package itez.plat.main.service.impl;

import com.beust.jcommander.internal.Sets;
import com.google.common.collect.Maps;
import com.google.inject.Inject;
import com.google.inject.Singleton;
import itez.core.launch.JW;
import itez.core.runtime.EContext;
import itez.core.runtime.service.Define;
import itez.core.runtime.service.EModelService;
import itez.core.wrapper.dbo.model.Query;
import itez.core.wrapper.dbo.model.Querys;
import itez.kit.EClean;
import itez.kit.EDate;
import itez.kit.EJson;
import itez.kit.ELog;
import itez.kit.EProp;
import itez.kit.ERegex;
import itez.kit.EStr;
import itez.kit.SM4Kit;
import itez.kit.log.ELogBase;
import itez.kit.restful.EMap;
import itez.kit.restful.Result;
import itez.plat.main.model.PolicyAccount;
import itez.plat.main.model.PolicyPwd;
import itez.plat.main.model.User;
import itez.plat.main.model.UserLockedInfo;
import itez.plat.main.service.PolicyAccountService;
import itez.plat.main.service.PolicyLockService;
import itez.plat.main.service.PolicyPwdService;
import itez.plat.main.service.UserLoginService;
import itez.plat.main.service.UserService;
import java.util.Date;
import java.util.Map;
import java.util.Set;

@Singleton
@Define
/* loaded from: input_file:itez/plat/main/service/impl/UserLoginServiceImpl.class */
public class UserLoginServiceImpl extends EModelService<User> implements UserLoginService {

    @Inject
    UserService userSer;

    @Inject
    PolicyLockService lockSer;

    @Inject
    PolicyPwdService pwdSer;

    @Inject
    PolicyAccountService accSer;
    private static final String TOKEN_KEY_DATA = "data";
    private static final String TOKEN_KEY_TIME = "timestamp";
    private static final Map<Integer, UserLockedInfo> LOCKED_LIST = Maps.newConcurrentMap();
    private static final Map<String, Set<Integer>> LOCKED_INDEX = Maps.newConcurrentMap();
    private static final ELogBase log = ELog.log(UserLoginService.class);

    @Override // itez.plat.main.service.UserLoginService
    public User pwdLogin(User user, String str, String str2) {
        if (EStr.isEmpty(str2)) {
            throw new RuntimeException("未发现账号方案代码！");
        }
        PolicyAccount policy = this.accSer.getPolicy(str2);
        if (policy == null) {
            throw new RuntimeException("账号方案不存在！");
        }
        String pwdLockPolicy = policy.getPwdLockPolicy();
        cleanUserXss(user);
        String loginName = user.getLoginName();
        String idNum = user.getIdNum();
        String num = user.getNum();
        String phone = user.getPhone();
        String email = user.getEmail();
        if (EStr.allEmpty(loginName, idNum, num, phone, email)) {
            throw new RuntimeException("用户名不允许为空！");
        }
        String clean = EClean.clean(str, EClean.text);
        if (EStr.isEmpty(clean)) {
            throw new RuntimeException("密码不允许为空！");
        }
        int hashCode = user.hashCode();
        UserLockedInfo userLockedInfo = LOCKED_LIST.get(Integer.valueOf(hashCode));
        if (null != userLockedInfo && !userLockedInfo.retry()) {
            if (userLockedInfo.isForever()) {
                throw new RuntimeException("由于连续登录失败，该账号已被永久锁定，请联系管理员解除锁定！");
            }
            throw new RuntimeException("由于连续登录失败，该账号已被锁定，请等待 " + userLockedInfo.surMinutes() + " 分钟后再继续尝试！");
        }
        Querys add = Querys.or(Query.eq("domain", $domain())).add(Query.eq("level", 2));
        Querys or = Querys.or();
        if (EStr.notEmpty(loginName)) {
            or.add(Query.eq("loginName", loginName));
        }
        if (EStr.notEmpty(idNum)) {
            or.add(Query.eq("idNum", idNum));
        }
        if (EStr.notEmpty(num)) {
            or.add(Query.eq("num", num));
        }
        if (EStr.notEmpty(phone)) {
            or.add(Query.eq("phone", phone));
        }
        if (EStr.notEmpty(email)) {
            or.add(Query.eq("email", email));
        }
        Querys add2 = Querys.and(add).add(or);
        if (policy.getRegMember().intValue() == 1) {
            add2.add(Query.eq("member", 1));
        }
        User selectFirst = selectFirst(add2, "locked, used desc", false, new String[0]);
        if (null == selectFirst) {
            throw new RuntimeException("用户名无效！");
        }
        if (selectFirst.checkPass(clean)) {
            if (selectFirst.getLocked().booleanValue()) {
                throw new RuntimeException("该账号已被永久锁定，请联系管理员解除锁定！");
            }
            if (selectFirst.getUsed().intValue() == 0) {
                throw new RuntimeException("该账号已被注销！");
            }
            removeLockList(hashCode);
            log.info("登录校验成功：[uid]{} [loginName]{} [idNum]{} [num]{} [phone]{} [email]{}", selectFirst.getId(), loginName, idNum, num, phone, email);
            return selectFirst;
        }
        if (null == userLockedInfo) {
            addLockList(hashCode, new UserLockedInfo(selectFirst.getId(), this.lockSer.getPolicy(pwdLockPolicy)));
            log.info("登录密码错误(1)：[uid]{} [loginName]{} [idNum]{} [phone]{} [email]{}", selectFirst.getId(), loginName, idNum, phone, email);
            throw new RuntimeException("密码错误！");
        }
        userLockedInfo.failAgain();
        log.info("登录密码错误({})：[uid]{} [loginName]{} [idNum]{} [phone]{} [email]{}", Integer.valueOf(userLockedInfo.getFailCnt()), selectFirst.getId(), loginName, idNum, phone, email);
        if (!userLockedInfo.isLocked()) {
            throw new RuntimeException("密码错误！您还可以尝试 " + (userLockedInfo.getModel().getRetryCnt().intValue() - userLockedInfo.getFailCnt()) + " 次，否则账号将被锁定！");
        }
        if (userLockedInfo.isForever()) {
            throw new RuntimeException("密码错误！该账号已被永久锁定！");
        }
        throw new RuntimeException("密码错误！该账号已被锁定，请等待 " + userLockedInfo.surMinutes() + " 分钟后再继续尝试！");
    }

    @Override // itez.plat.main.service.UserLoginService
    public UserLockedInfo getLockInfo(User user) {
        cleanUserXss(user);
        return LOCKED_LIST.get(Integer.valueOf(user.hashCode()));
    }

    @Override // itez.plat.main.service.UserLoginService
    public void cleanUserXss(User user) {
        user.setLoginName(EStr.ifEmpty(EClean.clean(user.getLoginName(), EClean.text), ""));
        user.setIdNum(EStr.ifEmpty(EClean.clean(user.getIdNum(), EClean.text), ""));
        user.setNum(EStr.ifEmpty(EClean.clean(user.getNum(), EClean.text), ""));
        user.setPhone(EStr.ifEmpty(EClean.clean(user.getPhone(), EClean.text), ""));
        user.setEmail(EStr.ifEmpty(EClean.clean(user.getEmail(), EClean.text), ""));
    }

    private void addLockList(int i, UserLockedInfo userLockedInfo) {
        LOCKED_LIST.put(Integer.valueOf(i), userLockedInfo);
        String uid = userLockedInfo.getUid();
        Set<Integer> set = LOCKED_INDEX.get(uid);
        if (null == set) {
            set = Sets.newHashSet();
        }
        set.add(Integer.valueOf(i));
        LOCKED_INDEX.put(uid, set);
    }

    private void removeLockList(int i) {
        LOCKED_LIST.remove(Integer.valueOf(i));
    }

    @Override // itez.plat.main.service.UserLoginService
    public void removeLockList(String str) {
        Set<Integer> set = LOCKED_INDEX.get(str);
        if (null == set) {
            return;
        }
        set.forEach(num -> {
            removeLockList(num.intValue());
        });
        LOCKED_INDEX.remove(str);
    }

    @Override // itez.plat.main.service.UserLoginService
    public Result pwdVali(String str, String str2) {
        PolicyPwd policy = this.pwdSer.getPolicy(str2);
        return str.length() < policy.getMins().intValue() ? Result.fail("密码长度不能小于 " + policy.getMins() + " 个字符!") : str.length() > policy.getMaxs().intValue() ? Result.fail("密码长度不能大于 " + policy.getMaxs() + " 个字符!") : (policy.getHasNum().intValue() <= 0 || ERegex.has(str, "[0-9]")) ? (policy.getHasLesChar().intValue() <= 0 || ERegex.has(str, "[a-z]")) ? (policy.getHasCapChar().intValue() <= 0 || ERegex.has(str, "[A-Z]")) ? (policy.getHasSpeSign().intValue() <= 0 || ERegex.has(str, "[^0-9a-zA-Z]")) ? Result.success() : Result.fail("密码中必须包含特殊字符!") : Result.fail("密码中必须包含大写字母!") : Result.fail("密码中必须包含小写字母!") : Result.fail("密码中必须包含数字!");
    }

    @Override // itez.plat.main.service.UserLoginService
    public String ssoRouter(String str) {
        User findById = this.userSer.findById(str);
        String domain = findById.getDomain();
        String str2 = tokenEncode(str);
        log.info("生成单点登录Token：{} [user]{}", str2, findById.getCaption());
        String join = EStr.join(EProp.DomainTemplate.replace("${domain}", domain), "/plat/ssoLogin?token=", str2);
        if (!join.startsWith("http")) {
            join = EStr.join(EContext.getAttr().getScheme(), ":", join);
        }
        return join;
    }

    @Override // itez.plat.main.service.UserLoginService
    public User ssoLogin(String str) {
        User findById = this.userSer.findById(tokenDecode(str));
        log.info("单点登录验证通过。[token]{} [user]{}", str, findById.getCaption());
        return findById;
    }

    @Override // itez.plat.main.service.UserLoginService
    public String tokenEncode(String str) {
        return tokenEncode(str, null);
    }

    @Override // itez.plat.main.service.UserLoginService
    public String tokenEncode(String str, String str2) {
        return SM4Kit.encrypt(EMap.by(TOKEN_KEY_DATA, str).set(TOKEN_KEY_TIME, Long.valueOf(EDate.getTime())).toJson(), EStr.ifEmpty(str2, JW.TokenSecret));
    }

    @Override // itez.plat.main.service.UserLoginService
    public String tokenDecode(String str) {
        return tokenDecode(str, null);
    }

    @Override // itez.plat.main.service.UserLoginService
    public String tokenDecode(String str, String str2) {
        if (EStr.isEmpty(str)) {
            throw new RuntimeException("未发现Token！");
        }
        String decrypt = SM4Kit.decrypt(str, EStr.ifEmpty(str2, JW.TokenSecret));
        if (EStr.isEmpty(decrypt)) {
            throw new RuntimeException("Token无效！");
        }
        EMap eMap = (EMap) EJson.parse(decrypt, EMap.class);
        String str3 = eMap.getStr(TOKEN_KEY_DATA);
        if (EDate.isExpire(EDate.addMinute(new Date(eMap.getLong(TOKEN_KEY_TIME).longValue()), 30))) {
            throw new RuntimeException("等待时间过长，Token已超期，请重新操作！");
        }
        return str3;
    }
}
