.config.AbstractAuthProperties;
import com.nariit.pi6000.ua.config.UaProperties;
import com.nariit.pi6000.ua.exception.UserNamePasswordNullException;
import com.nariit.pi6000.ua.integrate.constants.Constants;
import com.nariit.pi6000.ua.po.User;
import com.nariit.pi6000.ua.session.HttpSessionManager;
import com.nariit.pi6000.ua.util.SavedRequest;
import com.nariit.pi6000.ua.util.WebUtil;
import java.io.IOException;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/ua/auth"})
@RestController
/* loaded from: classes3.dex */
public class AuthController {
    public static final String CODE_PARAM = "code";
    public static final int COOKIE_EXPIRE = 604800;
    public static final String FULLNAME_MODE = "fullname";
    public static final String KICKOUT_MODE = "kickout";
    public static final String LOGIN_MODEL_KEY = "LOGIN_MODE";
    public static final String MAX_SESSION_KEY = "MAX_SESSION";
    public static final String MESSAGE_PARAM = "message";
    public static final String PASSWORD_PARAM = "upwd";
    public static final String REMEMBER_ME_PARAM = "rememberMe";
    public static final String SINGLE_MODE = "single";
    public static final String USERNAME_AUTH_MODEL_KEY = "USERNAME_AUTH_MODE";
    public static final String USERNAME_MODE = "username";
    public static final String USERNAME_PARAM = "username";
    public static final String VALIDATED_USER_KEY = "validatedUser";
    static Logger log = LoggerFactory.getLogger(AuthController.class);

    @Value("${px.ua.authName:fullname}")
    String authName;

    @Autowired
    AbstractAuthProperties authProp;

    @Autowired
    UaProperties uaProp;

    @HessianClient("pi6000-ua-web")
    IUserBizc userBizc;

    private void addCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        String contextPath = WebUtil.getContextPath(httpServletRequest);
        Cookie cookie = new Cookie("username", str);
        cookie.setMaxAge(COOKIE_EXPIRE);
        cookie.setPath(contextPath);
        httpServletResponse.addCookie(cookie);
    }

    private User authUserPolicy(HttpServletRequest httpServletRequest, String str, String str2) {
        String ipAddr = WebUtil.getIpAddr(httpServletRequest);
        User validateUserIP = StringUtil.equals(this.authName, "username") ? this.userBizc.validateUserIP(str, str2, ipAddr) : this.userBizc.validateUserIPByFullName(str, str2, ipAddr);
        if (this.uaProp.getLoginMode().equals("kickout")) {
            HttpSessionManager.kickOutUser(str);
        } else if (this.uaProp.getLoginMode().equals("single")) {
            HttpSessionManager.singleLogin(str);
        }
        int maxSession = this.uaProp.getMaxSession();
        if (maxSession > 0) {
            System.out.println("最大会话数:" + maxSession);
            if (maxSession > 0) {
                HttpSessionManager.limitedSession(maxSession);
            }
        }
        return validateUserIP;
    }

    private void delCookies(HttpServletResponse httpServletResponse) {
        Cookie cookie = new Cookie("username", (String) null);
        cookie.setMaxAge(0);
        cookie.setPath(Constants.CON_SQL_LIKE_ESCAPE);
        httpServletResponse.addCookie(cookie);
    }

    private String getLoginUrl(HttpServletRequest httpServletRequest) {
        String contextPath = httpServletRequest.getContextPath();
        return (contextPath.endsWith(Constants.CON_SQL_LIKE_ESCAPE) ? contextPath.substring(0, contextPath.length() - 1) : httpServletRequest.getContextPath()) + this.authProp.getLoginURL();
    }

    private String getRedirectUrl(HttpServletRequest httpServletRequest) {
        WebUtil.getContextPath(httpServletRequest);
        SavedRequest savedRequest = WebUtil.getSavedRequest(httpServletRequest);
        if (savedRequest == null) {
            return getSuccessUrl(httpServletRequest);
        }
        String requestUrl = savedRequest.getRequestUrl();
        WebUtil.clearSavedRequest(httpServletRequest);
        return requestUrl;
    }

    private String getSuccessUrl(HttpServletRequest httpServletRequest) {
        String contextPath = httpServletRequest.getContextPath();
        return (contextPath.endsWith(Constants.CON_SQL_LIKE_ESCAPE) ? contextPath.substring(0, contextPath.length() - 1) : httpServletRequest.getContextPath()) + this.authProp.getSuccessURL();
    }

    @RequestMapping({"/timeout"})
    @ResponseBody
    public ResponseResult checkSessionTimeout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        return ResponseResult.successResult(Boolean.valueOf(httpServletRequest.getSession().getAttribute(HttpSessionManager.AUTH_USER_KEY) == null));
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/dayloginnum"})
    public ResponseResult getBusinessDayLoginNum() {
        return ResponseResult.successResult(Integer.valueOf(this.userBizc.getBusinessDayLoginNum()));
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/onlinenum"})
    public ResponseResult getBusinessSystemOnlineNum() {
        return ResponseResult.successResult(Integer.valueOf(this.userBizc.getBusinessSystemOnlineNum()));
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/runningtime"})
    public ResponseResult getBusinessSystemRunningTime() {
        return ResponseResult.successResult(Integer.valueOf(this.userBizc.getBusinessSystemRunningTime()));
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/sessionnum"})
    public ResponseResult getBusinessSystemSessionNum() {
        return ResponseResult.successResult(Integer.valueOf(this.userBizc.getBusinessSystemSessionNum()));
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/regnum"})
    public ResponseResult getBusinessUserRegNum() {
        return ResponseResult.successResult(Integer.valueOf(this.userBizc.getBusinessUserRegNum()));
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/visitcount"})
    public ResponseResult getBusinessVisitCount() {
        return ResponseResult.successResult(Integer.valueOf(this.userBizc.getBusinessVisitCount()));
    }

    @RequestMapping({"/login"})
    public void login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        User authUserPolicy;
        String loginUrl = getLoginUrl(httpServletRequest);
        String redirectUrl = getRedirectUrl(httpServletRequest);
        String parameter = httpServletRequest.getParameter(HttpSessionManager.USER_WEAKPASSWORD_KEY);
        String parameter2 = httpServletRequest.getParameter("username");
        String parameter3 = httpServletRequest.getParameter(PASSWORD_PARAM);
        String parameter4 = httpServletRequest.getParameter(REMEMBER_ME_PARAM);
        String ipAddr = WebUtil.getIpAddr(httpServletRequest);
        try {
            Object popAttribute = HttpSessionManager.popAttribute(httpServletRequest, VALIDATED_USER_KEY);
            if (popAttribute != null) {
                authUserPolicy = (User) popAttribute;
                parameter2 = authUserPolicy.getName();
            } else {
                authUserPolicy = authUserPolicy(httpServletRequest, parameter2, new String(Base64Util.decode(parameter3)));
            }
            String str = parameter2;
            if (StringUtil.isNullOrEmpty(parameter4) || !parameter4.equalsIgnoreCase("true")) {
                delCookies(httpServletResponse);
            } else {
                addCookies(httpServletRequest, httpServletResponse, str, parameter3);
            }
            HttpSessionManager.saveUserSession(httpServletRequest, authUserPolicy, parameter);
            this.userBizc.recordLoginLog(authUserPolicy.getId(), str, this.uaProp.getAppID(), httpServletRequest.getSession().getId(), ipAddr);
            httpServletResponse.sendRedirect(redirectUrl);
            httpServletResponse.flushBuffer();
        } catch (AuthenticatedException e) {
            log.info(e.getMessage());
            httpServletResponse.sendRedirect(loginUrl);
            httpServletResponse.flushBuffer();
        } catch (Exception e2) {
            log.info("用户认证失败:", e2);
            httpServletResponse.sendRedirect(loginUrl);
            httpServletResponse.flushBuffer();
        }
    }

    @RequestMapping({"/logoff"})
    public ResponseResult logoff(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSessionManager.logout(httpServletRequest);
        return ResponseResult.successResult();
    }

    @RequestMapping({"/logout"})
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpSessionManager.logout(httpServletRequest);
        httpServletResponse.sendRedirect(getLoginUrl(httpServletRequest));
        httpServletResponse.flushBuffer();
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/online"})
    public ResponseResult onlineUser() {
        return ResponseResult.successResult(HttpSessionManager.getAllOnlineUser());
    }

    @RequestMapping({"/ssologout"})
    public void ssologout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (this.uaProp.isSSO() && this.uaProp.getLoginMode().equals("single")) {
            HttpSessionManager.ssoLogout(httpServletRequest, httpServletResponse);
        }
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/test"})
    public ResponseResult test() {
        return ResponseResult.successResult(true);
    }

    @RequestMapping({"/validateCode"})
    public ResponseResult validateCode(@RequestBody Map<String, String> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str = map.get("code");
        String str2 = (String) httpServletRequest.getSession().getAttribute("KAPTCHA_SESSION_KEY");
        boolean z = false;
        if (str2 != null && str2.equalsIgnoreCase(str)) {
            z = true;
        }
        return ResponseResult.successResult(Boolean.valueOf(z));
    }

    @RequestMapping({"/validateUser"})
    @ResponseBody
    public ResponseResult validateUser(@RequestBody Map<String, String> map, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str = map.get("username");
        String str2 = map.get(PASSWORD_PARAM);
        if (StringUtil.isNullOrEmpty(str) || StringUtil.isNullOrEmpty(str2)) {
            throw new UserNamePasswordNullException();
        }
        String str3 = new String(Base64Util.decode(str2));
        httpServletRequest.getRemoteHost();
        try {
            User authUserPolicy = authUserPolicy(httpServletRequest, str, str3);
            if (authUserPolicy != null) {
                HttpSessionManager.addAttribute(httpServletRequest, VALIDATED_USER_KEY, authUserPolicy);
            }
            return ResponseResult.successResult(authUserPolicy);
        } catch (Exception e) {
            log.error("用户认证失败:", e);
            return ResponseResult.failedResult("用户认证异常");
        } catch (AuthenticatedException e2) {
            if (this.uaProp.isActionAudit()) {
                this.userBizc.recordActionAuditLog((StringUtil.equals(this.authName, "username") ? this.userBizc.getUserByLoginName(str) : this.userBizc.getUserByFullName(str)).getId(), str, this.uaProp.getAppID(), WebUtil.getIpAddr(httpServletRequest), 0, "用户[" + str + "]于[" + DateUtil.formatLongTime(DateUtil.now()) + "]尝试登录失败。");
            }
            log.info(e2.getMessage(), e2);
            return ResponseResult.failedResult(e2.getMessage());
        }
    }
}
