package net.sinodawn.framework.security.service;

import java.time.LocalDateTime;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import net.sinodawn.framework.context.ApplicationContextHelper;
import net.sinodawn.framework.i18n.I18nHelper;
import net.sinodawn.framework.security.bean.LoginUser;
import net.sinodawn.framework.security.sso.SsoAuthenticator;
import net.sinodawn.framework.security.sso.SsoAuthenticatorRegistry;
import net.sinodawn.framework.utils.ServletUtils;
import net.sinodawn.framework.utils.StringUtils;
import net.sinodawn.module.mdm.user.bean.CoreUserBean;
import net.sinodawn.module.mdm.user.service.CoreUserService;
import net.sinodawn.module.sys.log.service.CoreLoginLogService;
import net.sinodawn.module.sys.password.service.CorePasswordPolicyService;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:net/sinodawn/framework/security/service/DefaultUserDetailsChecker.class */
public class DefaultUserDetailsChecker {
    public static void checkPassword(String str, String str2) {
        CoreUserBean selectByLoginId = ((CoreUserService) ApplicationContextHelper.getBean(CoreUserService.class)).selectByLoginId(str);
        if (selectByLoginId == null) {
            getLoginLogService().insertLoginFailureLog(str, I18nHelper.getMessage("SINO.SECURITY.LOGIN.INCORRECT_USER_OR_PASSWORD", new String[0]));
            throw new BadCredentialsException("SINO.SECURITY.LOGIN.INCORRECT_USER_OR_PASSWORD");
        }
        if (selectByLoginId.getPassword().equals(str2)) {
            return;
        }
        getLoginLogService().insertLoginFailureLog(str, I18nHelper.getMessage("SINO.SECURITY.LOGIN.INCORRECT_USER_OR_PASSWORD", new String[0]));
        throw new BadCredentialsException("SINO.SECURITY.LOGIN.INCORRECT_USER_OR_PASSWORD");
    }

    public static void check(CoreUserBean coreUserBean) {
        if (coreUserBean == null) {
            throw new UsernameNotFoundException("SINO.SECURITY.LOGIN.INCORRECT_USER_OR_PASSWORD");
        }
        if ("1".equals(coreUserBean.getLastSuspendedFlag())) {
            getLoginLogService().insertLoginFailureLog(coreUserBean.getId(), I18nHelper.getMessage("SINO.SECURITY.LOGIN.DEACTIVATED", new String[0]));
            throw new DisabledException("SINO.SECURITY.LOGIN.DEACTIVATED");
        }
        if ("locked".equals(coreUserBean.getStatus())) {
            getLoginLogService().insertLoginFailureLog(coreUserBean.getId(), I18nHelper.getMessage("SINO.SECURITY.LOGIN.LOCKED", new String[0]));
            throw new LockedException("SINO.SECURITY.LOGIN.LOCKED");
        }
        if ("deprecated".equals(coreUserBean.getStatus())) {
            getLoginLogService().insertLoginFailureLog(coreUserBean.getId(), I18nHelper.getMessage("SINO.SECURITY.LOGIN.DEPRECATED", new String[0]));
            throw new LockedException("SINO.SECURITY.LOGIN.DEPRECATED");
        }
        LocalDateTime now = LocalDateTime.now();
        if (coreUserBean.getExpiryDate() == null || !coreUserBean.getExpiryDate().isBefore(now)) {
            return;
        }
        getLoginLogService().insertLoginFailureLog(coreUserBean.getId(), I18nHelper.getMessage("SINO.SECURITY.LOGIN.EXPIRED", new String[0]));
        throw new LockedException("SINO.SECURITY.LOGIN.EXPIRED");
    }

    public static void check(UserDetails userDetails) {
        SsoAuthenticator authenticator;
        check(((CoreUserService) ApplicationContextHelper.getBean(CoreUserService.class)).selectById(userDetails.getUsername()));
        HttpServletRequest currentRequest = ServletUtils.getCurrentRequest();
        if (currentRequest != null) {
            String parameter = currentRequest.getParameter("loginType");
            if (StringUtils.isBlank(parameter) || (authenticator = SsoAuthenticatorRegistry.INSTANCE.getAuthenticator(parameter)) == null) {
                return;
            }
            authenticator.checkLoginUser((LoginUser) userDetails);
        }
    }

    public static void postAuthenticationFailure(String str) {
        CoreUserService coreUserService = (CoreUserService) ApplicationContextHelper.getBean(CoreUserService.class);
        CoreUserBean selectByLoginId = coreUserService.selectByLoginId(str);
        if (selectByLoginId != null) {
            List list = (List) ((CorePasswordPolicyService) ApplicationContextHelper.getBean(CorePasswordPolicyService.class)).selectEffectedList(selectByLoginId.getId()).stream().filter(corePasswordPolicyBean -> {
                return corePasswordPolicyBean.getMaxFailedAttempts() != null && corePasswordPolicyBean.getMaxFailedAttempts().longValue() > 0;
            }).collect(Collectors.toList());
            if (!list.isEmpty()) {
                CoreUserBean coreUserBean = new CoreUserBean();
                coreUserBean.setId(selectByLoginId.getId());
                coreUserBean.setFailedLoginAttempts(Integer.valueOf(selectByLoginId.getFailedLoginAttempts().intValue() + 1));
                if (coreUserBean.getFailedLoginAttempts().intValue() > list.stream().mapToLong((v0) -> {
                    return v0.getMaxFailedAttempts();
                }).min().getAsLong()) {
                    coreUserBean.setStatus("locked");
                }
                coreUserService.update(coreUserBean);
                if ("locked".equals(coreUserBean.getStatus())) {
                    getLoginLogService().insertLoginFailureLog(str, I18nHelper.getMessage("SINO.SECURITY.LOGIN.LOCKED", new String[0]));
                    throw new LockedException("SINO.SECURITY.LOGIN.LOCKED");
                }
            }
        } else {
            getLoginLogService().insertLoginFailureLog(str, I18nHelper.getMessage("SINO.SECURITY.LOGIN.INCORRECT_USER_OR_PASSWORD", new String[0]));
        }
        throw new BadCredentialsException("SINO.SECURITY.LOGIN.INCORRECT_USER_OR_PASSWORD");
    }

    private static CoreLoginLogService getLoginLogService() {
        return (CoreLoginLogService) ApplicationContextHelper.getBean(CoreLoginLogService.class);
    }
}
