package com.mz.jarboot.controller;

import com.mz.jarboot.common.ResponseForObject;
import com.mz.jarboot.common.ResultCodeConst;
import com.mz.jarboot.common.utils.StringUtils;
import com.mz.jarboot.constant.AuthConst;
import com.mz.jarboot.entity.RoleInfo;
import com.mz.jarboot.exception.AccessException;
import com.mz.jarboot.security.JarbootUser;
import com.mz.jarboot.security.JwtTokenManager;
import com.mz.jarboot.service.RoleService;
import io.jsonwebtoken.ExpiredJwtException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import org.springframework.stereotype.Controller;
import org.springframework.util.CollectionUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"/api/jarboot/auth"})
@Controller
/* loaded from: input_file:BOOT-INF/classes/com/mz/jarboot/controller/AuthController.class */
public class AuthController {
    private static final int DEFAULT_PAGE_NO = 1;
    private static final String PARAM_USERNAME = "username";
    private static final String PARAM_PASSWORD = "password";

    @Autowired
    private JwtTokenManager jwtTokenManager;

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private RoleService roleService;

    @Value("${jarboot.token.expire.seconds:18000}")
    private long expireSeconds;

    @GetMapping({"/getCurrentUser"})
    @ResponseBody
    public ResponseForObject<Object> getCurrentUser(HttpServletRequest httpServletRequest) {
        ResponseForObject<Object> responseForObject = new ResponseForObject<>();
        String resolveToken = resolveToken(httpServletRequest);
        if (!StringUtils.isEmpty(resolveToken)) {
            responseForObject.setResult(this.jwtTokenManager.getAuthentication(resolveToken).getPrincipal());
            return responseForObject;
        }
        responseForObject.setResultCode(ResultCodeConst.NOT_EXIST);
        responseForObject.setResultMsg("当前未登录");
        return responseForObject;
    }

    @PostMapping({DefaultLoginPageGeneratingFilter.DEFAULT_LOGIN_PAGE_URL})
    @ResponseBody
    public ResponseForObject<JarbootUser> login(HttpServletRequest httpServletRequest) {
        String token = getToken(httpServletRequest);
        ResponseForObject<JarbootUser> responseForObject = new ResponseForObject<>();
        String parameter = httpServletRequest.getParameter("username");
        if (!StringUtils.isEmpty(parameter) || StringUtils.isBlank(token)) {
            try {
                token = resolveTokenFromUser(parameter, httpServletRequest.getParameter("password"));
            } catch (Exception e) {
                responseForObject.setResultCode(HttpStatus.UNAUTHORIZED.value());
                responseForObject.setResultMsg("Login failed, user name or password error.");
            }
        } else {
            try {
                this.jwtTokenManager.validateToken(token);
                Authentication authentication = this.jwtTokenManager.getAuthentication(token);
                SecurityContextHolder.getContext().setAuthentication(authentication);
                parameter = authentication.getName();
            } catch (ExpiredJwtException e2) {
                throw new AccessException("Token expired!");
            } catch (Exception e3) {
                throw new AccessException("Token invalid!");
            }
        }
        JarbootUser jarbootUser = new JarbootUser();
        jarbootUser.setUsername(parameter);
        jarbootUser.setAccessToken(token);
        jarbootUser.setTokenTtl(this.expireSeconds);
        List<RoleInfo> roles = getRoles(parameter);
        if (!CollectionUtils.isEmpty(roles)) {
            Iterator<RoleInfo> it = roles.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                if (it.next().getRole().equals(AuthConst.ADMIN_ROLE)) {
                    jarbootUser.setGlobalAdmin(true);
                    break;
                }
            }
        }
        responseForObject.setResult(jarbootUser);
        return responseForObject;
    }

    public List<RoleInfo> getRoles(String str) {
        List<RoleInfo> result = this.roleService.getRolesByUserName(str, 1, Integer.MAX_VALUE).getResult();
        if (CollectionUtils.isEmpty(result) && "jarboot".equalsIgnoreCase(str)) {
            result = new ArrayList();
            RoleInfo roleInfo = new RoleInfo();
            roleInfo.setRole(AuthConst.ADMIN_ROLE);
            roleInfo.setUsername("jarboot");
            result.add(roleInfo);
        }
        return result;
    }

    private String getToken(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("Authorization");
        return (StringUtils.isBlank(header) || !header.startsWith(AuthConst.TOKEN_PREFIX)) ? httpServletRequest.getParameter(AuthConst.ACCESS_TOKEN) : header.substring(7);
    }

    private String resolveToken(HttpServletRequest httpServletRequest) {
        String token = getToken(httpServletRequest);
        if (StringUtils.isBlank(token)) {
            token = resolveTokenFromUser(httpServletRequest.getParameter("username"), httpServletRequest.getParameter("password"));
        }
        return token;
    }

    private String resolveTokenFromUser(String str, String str2) {
        try {
            Authentication authenticate = this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(str, str2));
            SecurityContextHolder.getContext().setAuthentication(authenticate);
            return this.jwtTokenManager.createToken((null == authenticate || StringUtils.isBlank(authenticate.getName())) ? str : authenticate.getName());
        } catch (AuthenticationException e) {
            throw new AccessException("Login failed");
        }
    }
}
