package com.yonyou.uap.tenant.utils;

import com.yonyou.uap.tenant.log.CasLog;
import com.yonyou.uap.tenant.web.filter.PerformanceLoggerCollector;
import java.security.GeneralSecurityException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.login.FailedLoginException;
import javax.validation.constraints.NotNull;
import net.sf.json.JSONObject;
import org.apache.commons.collections.MapUtils;
import org.jasig.cas.adaptors.jdbc.AbstractJdbcUsernamePasswordAuthenticationHandler;
import org.jasig.cas.authentication.ContinueRegisterException;
import org.jasig.cas.authentication.HandlerResult;
import org.jasig.cas.authentication.ModifyPWFailedException;
import org.jasig.cas.authentication.NeedModifyPWException;
import org.jasig.cas.authentication.PreventedException;
import org.jasig.cas.authentication.UsernamePasswordCredential;
import org.jasig.cas.authentication.handler.PasswordEncoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.dao.DataAccessException;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.tags.BindTag;
import org.springframework.webflow.execution.RequestContextHolder;
import org.springside.modules.mapper.JsonMapper;
import uap.web.core.ContextHolder;
import uap.web.utils.RSAUtils;

/* loaded from: input_file:WEB-INF/classes/com/yonyou/uap/tenant/utils/TenantAuthenticationHandler.class */
public class TenantAuthenticationHandler extends AbstractJdbcUsernamePasswordAuthenticationHandler implements InitializingBean {
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private static final String SQL_PREFIX = "select count(1) from ";

    @NotNull
    private String fieldUser;

    @NotNull
    private String fieldPassword;

    @NotNull
    private String tableUsers;
    private String sql;

    private CasLog getCasLog() {
        return (CasLog) ContextHolder.getContext().getBean("securityLog");
    }

    @Override // org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler
    protected final HandlerResult authenticateUsernamePasswordInternal(UsernamePasswordCredential usernamePasswordCredential) throws GeneralSecurityException, PreventedException {
        PerformanceLoggerCollector.start("authenticateUsernamePasswordInternal");
        String username = usernamePasswordCredential.getUsername();
        if (usernamePasswordCredential.isFirstSuccess()) {
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username), null);
        }
        String newpass = usernamePasswordCredential.getNewpass();
        if (newpass != null && !newpass.equals("null")) {
            return changeUserPwd(usernamePasswordCredential);
        }
        if (1 == usernamePasswordCredential.getIsAutoLogin()) {
            return authenticateUsernamePasswordInternal_autoLogin(usernamePasswordCredential);
        }
        if (!StringUtils.isEmpty(usernamePasswordCredential.getOpenid())) {
            HandlerResult authenticateUsernamePasswordInternal_weixin = authenticateUsernamePasswordInternal_weixin(usernamePasswordCredential);
            if (authenticateUsernamePasswordInternal_weixin != null) {
                return authenticateUsernamePasswordInternal_weixin;
            }
            if (usernamePasswordCredential.getOpenid().equalsIgnoreCase(usernamePasswordCredential.getUsername())) {
                usernamePasswordCredential.setUsername("");
                usernamePasswordCredential.setPassword("");
                RequestContextHolder.getRequestContext().getFlowScope().put("modifyPW_msg", "未绑定微信账户");
                throw new PreventedException("登录失败：未绑定微信账户", new Throwable());
            }
        }
        if (StringUtils.isEmpty(usernamePasswordCredential.getVerify_code())) {
            return authenticateUsernamePasswordInternal_default(usernamePasswordCredential);
        }
        try {
            PerformanceLoggerCollector.start("UserValidate.validate");
            String validate = UserValidate.validate(usernamePasswordCredential, getJdbcTemplate());
            PerformanceLoggerCollector.stop("UserValidate.validate");
            if (org.apache.commons.lang3.StringUtils.isBlank(validate)) {
                getCasLog().recordLog(usernamePasswordCredential, CasLog.LOGININ, CasLog.FAILED, new String[]{ConstantSSO.LOGIN_CONNECT_FAILED});
                RequestContextHolder.getRequestContext().getFlowScope().put("modifyPW_msg", ConstantSSO.LOGIN_CONNECT_FAILED);
            }
            PerformanceLoggerCollector.start("JSONObject.fromObject");
            JSONObject fromObject = JSONObject.fromObject(validate);
            PerformanceLoggerCollector.stop("JSONObject.fromObject");
            if ("2".equalsIgnoreCase(String.valueOf(fromObject.get(BindTag.STATUS_VARIABLE_NAME)))) {
                throw new NeedModifyPWException(username + " need modify password.");
            }
            if ("0".equalsIgnoreCase(String.valueOf(fromObject.get(BindTag.STATUS_VARIABLE_NAME)))) {
                getCasLog().recordLog(usernamePasswordCredential, CasLog.LOGININ, CasLog.FAILED, new String[]{String.valueOf(fromObject.get("msg"))});
                RequestContextHolder.getRequestContext().getFlowScope().put("modifyPW_msg", fromObject.get("msg"));
                throw new PreventedException("user lock " + username, new Throwable());
            }
            if ("4".equalsIgnoreCase(String.valueOf(fromObject.get(BindTag.STATUS_VARIABLE_NAME)))) {
                RequestContextHolder.getRequestContext().getFlowScope().put("userTel", fromObject.get("userTel"));
                RequestContextHolder.getRequestContext().getFlowScope().put("registerurl", CasPropertyUtil.getPropertyByKey(ConstantSSO.REGISTER_URL));
                RequestContextHolder.getRequestContext().getFlowScope().put("returnservice", usernamePasswordCredential.getService());
                throw new ContinueRegisterException("need to register.");
            }
            PerformanceLoggerCollector.start("parmas");
            HashMap hashMap = new HashMap();
            hashMap.put("userType", fromObject.get("usertype"));
            JSONObject jSONObject = (JSONObject) fromObject.get("user");
            String str = null;
            if (jSONObject != null) {
                String obj = jSONObject.get("tenantId").toString();
                String str2 = obj == null ? null : obj;
                hashMap.put("userId", (String) jSONObject.get("userId"));
                hashMap.put("typeAlias", String.valueOf(jSONObject.get("typeId")));
                str = (String) jSONObject.get("userCode");
                hashMap.put("userCode", str);
                usernamePasswordCredential.setTenantid(str2);
                usernamePasswordCredential.setAttrparam(hashMap);
            }
            PerformanceLoggerCollector.stop("parmas");
            saveWeixin(usernamePasswordCredential, str);
            if ("1".equalsIgnoreCase(String.valueOf(fromObject.get(BindTag.STATUS_VARIABLE_NAME)))) {
                writeLastLoginDate(str);
            }
            usernamePasswordCredential.setFirstSuccess(true);
            getCasLog().recordLog(usernamePasswordCredential, CasLog.LOGININ, CasLog.SUCCESS, new String[0]);
            PerformanceLoggerCollector.stop("authenticateUsernamePasswordInternal");
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username), null);
        } catch (Exception e) {
            getCasLog().recordLog(usernamePasswordCredential, CasLog.LOGININ, CasLog.FAILED, new String[0]);
            if (e instanceof NeedModifyPWException) {
                throw new NeedModifyPWException(username + " need modify password.");
            }
            if (e instanceof ContinueRegisterException) {
                throw new ContinueRegisterException(username + " need contine to register");
            }
            this.logger.error(e.getMessage(), (Throwable) e);
            throw new PreventedException("SQL exception while executing query for " + username, e);
        }
    }

    private HandlerResult changeUserPwd(UsernamePasswordCredential usernamePasswordCredential) throws ModifyPWFailedException {
        try {
            Map map = (Map) new JsonMapper().fromJson(UserValidate.modifyPW(usernamePasswordCredential), Map.class);
            if (map.get(BindTag.STATUS_VARIABLE_NAME).toString().equals("1")) {
                usernamePasswordCredential.setPassword(usernamePasswordCredential.getNewpass());
                usernamePasswordCredential.setNewpass(null);
                usernamePasswordCredential.setFirstSuccess(true);
                HashMap hashMap = new HashMap();
                hashMap.put("userType", map.get("usertype"));
                Object obj = map.get("user");
                String str = (String) ((HashMap) obj).get("tenantId");
                hashMap.put("userId", (String) ((Map) obj).get("userId"));
                String str2 = (String) ((Map) obj).get("userCode");
                hashMap.put("userCode", str2);
                hashMap.put("typeAlias", String.valueOf(((Map) obj).get("typeId")));
                usernamePasswordCredential.setTenantid(str);
                usernamePasswordCredential.setAttrparam(hashMap);
                writeLastLoginDate(str2);
            }
            if (!map.get(BindTag.STATUS_VARIABLE_NAME).toString().equals("0")) {
                getCasLog().recordLog(usernamePasswordCredential, CasLog.MODIFY_PASSWORD, CasLog.SUCCESS, new String[0]);
                return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(usernamePasswordCredential.getUsername()), null);
            }
            RequestContextHolder.getRequestContext().getFlowScope().put("modifyPW_msg", map.get("msg"));
            RequestContextHolder.getRequestContext().getFlowScope().put("modifyPW_fail", true);
            throw new ModifyPWFailedException(usernamePasswordCredential.getUsername() + "   modify password failed.");
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            getCasLog().recordLog(usernamePasswordCredential, CasLog.MODIFY_PASSWORD, CasLog.FAILED, new String[0]);
            throw new ModifyPWFailedException(usernamePasswordCredential.getUsername() + "   modify password failed.");
        }
    }

    protected final HandlerResult authenticateUsernamePasswordInternal_default(UsernamePasswordCredential usernamePasswordCredential) throws GeneralSecurityException, PreventedException {
        String username = usernamePasswordCredential.getUsername();
        PasswordEncoder passwordEncoder = getPasswordEncoder();
        String str = null;
        if (passwordEncoder instanceof TenantPasswordEncoder) {
            try {
                str = ((TenantPasswordEncoder) passwordEncoder).encode((String) getJdbcTemplate().queryForObject("select salt from " + this.tableUsers + " WHERE " + this.fieldUser + " = ? ", String.class, username), RSAUtils.decryptStringByJs(usernamePasswordCredential.getPassword().replace("_encrypted", "")), username);
            } catch (Exception e) {
                this.logger.error(e.getMessage(), (Throwable) e);
            }
        } else {
            str = passwordEncoder.encode(usernamePasswordCredential.getPassword());
        }
        try {
            if (((Integer) getJdbcTemplate().queryForObject(this.sql, Integer.class, username, str)).intValue() == 0) {
                throw new FailedLoginException(username + " not found with SQL query.");
            }
            usernamePasswordCredential.setTenantid((String) getJdbcTemplate().queryForObject(" select tenant_id from pub_tenant_user where user_code=? ", String.class, username));
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username), null);
        } catch (DataAccessException e2) {
            this.logger.error(e2.getMessage(), (Throwable) e2);
            throw new PreventedException("SQL exception while executing query for " + username, e2);
        }
    }

    protected final HandlerResult authenticateUsernamePasswordInternal_weixin(UsernamePasswordCredential usernamePasswordCredential) throws GeneralSecurityException, PreventedException {
        String openid = usernamePasswordCredential.getOpenid();
        String str = null;
        String str2 = null;
        try {
            List<Map<String, Object>> queryForList = getJdbcTemplate().queryForList("select user_code,tenant_id from pub_user_weixin WHERE openid= ? ", openid);
            if (queryForList != null && queryForList.size() > 0) {
                str = (String) queryForList.get(0).get("user_code");
                str2 = (String) queryForList.get(0).get("tenant_id");
            }
            if (StringUtils.isEmpty(str)) {
                return null;
            }
            Map<String, Object> queryForMap = getJdbcTemplate().queryForMap("select * from pub_tenant_user where user_code= ? ", str);
            String string = MapUtils.getString(queryForMap, "user_id");
            String string2 = MapUtils.getString(queryForMap, "user_code");
            int intValue = MapUtils.getInteger(queryForMap, "type_id").intValue();
            HashMap hashMap = new HashMap();
            hashMap.put("userType", Integer.valueOf(intValue));
            hashMap.put("userId", string);
            hashMap.put("typeAlias", Integer.valueOf(intValue));
            hashMap.put("userCode", string2);
            usernamePasswordCredential.setTenantid(str2);
            usernamePasswordCredential.setAttrparam(hashMap);
            writeLastLoginDate(string2);
            return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(str), null);
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            throw new PreventedException("SQL exception while executing query for " + openid, e);
        }
    }

    private void saveWeixin(UsernamePasswordCredential usernamePasswordCredential, String str) {
        String openid = usernamePasswordCredential.getOpenid();
        String tenantid = usernamePasswordCredential.getTenantid();
        if (StringUtils.isEmpty(openid) || StringUtils.isEmpty(str)) {
            return;
        }
        List<Map<String, Object>> queryForList = getJdbcTemplate().queryForList("select user_code from pub_user_weixin WHERE openid= ? ", openid);
        String str2 = null;
        if (queryForList != null && queryForList.size() > 0) {
            str2 = (String) queryForList.get(0).get("user_code");
        }
        if (StringUtils.isEmpty(str2)) {
            getJdbcTemplate().update("insert into pub_user_weixin (openid,user_code,tenant_id) value(?,?,?);", openid, str, tenantid);
        }
    }

    protected final HandlerResult authenticateUsernamePasswordInternal_autoLogin(UsernamePasswordCredential usernamePasswordCredential) throws GeneralSecurityException, PreventedException {
        String username = usernamePasswordCredential.getUsername();
        Map<String, Object> queryForMap = getJdbcTemplate().queryForMap("select * from pub_tenant_user where user_code= ? ", username);
        String string = MapUtils.getString(queryForMap, "tenant_id");
        String string2 = MapUtils.getString(queryForMap, "user_id");
        String string3 = MapUtils.getString(queryForMap, "user_code");
        int intValue = MapUtils.getInteger(queryForMap, "type_id").intValue();
        HashMap hashMap = new HashMap();
        hashMap.put("userType", Integer.valueOf(intValue));
        hashMap.put("userId", string2);
        hashMap.put("typeAlias", Integer.valueOf(intValue));
        hashMap.put("userCode", string3);
        usernamePasswordCredential.setTenantid(string);
        usernamePasswordCredential.setAttrparam(hashMap);
        writeLastLoginDate(string3);
        return createHandlerResult(usernamePasswordCredential, this.principalFactory.createPrincipal(username), null);
    }

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws Exception {
        this.sql = SQL_PREFIX + this.tableUsers + " WHERE " + this.fieldUser + " = ? AND " + this.fieldPassword + " = ?";
    }

    public final void setFieldPassword(String str) {
        this.fieldPassword = str;
    }

    public final void setFieldUser(String str) {
        this.fieldUser = str;
    }

    public final void setTableUsers(String str) {
        this.tableUsers = str;
    }

    private void writeLastLoginDate(String str) {
        if (StringUtils.isEmpty(str)) {
            return;
        }
        getJdbcTemplate().update("update pub_tenant_user set last_login_date =? where user_code=?;", DateUtils.getCurrectTime(), str);
    }
}
