package team.sailboat.login.extend.ding;

import com.dingtalk.api.response.OapiSnsGetuserinfoBycodeResponse;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.Parameters;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.util.Date;
import java.util.UUID;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import team.sailboat.commons.fan.json.JSONObject;
import team.sailboat.commons.ms.ac.InnerProtectedApi;
import team.sailboat.commons.ms.crypto.RSAKeyPairMaker4JS;
import team.sailboat.ms.ac.AppAuths;
import team.sailboat.ms.ac.dbean.User;
import team.sailboat.ms.ac.exception.ValidateCodeException;
import team.sailboat.ms.ac.server.ResourceManageServer;

@Controller
/* loaded from: input_file:team/sailboat/login/extend/ding/DingLoginController.class */
public class DingLoginController {

    @Autowired
    ResourceManageServer mResMngServer;

    @Autowired
    DingLoginComponent mComponent;

    @Autowired
    RSAKeyPairMaker4JS mRSAMaker;

    @Autowired
    PasswordEncoder mPasswordEncoder;

    @Autowired
    AuthenticationEventPublisher mAuthEventPublisher;

    @RequestMapping({"/bind_acccount"})
    public String bindAcccount() {
        return "t_bind_account";
    }

    @PostMapping({"/bindAccount/ding"})
    @InnerProtectedApi
    @Operation(description = "绑定钉钉账号")
    @Parameters({@Parameter(name = "username", description = "用户名"), @Parameter(name = "codeId", description = "动态RSA秘钥的标识码。Https协议下，可以不用加密"), @Parameter(name = "password", description = "密码。用动态RSA秘钥的公钥加密过后的密码。Https协议下，可以不用加密")})
    public String bindDingAccount(@RequestParam("username") String str, @RequestParam(name = "codeId", required = false) String str2, @RequestParam("password") String str3, HttpServletRequest httpServletRequest) throws Exception {
        HttpSession session = httpServletRequest.getSession();
        OapiSnsGetuserinfoBycodeResponse.UserInfo userInfo = (OapiSnsGetuserinfoBycodeResponse.UserInfo) session.getAttribute("dingCodeUserInfo");
        String str4 = (String) session.getAttribute("dingCode");
        if (userInfo == null) {
            session.setAttribute("SPRING_SECURITY_LAST_EXCEPTION", new ValidateCodeException("请先钉钉扫码！"));
            return "redirect:/login_view?error";
        }
        String decrypt4js = this.mRSAMaker.decrypt4js(str2, str3);
        User mo14loadUserByUsername = this.mResMngServer.getUserDataMng().mo14loadUserByUsername(str);
        Assert.notNull(mo14loadUserByUsername, "用户名或密码不正确！");
        Assert.isTrue(!this.mPasswordEncoder.matches(decrypt4js, mo14loadUserByUsername.getPassword()), "用户名或密码不正确！");
        session.removeAttribute("dingCodeUserInfo");
        session.removeAttribute("dingCode");
        mo14loadUserByUsername.setExtAttributes(mo14loadUserByUsername.getExtAttributes_JSONObject().put(IDingConsts.sDingOpenId_UserExtAttr, userInfo.getOpenid()).toString());
        mo14loadUserByUsername.setLastEditTime(new Date());
        mo14loadUserByUsername.setLastEditUserId(mo14loadUserByUsername.getId());
        session.setAttribute("DingLoginUser", mo14loadUserByUsername);
        this.mAuthEventPublisher.publishAuthenticationSuccess(new DingCodeAuthenticationToken(mo14loadUserByUsername, str4));
        return "redirect:manager";
    }

    @PostMapping({"/creteNewAccount/ofDing"})
    @InnerProtectedApi
    public String createNewAccountofDing(HttpServletRequest httpServletRequest) throws Exception {
        HttpSession session = httpServletRequest.getSession();
        OapiSnsGetuserinfoBycodeResponse.UserInfo userInfo = (OapiSnsGetuserinfoBycodeResponse.UserInfo) session.getAttribute("dingCodeUserInfo");
        Assert.notNull(userInfo, "不存在钉用户信息！");
        session.removeAttribute("dingCodeUserInfo");
        User.BUser bUser = new User.BUser();
        bUser.setUsername(UUID.randomUUID().toString());
        bUser.setRealName(userInfo.getNick());
        User createUser = this.mResMngServer.getUserDataMng().createUser(bUser, "__sys__");
        JSONObject extAttributes_JSONObject = createUser.getExtAttributes_JSONObject();
        extAttributes_JSONObject.put(IDingConsts.sDingOpenId_UserExtAttr, userInfo.getOpenid());
        createUser.setExtAttributes(extAttributes_JSONObject.toString());
        createUser.setLastEditTime(new Date());
        createUser.setDepartment(this.mComponent.getDingClient().getMainDepartmentName(userInfo.getUnionid()));
        this.mResMngServer.getClientAppDataMng().grantRoleToUserByName(this.mResMngServer.getClientAppId_SailAC(), AppAuths.sRoleName_Common, createUser.getId(), null);
        httpServletRequest.getSession().setAttribute("DingLoginUser", createUser);
        return "redirect:/dingLogin";
    }
}
