package com.github.rexsheng.springboot.faster.system.auth.application;

import com.github.rexsheng.springboot.faster.common.constant.SecurityConstant;
import com.github.rexsheng.springboot.faster.common.utils.JwtUtil;
import com.github.rexsheng.springboot.faster.kaptcha.Kaptcha;
import com.github.rexsheng.springboot.faster.kaptcha.KaptchaProducer;
import com.github.rexsheng.springboot.faster.kaptcha.configuration.KaptchaProperties;
import com.github.rexsheng.springboot.faster.system.auth.application.dto.LoadUserRequest;
import com.github.rexsheng.springboot.faster.system.auth.application.dto.LoginRequest;
import com.github.rexsheng.springboot.faster.system.auth.application.dto.RefreshTokenRequest;
import com.github.rexsheng.springboot.faster.system.auth.application.security.TokenExpireProperties;
import com.github.rexsheng.springboot.faster.system.auth.domain.DeptDomainService;
import com.github.rexsheng.springboot.faster.system.auth.domain.MenuDomainService;
import com.github.rexsheng.springboot.faster.system.auth.domain.SysUserDetail;
import com.github.rexsheng.springboot.faster.system.auth.domain.TokenContainer;
import com.github.rexsheng.springboot.faster.system.auth.domain.UserDomainService;
import com.github.rexsheng.springboot.faster.system.auth.domain.gateway.AuthCodeDO;
import com.github.rexsheng.springboot.faster.system.auth.domain.gateway.AuthGateway;
import com.github.rexsheng.springboot.faster.system.menu.application.dto.MenuDetailResponse;
import com.github.rexsheng.springboot.faster.system.menu.domain.SysMenuType;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Comparator;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.UUID;
import java.util.function.Function;
import java.util.stream.Collectors;
import javax.imageio.ImageIO;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.web.authentication.www.NonceExpiredException;
import org.springframework.stereotype.Service;
import org.springframework.util.ObjectUtils;

@Service
/* loaded from: input_file:com/github/rexsheng/springboot/faster/system/auth/application/AuthServiceImpl.class */
public class AuthServiceImpl implements AuthService {
    private static final Logger logger = LoggerFactory.getLogger(AuthServiceImpl.class);
    private UserDomainService userDomainService;
    private MenuDomainService menuDomainService;
    private DeptDomainService deptDomainService;
    private AuthGateway authGateway;
    private TokenContainer tokenContainer;
    private TokenExpireProperties tokenExpireProperties;
    private KaptchaProperties kaptchaProperties;
    private KaptchaProducer kaptchaProducer;

    public AuthServiceImpl(UserDomainService userDomainService, MenuDomainService menuDomainService, DeptDomainService deptDomainService, AuthGateway authGateway, TokenContainer tokenContainer, TokenExpireProperties tokenExpireProperties, KaptchaProperties kaptchaProperties, KaptchaProducer kaptchaProducer) {
        this.userDomainService = userDomainService;
        this.menuDomainService = menuDomainService;
        this.deptDomainService = deptDomainService;
        this.authGateway = authGateway;
        this.tokenContainer = tokenContainer;
        this.tokenExpireProperties = tokenExpireProperties;
        this.kaptchaProperties = kaptchaProperties;
        this.kaptchaProducer = kaptchaProducer;
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public SysUserDetail login(LoginRequest loginRequest) {
        SysUserDetail user = loginRequest.toUser();
        SysUserDetail queryByAccount = this.userDomainService.queryByAccount(user);
        if (queryByAccount == null || !queryByAccount.validatePassword(user.getPassword())) {
            return null;
        }
        loadUserAuthorities(queryByAccount);
        this.userDomainService.updateLoginTime(queryByAccount.getUserId());
        return queryByAccount;
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public SysUserDetail loadUser(LoadUserRequest loadUserRequest) {
        SysUserDetail queryById = this.userDomainService.queryById(loadUserRequest.getUserId());
        loadUserAuthorities(queryById);
        return queryById;
    }

    public void loadUserAuthorities(SysUserDetail sysUserDetail) {
        List<MenuDetailResponse> flatMap = flatMap(this.menuDomainService.queryList());
        List<AuthCodeDO> queryAuthByUserId = this.authGateway.queryAuthByUserId(sysUserDetail.getUserId());
        Set set = (Set) queryAuthByUserId.stream().filter(authCodeDO -> {
            return !ObjectUtils.isEmpty(authCodeDO.getRoleCode());
        }).map(authCodeDO2 -> {
            return "ROLE_" + authCodeDO2.getRoleCode();
        }).collect(Collectors.toSet());
        List<MenuDetailResponse> list = (List) ((Map) queryAuthByUserId.stream().flatMap(authCodeDO3 -> {
            return flatMap(flatMap, authCodeDO3.getMenuId()).stream();
        }).peek(menuDetailResponse -> {
            if (ObjectUtils.isEmpty(menuDetailResponse.getMenuCode())) {
                return;
            }
            set.add(menuDetailResponse.getMenuCode());
        }).filter(menuDetailResponse2 -> {
            return SysMenuType.MENU.getCode().equals(menuDetailResponse2.getMenuType());
        }).collect(Collectors.toMap((v0) -> {
            return v0.getMenuId();
        }, Function.identity(), (menuDetailResponse3, menuDetailResponse4) -> {
            return menuDetailResponse3;
        }))).values().stream().sorted(Comparator.comparing((v0) -> {
            return v0.getMenuOrder();
        }, Comparator.comparing(num -> {
            return Integer.valueOf(num == null ? 0 : num.intValue());
        })).thenComparing((v0) -> {
            return v0.getMenuId();
        })).collect(Collectors.toList());
        sysUserDetail.setAuthorities((List) new ArrayList(set).stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList()));
        sysUserDetail.setRoles((List) queryAuthByUserId.stream().filter(authCodeDO4 -> {
            return !ObjectUtils.isEmpty(authCodeDO4.getRoleCode());
        }).map(authCodeDO5 -> {
            return authCodeDO5.getRoleCode();
        }).distinct().collect(Collectors.toList()));
        sysUserDetail.setMenus(buildMenuTree(list, null));
        sysUserDetail.setDeptIds(this.deptDomainService.queryDeptAndChildrenIds(sysUserDetail.getDeptId()));
    }

    private List<MenuDetailResponse> flatMap(List<MenuDetailResponse> list) {
        ArrayList arrayList = new ArrayList();
        for (MenuDetailResponse menuDetailResponse : list) {
            arrayList.add(menuDetailResponse);
            if (!ObjectUtils.isEmpty(menuDetailResponse.getChildren())) {
                arrayList.addAll(flatMap(menuDetailResponse.getChildren()));
            }
        }
        return arrayList;
    }

    private List<MenuDetailResponse> flatMap(List<MenuDetailResponse> list, Integer num) {
        ArrayList arrayList = new ArrayList();
        Optional<MenuDetailResponse> findFirst = list.stream().filter(menuDetailResponse -> {
            return menuDetailResponse.getMenuId().equals(num);
        }).findFirst();
        if (findFirst.isPresent()) {
            MenuDetailResponse menuDetailResponse2 = findFirst.get();
            arrayList.add(menuDetailResponse2);
            if (menuDetailResponse2.getParentId() != null) {
                arrayList.addAll(flatMap(list, menuDetailResponse2.getParentId()));
            }
        }
        return arrayList;
    }

    private List<SysUserDetail.SysUserMenu> buildMenuTree(List<MenuDetailResponse> list, Integer num) {
        return (List) list.stream().filter(menuDetailResponse -> {
            return num == null ? menuDetailResponse.getParentId() == null : num.equals(menuDetailResponse.getParentId());
        }).map(menuDetailResponse2 -> {
            SysUserDetail.SysUserMenu sysUserMenu = new SysUserDetail.SysUserMenu();
            sysUserMenu.setMenuId(menuDetailResponse2.getMenuId());
            sysUserMenu.setMenuName(menuDetailResponse2.getMenuName());
            sysUserMenu.setMenuOrder(menuDetailResponse2.getMenuOrder());
            sysUserMenu.setMenuPath(menuDetailResponse2.getMenuPath());
            sysUserMenu.setMenuPathQuery(menuDetailResponse2.getMenuPathQuery());
            sysUserMenu.setParentId(menuDetailResponse2.getParentId());
            sysUserMenu.setMenuIcon(menuDetailResponse2.getMenuIcon());
            sysUserMenu.setComponent(menuDetailResponse2.getComponent());
            sysUserMenu.setCache(menuDetailResponse2.getCache());
            sysUserMenu.setVisible(menuDetailResponse2.getVisible());
            sysUserMenu.setFrame(menuDetailResponse2.getFrame());
            sysUserMenu.setFullscreen(menuDetailResponse2.getFullscreen());
            sysUserMenu.setTag(menuDetailResponse2.getTag());
            sysUserMenu.setChildren(buildMenuTree(list, menuDetailResponse2.getMenuId()));
            return sysUserMenu;
        }).collect(Collectors.toList());
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public Map<String, Object> createSessionToken(SysUserDetail sysUserDetail) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        linkedHashMap2.put("u", sysUserDetail.getUserId());
        String str = null;
        if (sysUserDetail.isRefreshTokenSupport().booleanValue()) {
            str = UUID.randomUUID().toString();
            this.tokenContainer.save("session:refresh:" + str, sysUserDetail, this.tokenExpireProperties.getRefreshExpires().getSeconds());
            linkedHashMap2.put("r", str);
        }
        String createToken = JwtUtil.createToken(sysUserDetail.getAccount(), this.tokenExpireProperties.getExpires().getSeconds(), SecurityConstant.TOKEN_JWT_SECRET_KEY, linkedHashMap2);
        this.tokenContainer.save("session:token:" + sysUserDetail.getAccount() + ":" + createToken, sysUserDetail, this.tokenExpireProperties.getExpires().getSeconds());
        linkedHashMap.put("access_token", createToken);
        linkedHashMap.put("expires_in", Long.valueOf(this.tokenExpireProperties.getExpires().getSeconds()));
        if (str != null) {
            linkedHashMap.put("refresh_token", str);
            linkedHashMap.put("refresh_expires_in", Long.valueOf(this.tokenExpireProperties.getRefreshExpires().getSeconds()));
        }
        linkedHashMap.put("token_type", "Bearer");
        return linkedHashMap;
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public SysUserDetail getUserBySessionToken(String str) {
        try {
            return (SysUserDetail) this.tokenContainer.get("session:token:" + JwtUtil.parseToken(str, SecurityConstant.TOKEN_JWT_SECRET_KEY).getSubject() + ":" + str);
        } catch (ExpiredJwtException e) {
            logger.warn("jwt已过期: {}, detail: {}", str, e.getMessage());
            throw new NonceExpiredException("登录已失效，请重新登录");
        } catch (Exception e2) {
            logger.error("jwt解析异常", e2);
            throw new NonceExpiredException("登录已失效，请重新登录");
        }
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public Map<String, Object> refreshSessionToken(RefreshTokenRequest refreshTokenRequest) {
        SysUserDetail sysUserDetail;
        if (refreshTokenRequest == null) {
            return null;
        }
        String refreshToken = refreshTokenRequest.getRefreshToken();
        if (ObjectUtils.isEmpty(refreshToken) || (sysUserDetail = (SysUserDetail) this.tokenContainer.get("session:refresh:" + refreshToken)) == null) {
            return null;
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        LinkedHashMap linkedHashMap2 = new LinkedHashMap();
        linkedHashMap2.put("u", sysUserDetail.getUserId());
        linkedHashMap2.put("r", refreshToken);
        String createToken = JwtUtil.createToken(sysUserDetail.getAccount(), this.tokenExpireProperties.getExpires().getSeconds(), SecurityConstant.TOKEN_JWT_SECRET_KEY, linkedHashMap2);
        this.tokenContainer.save("session:token:" + sysUserDetail.getAccount() + ":" + createToken, sysUserDetail, this.tokenExpireProperties.getExpires().getSeconds());
        linkedHashMap.put("access_token", createToken);
        linkedHashMap.put("expires_in", Long.valueOf(this.tokenExpireProperties.getExpires().getSeconds()));
        if (this.tokenExpireProperties.getRefreshRenew().booleanValue()) {
            this.tokenContainer.renew("session:refresh:" + refreshToken, this.tokenExpireProperties.getRefreshExpires().getSeconds());
        }
        linkedHashMap.put("token_type", "Bearer");
        return linkedHashMap;
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public SysUserDetail logout(String str) {
        Claims claims;
        try {
            claims = JwtUtil.parseToken(str, SecurityConstant.TOKEN_JWT_SECRET_KEY);
        } catch (ExpiredJwtException e) {
            claims = e.getClaims();
        }
        String subject = claims.getSubject();
        String str2 = (String) claims.get("r", String.class);
        this.tokenContainer.remove("session:token:" + subject + ":" + str);
        this.tokenContainer.remove("session:refresh:" + str2);
        SysUserDetail sysUserDetail = new SysUserDetail();
        sysUserDetail.setUserId((Long) claims.get("u", Long.class));
        return sysUserDetail;
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public Map<String, Object> createKaptcha() throws IOException {
        if (!Boolean.TRUE.equals(this.kaptchaProperties.getEnabled())) {
            return new HashMap();
        }
        Kaptcha createKaptcha = this.kaptchaProducer.createKaptcha();
        String uuid = UUID.randomUUID().toString();
        HashMap hashMap = new HashMap();
        hashMap.put("uuid", uuid);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            ImageIO.write(createKaptcha.getImage(), "jpg", byteArrayOutputStream);
            hashMap.put("img", Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray()));
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e) {
                }
            }
            this.tokenContainer.save("kaptcha:" + uuid, createKaptcha.getText(), 180L);
            return hashMap;
        } catch (Throwable th) {
            if (byteArrayOutputStream != null) {
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e2) {
                }
            }
            throw th;
        }
    }

    @Override // com.github.rexsheng.springboot.faster.system.auth.application.AuthService
    public boolean validateKaptcha(String str, String str2) {
        if (!Boolean.TRUE.equals(this.kaptchaProperties.getEnabled())) {
            return true;
        }
        String str3 = (String) this.tokenContainer.getAndDel("kaptcha:" + str);
        if (str3 != null) {
            return str3.equalsIgnoreCase(str2);
        }
        return false;
    }
}
