package pub.ihub.sso.server;

import cn.dev33.satoken.context.SaHolder;
import cn.dev33.satoken.sso.config.SaSsoServerConfig;
import cn.dev33.satoken.sso.processor.SaSsoServerProcessor;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.captcha.CaptchaUtil;
import cn.hutool.captcha.ICaptcha;
import cn.hutool.core.util.ObjectUtil;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import javax.security.auth.login.LoginException;
import lombok.Generated;
import me.zhyd.oauth.AuthRequestBuilder;
import me.zhyd.oauth.cache.AuthStateCache;
import me.zhyd.oauth.model.AuthCallback;
import me.zhyd.oauth.model.AuthResponse;
import me.zhyd.oauth.model.AuthUser;
import me.zhyd.oauth.request.AuthRequest;
import me.zhyd.oauth.utils.AuthStateUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;
import pub.ihub.cloud.rest.Result;

@RestController
/* loaded from: input_file:pub/ihub/sso/server/SsoServerController.class */
public class SsoServerController {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(SsoServerController.class);
    private final SsoServerProperties ssoProperties;
    private final SsoCaptchaProperties captchaProperties;
    private final AuthStateCache stateCache;
    private final SsoSocialUserService socialUserService;

    @RequestMapping({"/sso/*"})
    public Object ssoRequest() {
        return SaSsoServerProcessor.instance.dister();
    }

    @RequestMapping({"/oauth/render/{source}"})
    public void renderAuth(@PathVariable String str, @RequestParam String str2) {
        String createState = AuthStateUtils.createState();
        this.stateCache.cache(redirectKey(createState), str2);
        SaHolder.getResponse().redirect(getAuthRequest(str).authorize(createState));
    }

    @RequestMapping({"/oauth/callback/{source}"})
    public void login(@PathVariable String str, AuthCallback authCallback) {
        AuthResponse login = getAuthRequest(str).login(authCallback);
        if (login.ok()) {
            AuthUser authUser = (AuthUser) login.getData();
            if (StpUtil.isLogin()) {
                this.socialUserService.bingUserAndAuth(str, StpUtil.getLoginId(), authUser);
            } else {
                SsoUserDetails findUserByUuid = this.socialUserService.findUserByUuid(str, authUser.getUuid());
                if (Objects.isNull(findUserByUuid)) {
                    findUserByUuid = this.socialUserService.createUserByAuth(str, authUser);
                }
                StpUtil.login(findUserByUuid.getLoginId());
            }
        }
        SaHolder.getResponse().redirect(this.stateCache.get(redirectKey(authCallback.getState())));
    }

    @GetMapping({"/captcha"})
    public void captcha() throws IOException {
        ICaptcha createCaptcha = createCaptcha();
        ((HttpServletRequest) SaHolder.getRequest().getSource()).getSession().setAttribute("captcha", createCaptcha);
        createCaptcha.write(((HttpServletResponse) SaHolder.getResponse().getSource()).getOutputStream());
    }

    @Autowired
    private void configSso(SaSsoServerConfig saSsoServerConfig, @Autowired(required = false) List<SsoLoginTicketHandle> list, SsoUserDetailsService<?> ssoUserDetailsService) {
        saSsoServerConfig.notLoginView = () -> {
            return new ModelAndView("login.html", new HashMap<String, Object>(4) { // from class: pub.ihub.sso.server.SsoServerController.1
                {
                    put("title", SsoServerController.this.ssoProperties.getTitle());
                    put("copyright", SsoServerController.this.ssoProperties.getCopyright());
                    put("icon", SsoServerController.this.ssoProperties.getIcon());
                    put("socialAuths", SsoServerController.this.ssoProperties.getAuthSource());
                    put("captchaEnabled", Boolean.valueOf(SsoServerController.this.captchaProperties.isEnabled()));
                }
            });
        };
        saSsoServerConfig.doLoginHandle = (str, str2) -> {
            if (ObjectUtil.isNotEmpty(list)) {
                try {
                    Iterator it = list.iterator();
                    while (it.hasNext()) {
                        ((SsoLoginTicketHandle) it.next()).handle();
                    }
                } catch (LoginException e) {
                    return Result.error(e.getMessage());
                }
            }
            SsoUserDetails loadUserByUsername = ssoUserDetailsService.loadUserByUsername(str);
            if (Objects.isNull(loadUserByUsername)) {
                log.debug("账号错误！");
                return Result.error("账号或者密码错误！");
            }
            if (loadUserByUsername.isAccountNonExpired()) {
                log.debug("账号已过期！");
            } else {
                if (loadUserByUsername.isAccountNonLocked()) {
                    log.debug("账号已锁定！");
                    return Result.error("账号已锁定！");
                }
                if (loadUserByUsername.isEnabled()) {
                    if (!loadUserByUsername.getPassword().equals(ssoUserDetailsService.encryptPassword(str2))) {
                        log.debug("密码错误！");
                        return Result.error("账号或者密码错误！");
                    }
                    StpUtil.login(loadUserByUsername.getLoginId());
                    log.debug("登录成功！");
                    return Result.data(StpUtil.getTokenValue(), "登录成功！");
                }
                log.debug("账号已禁用！");
            }
            return Result.error("登录失败！");
        };
    }

    private AuthRequest getAuthRequest(String str) {
        return AuthRequestBuilder.builder().source(str).authConfig(this.ssoProperties.getAuthConfig(str)).authStateCache(this.stateCache).build();
    }

    private String redirectKey(String str) {
        return "redirect:" + str;
    }

    private ICaptcha createCaptcha() {
        int codeCount = this.captchaProperties.getCodeCount();
        switch (this.captchaProperties.getType()) {
            case LINE:
                return CaptchaUtil.createLineCaptcha(200, 100, codeCount, this.captchaProperties.getLineCount());
            case SHEAR:
                return CaptchaUtil.createShearCaptcha(200, 100, codeCount, this.captchaProperties.getThickness());
            case CIRCLE:
                return CaptchaUtil.createCircleCaptcha(200, 100, codeCount, this.captchaProperties.getCircleCount());
            case GIF:
            default:
                return CaptchaUtil.createGifCaptcha(200, 100, codeCount);
        }
    }

    @Generated
    public SsoServerController(SsoServerProperties ssoServerProperties, SsoCaptchaProperties ssoCaptchaProperties, AuthStateCache authStateCache, SsoSocialUserService ssoSocialUserService) {
        this.ssoProperties = ssoServerProperties;
        this.captchaProperties = ssoCaptchaProperties;
        this.stateCache = authStateCache;
        this.socialUserService = ssoSocialUserService;
    }
}
