package com.yonyou.uap.tenant.web.controller;

import com.yonyou.uap.entity.content.EmailContent;
import com.yonyou.uap.entity.content.SMSContent;
import com.yonyou.uap.entity.receiver.MessageReceiver;
import com.yonyou.uap.service.MessageSend;
import com.yonyou.uap.tenant.entity.Tenant;
import com.yonyou.uap.tenant.entity.TenantUser;
import com.yonyou.uap.tenant.sdk.PasswordPolicyUtils;
import com.yonyou.uap.tenant.service.itf.ITenantService;
import com.yonyou.uap.tenant.service.itf.ITenantUserService;
import com.yonyou.uap.tenant.utils.Constants;
import com.yonyou.uap.tenant.utils.DateUtils;
import com.yonyou.uap.tenant.utils.DigesterUtil;
import com.yonyou.uap.tenant.utils.EMailUtils;
import com.yonyou.uap.tenant.utils.JsonResponse;
import com.yonyou.uap.tenant.utils.PasswordUtils;
import com.yonyou.uap.tenant.utils.ProduceNumber;
import com.yonyou.uap.tenant.utils.RandomValueUtils;
import java.security.interfaces.RSAPublicKey;
import java.sql.Timestamp;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import org.apache.batik.util.SVGConstants;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import uap.web.cache.CacheManager;
import uap.web.utils.PropertyUtil;
import uap.web.utils.RSAUtils;

@RequestMapping({"/findpwd"})
@Controller
/* loaded from: input_file:WEB-INF/classes/com/yonyou/uap/tenant/web/controller/TenantPwdFindController.class */
public class TenantPwdFindController {
    private Logger log = LoggerFactory.getLogger(getClass());

    @Autowired
    private ITenantUserService userService;

    @Autowired
    private PasswordPolicyUtils passwordUtil;

    @Autowired
    private ITenantService tenantService;

    @Autowired
    private CacheManager cache;

    @Autowired
    private RandomValueUtils randomValueUtils;

    @Autowired
    private EMailUtils eMailUtils;
    private static final String PHONEKEKPREFIX = "findpwdbyphone";
    private static final String MAILKEKPREFIX = "findpwdbymail";

    @RequestMapping({"/byphone"})
    @ResponseBody
    public JsonResponse senPhoneMessage(HttpServletRequest httpServletRequest, Model model) {
        JsonResponse jsonResponse = new JsonResponse();
        String parameter = httpServletRequest.getParameter("telnum");
        TenantUser findByLoginName = this.userService.findByLoginName(parameter);
        if (findByLoginName == null) {
            jsonResponse.failedWithReturn("手机注册用户不存在！");
            return jsonResponse;
        }
        if (!findByLoginName.getUserMobile().equals(parameter)) {
            jsonResponse.failedWithReturn("输入手机号码电话和系统预留手机号码不匹配，请确认并重新输入!");
            return jsonResponse;
        }
        String userMobile = findByLoginName.getUserMobile();
        MessageReceiver messageReceiver = new MessageReceiver(userMobile);
        String produce = ProduceNumber.produce();
        this.cache.putTimedCache(PHONEKEKPREFIX + userMobile, produce, 120);
        new MessageSend(messageReceiver, new SMSContent("短信验证", "验证码为" + produce + "(用友客服绝对不会索要该验证码，切勿告诉他人)，请在页面输入完成验证。", 0)).send();
        jsonResponse.success("短息发送成功");
        return jsonResponse;
    }

    @RequestMapping({"/valibyphone"})
    @ResponseBody
    public JsonResponse validatePhoneMessage(HttpServletRequest httpServletRequest, Model model) throws Exception {
        JsonResponse jsonResponse = new JsonResponse();
        String parameter = httpServletRequest.getParameter("telnum");
        String parameter2 = httpServletRequest.getParameter("message");
        if (this.userService.findByLoginName(parameter) == null) {
            jsonResponse.failedWithReturn("手机注册用户不存在！");
            return jsonResponse;
        }
        String str = (String) this.cache.get(PHONEKEKPREFIX + parameter);
        if (StringUtils.isEmpty(str)) {
            jsonResponse.failedWithReturn("手机验证码已经过期，请重新获取短息验证码！");
            return jsonResponse;
        }
        if (!str.equals(parameter2)) {
            jsonResponse.failedWithReturn("手机验证码输入错误，请确认之后重新输入！");
            return jsonResponse;
        }
        httpServletRequest.getContextPath();
        String str2 = (PropertyUtil.getPropertyByKey("hostname") + "findpwd/") + "url?telnum=" + parameter;
        jsonResponse.success("短息验证成功!");
        jsonResponse.putValue(ShiroHttpServletRequest.URL_SESSION_ID_SOURCE, str2);
        return jsonResponse;
    }

    @RequestMapping({"/url"})
    public String gotoUrl(HttpServletRequest httpServletRequest, Model model) {
        String parameter = httpServletRequest.getParameter("telnum");
        String parameter2 = httpServletRequest.getParameter("service");
        TenantUser findByLoginName = this.userService.findByLoginName(parameter);
        initPubKeyParams(model);
        this.randomValueUtils.addRandomValue(model);
        setSuccessModel(model, "短息验证成功!", parameter2, findByLoginName);
        return "pwd";
    }

    private void setSuccessModel(Model model, String str, String str2, TenantUser tenantUser) {
        model.addAttribute("status", 1);
        model.addAttribute(JsonResponse.MESSAGE, str);
        model.addAttribute("service", str2);
        model.addAttribute("userCode", tenantUser.getUserCode());
        model.addAttribute("userId", tenantUser.getUserId());
    }

    private void setFailModel(Model model, String str) {
        model.addAttribute("status", 0);
        model.addAttribute(JsonResponse.MESSAGE, str);
        model.addAttribute("service", "");
        model.addAttribute("userCode", "");
        model.addAttribute("userId", "");
    }

    @RequestMapping({"/bymail"})
    @ResponseBody
    public JsonResponse senEmailMessage(HttpServletRequest httpServletRequest, Model model) {
        System.currentTimeMillis();
        JsonResponse jsonResponse = new JsonResponse();
        String parameter = httpServletRequest.getParameter("userEmail");
        String parameter2 = httpServletRequest.getParameter("service");
        TenantUser findByLoginName = this.userService.findByLoginName(parameter);
        if (findByLoginName == null) {
            jsonResponse.failedWithReturn("绑定当前邮箱的用户不存在！");
            return jsonResponse;
        }
        if (!findByLoginName.getUserEmail().equals(parameter)) {
            jsonResponse.failedWithReturn("输入邮箱与系统预留邮箱不匹配，请确认重新输入！");
            return jsonResponse;
        }
        String uuid = UUID.randomUUID().toString();
        Timestamp timestamp = new Timestamp(System.currentTimeMillis() + 1800000);
        long time = (timestamp.getTime() / 1000) * 1000;
        findByLoginName.setOutDate(timestamp.toString());
        findByLoginName.setSecretKey(uuid);
        findByLoginName.setMailValidatect(null);
        this.userService.saveUser(findByLoginName);
        this.cache.set(MAILKEKPREFIX + findByLoginName.getUserId(), parameter2);
        String encode = DigesterUtil.encode("MD5", findByLoginName.getUserName() + "$" + time + "$" + uuid + "$" + parameter2);
        httpServletRequest.getContextPath();
        String str = (PropertyUtil.getPropertyByKey("hostname") + "findpwd/") + "checklink?sid=" + encode + "&uid=" + findByLoginName.getUserId();
        MessageReceiver messageReceiver = new MessageReceiver(parameter);
        EmailContent emailContent = new EmailContent("用户密码重置", "请勿回复本邮件.点击下面的链接,重设密码<br/><a href=" + str + " target='_BLANK'>" + str + "</a>  或者    <a href=" + str + " target='_BLANK'>点击我重新设置密码</a><br/>tips:本邮件超过30分钟,链接将会失效，需要重新申请找回密码!");
        jsonResponse.success("发送成功,请到邮箱查看!");
        this.eMailUtils.sendEmail(new MessageSend(messageReceiver, emailContent));
        return jsonResponse;
    }

    @RequestMapping({"/checklink"})
    public String checkLink(HttpServletRequest httpServletRequest, Model model) {
        initPubKeyParams(model);
        this.randomValueUtils.addRandomValue(model);
        String parameter = httpServletRequest.getParameter("sid");
        String parameter2 = httpServletRequest.getParameter("uid");
        if (StringUtils.isEmpty(parameter) || StringUtils.isEmpty(parameter2)) {
            setFailModel(model, "链接输入不完整，请重新输入链接！");
            return "pwd";
        }
        TenantUser findByUserId = this.userService.findByUserId(parameter2);
        if (findByUserId == null) {
            setFailModel(model, "链接错误，请重新输入邮件中的链接！");
            return "pwd";
        }
        String str = (String) this.cache.get(MAILKEKPREFIX + findByUserId.getUserId());
        Timestamp valueOf = Timestamp.valueOf(findByUserId.getOutDate());
        if (valueOf.getTime() <= System.currentTimeMillis()) {
            setFailModel(model, "链接已经过期,请重新申请找回密码！");
            return "pwd";
        }
        Integer mailValidatect = findByUserId.getMailValidatect();
        if (mailValidatect != null && mailValidatect.intValue() >= 1) {
            setFailModel(model, "链接已经被使用过，请重新申请找回密码！");
            return "pwd";
        }
        if (DigesterUtil.encode("MD5", findByUserId.getUserName() + "$" + ((valueOf.getTime() / 1000) * 1000) + "$" + findByUserId.getSecretKey() + "$" + str).equals(parameter)) {
            setSuccessModel(model, "链接验证成功", str, findByUserId);
            return "pwd";
        }
        setFailModel(model, "链接不正确，请重新申请找回密码！");
        return "pwd";
    }

    private void initPubKeyParams(Model model) {
        RSAPublicKey defaultPublicKey = RSAUtils.getDefaultPublicKey();
        String bigInteger = defaultPublicKey.getPublicExponent().toString(16);
        String bigInteger2 = defaultPublicKey.getModulus().toString(16);
        model.addAttribute(SVGConstants.SVG_EXPONENT_ATTRIBUTE, bigInteger);
        model.addAttribute("modulus", bigInteger2);
    }

    @RequestMapping(value = {"/pwdupdate"}, method = {RequestMethod.POST})
    @ResponseBody
    public JsonResponse reNewPassword(HttpServletRequest httpServletRequest, @RequestParam String str, @RequestParam("password") String str2) {
        JsonResponse jsonResponse = new JsonResponse();
        if (!this.randomValueUtils.isRandomValueExist(httpServletRequest.getParameter(Constants.RANDOMVALUE))) {
            return jsonResponse.failedWithReturn(Constants.RANDOM_TIMEOUT_MESSAGE);
        }
        TenantUser findByUserId = this.userService.findByUserId(str);
        if (findByUserId != null) {
            if (findByUserId.getTypeId() == 1) {
                Tenant pubTenantById = this.tenantService.getPubTenantById(findByUserId.getTenantId());
                if (pubTenantById == null) {
                    return jsonResponse.failedWithReturn("请先注册租户信息");
                }
                if (pubTenantById.getTenantStates() == 0) {
                    return jsonResponse.failedWithReturn("请先根据激活邮件激活租户");
                }
            }
            String decryptStringByJs = RSAUtils.decryptStringByJs(str2.replace("_encrypted", ""));
            Tenant pubTenantById2 = this.tenantService.getPubTenantById(findByUserId.getTenantId());
            String passwordPolicy = pubTenantById2 != null ? pubTenantById2.getPasswordPolicy() : "";
            String encodePasswordByUserCode = PasswordUtils.encodePasswordByUserCode(PasswordUtils.encodePasswordUsingSHA(decryptStringByJs), findByUserId.getSalt(), findByUserId.getUserCode());
            String checkNewpassword = this.passwordUtil.checkNewpassword(findByUserId.getTenantId(), findByUserId.getUserId(), findByUserId.getUserCode(), decryptStringByJs, encodePasswordByUserCode, passwordPolicy);
            if (StringUtils.isNotBlank(checkNewpassword)) {
                return jsonResponse.failedWithReturn(checkNewpassword);
            }
            Integer mailValidatect = findByUserId.getMailValidatect();
            findByUserId.setMailValidatect(mailValidatect == null ? new Integer(1) : Integer.valueOf(mailValidatect.intValue() + 1));
            findByUserId.setPwdstarttime(DateUtils.getCurrectTime());
            findByUserId.setUserPassword(encodePasswordByUserCode);
            this.userService.saveUser(findByUserId);
            try {
                this.passwordUtil.afterModifyPassword(findByUserId.getUserId(), findByUserId.getUserPassword(), findByUserId.getTenantId(), passwordPolicy, true);
            } catch (Exception e) {
                this.log.error(e.getMessage(), (Throwable) e);
                jsonResponse.failed("修改出错");
            }
        }
        jsonResponse.success();
        return jsonResponse;
    }
}
