package cn.ps1.aolai.service;

import cn.ps1.aolai.entity.Action;
import cn.ps1.aolai.entity.Duty;
import cn.ps1.aolai.entity.User;
import cn.ps1.aolai.utils.ConfUtil;
import cn.ps1.aolai.utils.Const;
import cn.ps1.aolai.utils.Digest;
import java.io.PrintWriter;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:cn/ps1/aolai/service/ThirdService.class */
public class ThirdService {
    private static Logger log = LoggerFactory.getLogger(ThirdService.class);

    @Autowired
    private AolaiService aolai;

    @Autowired
    private RedisService redis;

    @Autowired
    private UtilsService utils;

    @Autowired
    private HttpServletRequest req;

    public boolean certifyWith() {
        String sm2Decrypt;
        String parameter = this.req.getParameter(ConfUtil.CERT_K);
        String parameter2 = this.req.getParameter(ConfUtil.JSONSTR);
        String appKey = ConfUtil.appKey();
        if (appKey.equals(parameter)) {
            if (parameter2 == null) {
                return true;
            }
            return setJsonAttr(this.utils.json2Map(parameter2));
        }
        String parameter3 = this.req.getParameter(ConfUtil.TICKET);
        if (parameter3 != null) {
            return certifyApiKey(parameter2, parameter3);
        }
        if (parameter == null) {
            return false;
        }
        String certKey = this.redis.getCertKey(parameter);
        if (certKey != null && parameter2 != null && (sm2Decrypt = Digest.sm2Decrypt(parameter2, certKey)) != null) {
            return setJsonAttr(this.utils.json2Map(sm2Decrypt));
        }
        log.warn("Auth failed > {} : {}", parameter, appKey);
        return false;
    }

    private boolean certifyApiKey(String str, String str2) {
        if (!ConfUtil.isApiOpen() || str == null) {
            return false;
        }
        String str3 = this.redis.get(Const.RDS_APPID + str2);
        if (str3 == null) {
            str3 = (String) ConfUtil.invoke(null, "appCert", str2);
            if (this.utils.isEmpty(str3)) {
                return false;
            }
            this.redis.set(Const.RDS_APPID + str2, str3, getSecond());
        }
        Map<String, Object> json2Map = this.utils.json2Map(Digest.sm4Decrypt(str, str3));
        if (json2Map.isEmpty()) {
            return false;
        }
        return setJsonAttr(json2Map);
    }

    private boolean setJsonAttr(Map<String, Object> map) {
        map.remove(Const.BASE);
        Object obj = map.get(ConfUtil.dbid());
        if (obj != null) {
            if (Pattern.matches("\\w+", String.valueOf(obj))) {
                map.put(Const.BASE, baseNameOf(obj));
            } else {
                map.remove(ConfUtil.dbid());
            }
        }
        if (!this.utils.findIn(ConfUtil.locales(), map.get(Const.I18N))) {
            map.put(Const.I18N, getUserLang());
        }
        this.req.setAttribute(Const.JSON, map);
        log.debug("setJsonAttr...{}", map);
        return true;
    }

    private String baseNameOf(Object obj) {
        return ConfUtil.dataIsolation() ? "" : ConfUtil.baseName() + obj + ConfUtil.baseDot();
    }

    private String getUserLang() {
        String str = this.utils.userSelf(this.req).get(User.LANG);
        if (this.utils.isEmpty(str)) {
            str = this.req.getLocale().getLanguage().toUpperCase();
        }
        return str;
    }

    public boolean authAccess(HttpServletResponse httpServletResponse, Map<String, String> map) {
        Map<String, String> userInfo = this.redis.getUserInfo(map.get("userId"));
        if (userInfo.isEmpty()) {
            this.redis.clearToken(map);
            return invlidToken(httpServletResponse);
        }
        String parameter = this.req.getParameter(ConfUtil.JSONSTR);
        Map<String, Object> decryptParams = decryptParams(userInfo, map, parameter);
        if (decryptParams == null) {
            return invlidToken(httpServletResponse);
        }
        Object obj = decryptParams.get(ConfUtil.APPCODE);
        String appSign = ConfUtil.appSign();
        String requestURI = this.utils.getRequestURI(this.req);
        if (this.utils.isEmpty(obj)) {
            if (appSign.length() > 0) {
                decryptParams.put(ConfUtil.APPCODE, appSign);
                String trustedRole = trustedRole(decryptParams, userInfo, requestURI);
                log.debug("trustedRole...{}", trustedRole);
                if (!"1".equals(trustedRole)) {
                    return denyAccess(httpServletResponse);
                }
            }
            if (parameter == null && decryptParams.isEmpty()) {
                requestParams(decryptParams);
            }
        } else if (!certifyPermit(appSign, obj, requestURI)) {
            return denyAccess(httpServletResponse);
        }
        log.debug("request... {}", requestURI);
        if (certifyParams(decryptParams, requestURI) && isTenant(appSign, decryptParams.get(ConfUtil.dbid()), userInfo)) {
            return setJsonAttr(decryptParams);
        }
        return invlidParams(httpServletResponse);
    }

    private Map<String, Object> decryptParams(Map<String, String> map, Map<String, String> map2, String str) {
        String str2 = map2.get(ConfUtil.CERTID);
        this.req.setAttribute(User.KEY, map);
        this.req.setAttribute("userId", map.get("userId"));
        this.req.setAttribute(ConfUtil.CERTID, str2);
        if (!ConfUtil.isEncOmit() && !this.utils.isEmpty(str)) {
            str = Digest.sm4Decrypt(str, str2);
            if (str == null) {
                return null;
            }
        }
        log.debug("decryptParams...{}", str);
        return this.utils.json2Map(str);
    }

    private void requestParams(Map<String, Object> map) {
        Enumeration parameterNames = this.req.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            map.put(str, this.req.getParameter(str));
        }
    }

    private boolean certifyPermit(String str, Object obj, String str2) {
        if (str.length() == 0) {
            return true;
        }
        String valueOf = String.valueOf(obj);
        String join = this.utils.join(new String[]{Const.RDS_APPID, str, Const.DOT, valueOf});
        Map<String, String> hmget = this.redis.hmget(join);
        if (hmget.isEmpty()) {
            hmget = getActionPermit(str, valueOf);
            log.debug("certifyPermit...{}", hmget);
            if (hmget.isEmpty()) {
                return false;
            }
            this.redis.hmset(join, hmget, Const.ONE_HH);
        }
        return hmget.containsKey(str2);
    }

    private boolean certifyParams(Map<?, ?> map, String str) {
        String valid = ConfUtil.getValid(str);
        if (valid.length() == 0) {
            return true;
        }
        if (ConfUtil.mustValid()) {
            valid = valid + Const.COMMA + ConfUtil.dbid();
        } else if (map.containsKey(ConfUtil.dbid())) {
            map.remove(ConfUtil.dbid());
        }
        return this.utils.availParams(map, valid.split(ConfUtil.COMMA));
    }

    private boolean isTenant(String str, Object obj, Map<String, String> map) {
        if (str.length() <= 0 || obj == null) {
            return true;
        }
        String str2 = (String) this.utils.json2Map(map.get(User.BASE)).get(str);
        return this.utils.isEmpty(str2) || "0".equals(str2) || str2.equals(obj);
    }

    private Map<String, String> getActionPermit(String str, String str2) {
        HashMap hashMap = new HashMap();
        hashMap.put(Action.APP, str);
        hashMap.put(Action.MARK, "0");
        hashMap.put(Action.STATE, "1");
        if (ConfUtil.apiPermit()) {
            hashMap.put(this.utils.join(new String[]{"({", Action.PERMIT, "} is NULL OR ", this.utils.jsonExt(Action.PERMIT, str2), "{0} OR ", this.utils.jsonExt(Action.PERMIT, Const.ALL), "{0})"}), "1");
        }
        log.debug("getActionPermit...{}", hashMap);
        return this.aolai.actionRole(this.aolai.findList(Action.TABLE, hashMap));
    }

    private String trustedRole(Map<String, Object> map, Map<String, String> map2, String str) {
        Map<String, Object> roleParams = this.aolai.getRoleParams(map, map2);
        return this.redis.getActionRole(this.utils.join(new Object[]{map.get(ConfUtil.APPCODE), roleParams.get(ConfUtil.COMPID), roleParams.get(Duty.ID)}, Const.DOT), str);
    }

    private boolean invlidParams(HttpServletResponse httpServletResponse) {
        return invalidResult(httpServletResponse, "2");
    }

    public boolean invlidToken(HttpServletResponse httpServletResponse) {
        return invalidResult(httpServletResponse, Const.S_3);
    }

    private boolean denyAccess(HttpServletResponse httpServletResponse) {
        return invalidResult(httpServletResponse, "5");
    }

    private boolean invalidResult(HttpServletResponse httpServletResponse, String str) {
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.setCharacterEncoding(Const.UTF8);
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            Throwable th = null;
            try {
                try {
                    writer.write(this.utils.obj2Str(this.utils.result(str)));
                    writer.flush();
                    if (writer != null) {
                        if (0 != 0) {
                            try {
                                writer.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            writer.close();
                        }
                    }
                    return false;
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (Exception e) {
            log.error("invalidResult...{}", e.getMessage());
            return false;
        }
    }

    private int getSecond() {
        String parameter = this.req.getParameter("sec");
        return this.utils.isInteger(parameter) ? Integer.parseInt(parameter) : ConfUtil.cacheTime();
    }
}
