package com.yonyou.uap.tenant.web.controller;

import com.yonyou.uap.tenant.entity.Tenant;
import com.yonyou.uap.tenant.entity.TenantUser;
import com.yonyou.uap.tenant.utils.JsonResponse;
import com.yonyou.uap.tenant.utils.RandomValueUtils;
import com.yonyou.uap.tenant.utils.sign.SignMake;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringUtils;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springside.modules.security.utils.Digests;
import org.springside.modules.utils.Encodes;
import uap.web.auth.Constants;
import uap.web.esapi.EncryptException;
import uap.web.utils.CookieUtil;
import uap.web.utils.PropertyUtil;
import uap.web.utils.RSAUtils;
import uap.web.utils.TokenGenerator;

@Controller
/* loaded from: input_file:WEB-INF/classes/com/yonyou/uap/tenant/web/controller/TenantLoginController.class */
public class TenantLoginController extends BaseLoginController {
    private static final Logger logger = LoggerFactory.getLogger(TenantLoginController.class);

    @Autowired
    private RandomValueUtils randomValueUtils;

    @RequestMapping(value = {"/"}, method = {RequestMethod.GET})
    public String defalutLogin(Model model, HttpServletRequest httpServletRequest) {
        initPubKeyParams(model);
        AttributePrincipal attributePrincipal = (AttributePrincipal) httpServletRequest.getUserPrincipal();
        if (attributePrincipal != null) {
            model.addAllAttributes((Map<String, ?>) attributePrincipal.getAttributes());
        }
        this.randomValueUtils.addRandomValue(model);
        return "index";
    }

    @RequestMapping(value = {"/adminlogin"}, method = {RequestMethod.GET})
    public String adminLogin(Model model) {
        initPubKeyParams(model);
        return "/login/adminlogin";
    }

    @RequestMapping(value = {"/syslogin"}, method = {RequestMethod.GET})
    public String sysLogin(Model model) {
        initPubKeyParams(model);
        return "/login/syslogin";
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/manage/login"})
    @ResponseBody
    public String ajaxLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) throws IOException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("flag", 0);
        jSONObject.put(JsonResponse.MESSAGE, "登录失败!");
        String header = httpServletRequest.getHeader("Referer");
        String contextPath = httpServletRequest.getContextPath();
        if (StringUtils.isBlank(header) || !header.contains(contextPath)) {
            initPubKeyParams(model);
            jSONObject.put(JsonResponse.MESSAGE, "跨站点登录请求不允许!");
            return jSONObject.toString();
        }
        String parameter = httpServletRequest.getParameter("username");
        String decryptStringByJs = RSAUtils.decryptStringByJs(httpServletRequest.getParameter("password").replace("_encrypted", ""));
        if (parameter == null || decryptStringByJs == null) {
            jSONObject.put(JsonResponse.MESSAGE, "用户名或密码为空");
            initPubKeyParams(model);
            return jSONObject.toString();
        }
        TenantUser findUserByType = this.userService.findUserByType(parameter, 1);
        if (findUserByType == null) {
            initPubKeyParams(model);
            jSONObject.put(JsonResponse.MESSAGE, "用户名或密码为空");
        } else {
            if (StringUtils.isBlank(findUserByType.getTenantId())) {
                jSONObject.put(JsonResponse.MESSAGE, "请先完成租户信息注册");
                jSONObject.put("tel", findUserByType.getUserMobile());
                jSONObject.put("flag", 2);
                initPubKeyParams(model);
                return jSONObject.toString();
            }
            if (findUserByType.getUserStates() == 0) {
                jSONObject.put(JsonResponse.MESSAGE, "用户名或密码为空");
                return jSONObject.toString();
            }
            if (Encodes.encodeHex(Digests.sha1(decryptStringByJs.getBytes(), Encodes.decodeHex(findUserByType.getSalt()), 1024)).equals(findUserByType.getUserPassword())) {
                long currentTimeMillis = System.currentTimeMillis();
                findUserByType.setLoginTs(currentTimeMillis);
                String str = "";
                try {
                    str = TokenGenerator.genToken(findUserByType.getTenantId() + ":" + findUserByType.getUserCode(), currentTimeMillis, this.cacheManager.findSeed());
                } catch (EncryptException e) {
                    logger.error("Fail to generate cookie!", (Throwable) e);
                }
                HashMap hashMap = new HashMap();
                hashMap.put("username", findUserByType.getTenantId() + ":" + findUserByType.getUserCode());
                hashMap.put("token", str);
                for (String str2 : hashMap.keySet()) {
                    Cookie cookie = new Cookie(str2, URLEncoder.encode((String) hashMap.get(str2)));
                    cookie.setPath(BaseLoginController.COOKIES_PATH);
                    cookie.setMaxAge(-1);
                    cookie.setHttpOnly(true);
                    httpServletResponse.addCookie(cookie);
                }
                try {
                    this.cacheManager.cacheUser(findUserByType.getTenantId() + ":" + findUserByType.getUserCode(), findUserByType);
                } catch (Exception e2) {
                    logger.error("登陆信息写入到redis缓存中失败", (Throwable) e2);
                }
                Tenant pubTenantById = this.tenantService.getPubTenantById(findUserByType.getTenantId());
                jSONObject.put("flag", 1);
                jSONObject.put(JsonResponse.MESSAGE, "登录成功!");
                if (pubTenantById != null) {
                    jSONObject.put(SignMake.PREFIX, pubTenantById.getTenantName());
                }
                jSONObject.put("user", JSONObject.fromObject(findUserByType, this.userService.getUserJsonConfig()));
            } else {
                jSONObject.put(JsonResponse.MESSAGE, "用户名密码错误");
                initPubKeyParams(model);
            }
        }
        return jSONObject.toString();
    }

    @RequestMapping(value = {"logout"}, method = {RequestMethod.GET})
    @ResponseBody
    public JsonResponse logout(Model model, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession) {
        String findCookieValue = CookieUtil.findCookieValue(httpServletRequest.getCookies(), "tenant_token");
        String findCookieValue2 = CookieUtil.findCookieValue(httpServletRequest.getCookies(), "tenant_username");
        com.yonyou.iuap.tenant.web.cas.logout.entity.TenantUser tenantUser = (com.yonyou.iuap.tenant.web.cas.logout.entity.TenantUser) this.cacheManager.getUserCache("user.info.login.tenant:" + findCookieValue2);
        Cookie[] cookies = httpServletRequest.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                cookie.setValue((String) null);
                cookie.setMaxAge(-1);
                cookie.setHttpOnly(true);
                cookie.setPath("/");
                httpServletResponse.addCookie(cookie);
            }
        }
        if (tenantUser != null) {
            try {
                if (TokenGenerator.genToken(tenantUser.getUserId(), tenantUser.getLoginTs(), this.cacheManager.findSeed()).equalsIgnoreCase(findCookieValue)) {
                    this.cacheManager.disCacheUser(findCookieValue2);
                    this.cacheManager.removeSessionCacheAttribute(Constants.TENANT_ASSERTION, findCookieValue2);
                }
            } catch (EncryptException e) {
                logger.error("Fail to delete cookie!", (Throwable) e);
            }
        }
        String str = PropertyUtil.getPropertyByKey("cas.url") + "/logout";
        String propertyByKey = PropertyUtil.getPropertyByKey("hostname");
        JsonResponse jsonResponse = new JsonResponse();
        jsonResponse.put("logouturl", str + "?service=" + propertyByKey);
        return jsonResponse;
    }
}
