package net.sinodawn.module.mdm.login.service.impl;

import java.time.LocalDateTime;
import java.util.UUID;
import net.sinodawn.framework.at.annotation.AuditTrailEntry;
import net.sinodawn.framework.at.annotation.AuditTrailType;
import net.sinodawn.framework.audit.aunnotation.Audit;
import net.sinodawn.framework.audit.constant.AuditConstant;
import net.sinodawn.framework.cache.redis.RedisHelper;
import net.sinodawn.framework.context.ApplicationContextHelper;
import net.sinodawn.framework.context.LocalContextHelper;
import net.sinodawn.framework.database.sql.Order;
import net.sinodawn.framework.exception.InvalidDataException;
import net.sinodawn.framework.i18n.I18nHelper;
import net.sinodawn.framework.restful.data.RestJsonWrapperBean;
import net.sinodawn.framework.security.authentication.AuthenticationHelper;
import net.sinodawn.framework.support.base.dao.GenericDao;
import net.sinodawn.framework.utils.StringUtils;
import net.sinodawn.module.mdm.login.service.CoreUserPasswordService;
import net.sinodawn.module.mdm.user.bean.CoreUserBean;
import net.sinodawn.module.mdm.user.service.CoreUserService;
import net.sinodawn.module.sys.password.bean.CorePasswordHisBean;
import net.sinodawn.module.sys.password.bean.CorePasswordPolicyBean;
import net.sinodawn.module.sys.password.service.CorePasswordHisService;
import net.sinodawn.module.sys.password.service.CorePasswordPolicyService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;

@Repository
/* loaded from: input_file:net/sinodawn/module/mdm/login/service/impl/CoreUserPasswordServiceImpl.class */
public class CoreUserPasswordServiceImpl implements CoreUserPasswordService {
    private static final int RETRIEVE_PASSWORD_EXPIRED_TIME = 600;
    private static final String RETRIEVE_PASSWORD_EXPIRED_REDIS_NAME = "RETRIEVE_PASSWORD";
    private static final String MAIL_PROTOCOL_TYPE = "sino.mail.protocol.type";

    @Autowired
    @Lazy
    private CoreUserService userService;

    @Autowired
    @Lazy
    private CorePasswordHisService passwordHisService;

    @Autowired
    @Lazy
    private CorePasswordPolicyService passwordPolicyService;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Override // net.sinodawn.module.mdm.login.service.CoreUserPasswordService
    public void sendEmail(String str, String str2) {
        CoreUserBean coreUserBean = new CoreUserBean();
        coreUserBean.setId(str);
        coreUserBean.setEmail(str2);
        CoreUserBean coreUserBean2 = (CoreUserBean) this.userService.getDao().selectOneIfPresent(coreUserBean, new String[0]);
        if (coreUserBean2 == null) {
            throw new InvalidDataException("RETRIEVE_PASSWORD.TIP.USERID_EMAIL_DOESNOT_MATACH");
        }
        I18nHelper.getMessage("RETRIEVE_PASSWORD_EMAIL.SUBJECT", new String[0]);
        createEmailLink(coreUserBean2);
    }

    @Override // net.sinodawn.module.mdm.login.service.CoreUserPasswordService
    public void validUrl(String str, String str2) {
        if (!str2.equals(RedisHelper.get(RETRIEVE_PASSWORD_EXPIRED_REDIS_NAME, str))) {
            throw new InvalidDataException("RETRIEVE_PASSWORD.TIP.USERID_EMAIL_DOESNOT_MATACH");
        }
    }

    @Override // net.sinodawn.module.mdm.login.service.CoreUserPasswordService
    @Audit(AuditConstant.SAVE)
    @Transactional
    @AuditTrailEntry(AuditTrailType.UPDATE)
    public void resetPassword(RestJsonWrapperBean restJsonWrapperBean) {
        CoreUserBean coreUserBean = (CoreUserBean) restJsonWrapperBean.parseUnique(CoreUserBean.class);
        this.passwordPolicyService.checkPassword(coreUserBean.getId(), coreUserBean.getPassword());
        coreUserBean.setPassword(this.passwordEncoder.encode(coreUserBean.getPassword()));
        coreUserBean.setFailedLoginAttempts(0);
        coreUserBean.setExpiredPasswordUses(0);
        coreUserBean.setPasswordUpdatedTime(LocalDateTime.now());
        this.userService.getDao().update((GenericDao) coreUserBean, new String[0]);
        String password = this.userService.selectById(coreUserBean.getId()).getPassword();
        CorePasswordHisBean corePasswordHisBean = new CorePasswordHisBean();
        corePasswordHisBean.setId(ApplicationContextHelper.getNextIdentity());
        corePasswordHisBean.setUserId(coreUserBean.getId());
        corePasswordHisBean.setPassword(password);
        this.passwordHisService.getDao().insert((GenericDao) corePasswordHisBean);
        this.userService.update(coreUserBean);
        RedisHelper.evict(RETRIEVE_PASSWORD_EXPIRED_REDIS_NAME, coreUserBean.getId());
    }

    @Override // net.sinodawn.module.mdm.login.service.CoreUserPasswordService
    public String validUserAndEmail(String str, String str2) {
        CoreUserBean coreUserBean = new CoreUserBean();
        coreUserBean.setId(str);
        coreUserBean.setEmail(str2);
        CoreUserBean coreUserBean2 = (CoreUserBean) this.userService.getDao().selectOneIfPresent(coreUserBean, new String[0]);
        return (coreUserBean2 == null || !str2.equals(coreUserBean2.getEmail())) ? "0" : "1";
    }

    @Override // net.sinodawn.module.mdm.login.service.CoreUserPasswordService
    public CorePasswordPolicyBean selectPasswordPolicyByUserId(String str) {
        return this.passwordPolicyService.selectMatchingPasswordPolicy(str);
    }

    @Override // net.sinodawn.module.mdm.login.service.CoreUserPasswordService
    public String validateUserPassword(String str, RestJsonWrapperBean restJsonWrapperBean) {
        if (!LocalContextHelper.isUserLogin() || !LocalContextHelper.getLoginUserId().equals(str)) {
            return "0";
        }
        CoreUserBean coreUserBean = new CoreUserBean();
        coreUserBean.setId(str);
        coreUserBean.setPassword(this.passwordEncoder.encode(AuthenticationHelper.getRawPassword(restJsonWrapperBean.getParamValue("password"))));
        return this.userService.getDao().selectList(coreUserBean, new Order[0]).isEmpty() ? "0" : "1";
    }

    private String createEmailLink(CoreUserBean coreUserBean) {
        String uuid = UUID.randomUUID().toString();
        RedisHelper.put(RETRIEVE_PASSWORD_EXPIRED_REDIS_NAME, coreUserBean.getId(), uuid, RETRIEVE_PASSWORD_EXPIRED_TIME);
        String property = ApplicationContextHelper.getEnvironment().getProperty("sino.app.url");
        String property2 = ApplicationContextHelper.getEnvironment().getProperty("server.servlet.context-path");
        StringBuilder append = new StringBuilder(property).append(StringUtils.isEmpty(property2) ? "" : property2).append("?userId=").append(coreUserBean.getId()).append("&secretKey=").append(uuid).append("#resetPassword");
        return I18nHelper.getMessage("RETRIEVE_PASSWORD_EMAIL.CONTENT", append.toString(), append.toString());
    }
}
