package team.sailboat.ms.ac.controller;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AccountExpiredException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import team.sailboat.commons.fan.collection.XC;
import team.sailboat.commons.fan.json.JSONObject;
import team.sailboat.commons.ms.MSApp;
import team.sailboat.ms.ac.AppConfig;
import team.sailboat.ms.ac.AppConsts;
import team.sailboat.ms.ac.bean.ClientAppBrief;
import team.sailboat.ms.ac.dbean.ResSpace;
import team.sailboat.ms.ac.dbean.User;
import team.sailboat.ms.ac.exception.ValidateCodeException;
import team.sailboat.ms.ac.server.ResourceManageServer;
import team.sailboat.ms.ac.utils.SecurityUtils;

@Controller
/* loaded from: input_file:team/sailboat/ms/ac/controller/ViewController.class */
public class ViewController {

    @Autowired
    AppConfig mAppConfig;

    @Autowired
    ResourceManageServer mResMngServer;

    @RequestMapping({"/index"})
    public String index(Model model) {
        if (!this.mResMngServer.isAdminPasswordSetted()) {
            model.addAttribute("banner", "设置超级系统管理员密码");
            model.addAttribute("user_admin", AppConsts.sUser_admin);
            return "t_init";
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication != null && authentication.isAuthenticated() && (authentication.getPrincipal() instanceof User)) {
            return "redirect:/manage";
        }
        model.addAttribute("dingLoginEnable", Boolean.valueOf(this.mAppConfig.isDingLoginEnable()));
        return "redirect:login_view";
    }

    @RequestMapping({AppConsts.sViewPath_consent})
    public String consentView(@RequestParam("scope") String str, @RequestParam("client_id") String str2, @RequestParam("state") String str3, Model model, HttpServletRequest httpServletRequest) {
        LinkedList linkedList = new LinkedList();
        for (String str4 : str.split(" ")) {
            HashMap hashMap = new HashMap();
            hashMap.put("code", str4);
            if (str4.equals("user_basic")) {
                hashMap.put("description", "用户基本信息（姓名、性别）");
            } else if (str4.equals("user_org_job")) {
                hashMap.put("description", "用户所属组织及职务");
            } else if (str4.equals("user_contact_info")) {
                hashMap.put("description", "用户联系方式（手机、email）");
            }
            linkedList.add(hashMap);
        }
        model.addAttribute("consents", linkedList);
        model.addAttribute("app", ClientAppBrief.of(this.mResMngServer.getClientAppDataMng().getClientAppByAppKey(str2)));
        model.addAttribute("state", str3);
        model.addAttribute("banner", "授权管理");
        return "t_consent";
    }

    @RequestMapping({AppConsts.sViewPath_login})
    public String loginView(Model model, HttpServletRequest httpServletRequest, HttpSession httpSession) {
        if (!this.mResMngServer.isAdminPasswordSetted()) {
            model.addAttribute("banner", "设置超级系统管理员密码");
            model.addAttribute("user_admin", AppConsts.sUser_admin);
            return "t_init";
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication.isAuthenticated() && (authentication.getPrincipal() instanceof User)) {
            return "redirect:/manage";
        }
        if (httpServletRequest.getParameterMap().containsKey("error")) {
            Exception exc = (Exception) httpServletRequest.getSession().getAttribute("SPRING_SECURITY_LAST_EXCEPTION");
            if (exc == null) {
                model.addAttribute("errMsg", "");
            } else if ((exc instanceof BadCredentialsException) || (exc instanceof InternalAuthenticationServiceException)) {
                if (((Integer) httpServletRequest.getSession().getAttribute("remainRetryTimes")).intValue() == 0) {
                    model.addAttribute("errMsg", "登录失败5次，请30分钟之后再试！");
                } else {
                    model.addAttribute("errMsg", "用户名或者密码错误！");
                }
            } else if (exc instanceof ValidateCodeException) {
                model.addAttribute("errMsg", exc.getMessage());
            } else if (exc instanceof AccountExpiredException) {
                model.addAttribute("errMsg", "当前用户已过期，请联系管理员!");
            } else if (exc instanceof CredentialsExpiredException) {
                model.addAttribute("errMsg", "登录密码已过期");
            } else {
                model.addAttribute("errMsg", exc.getMessage());
            }
            httpServletRequest.getSession().removeAttribute("SPRING_SECURITY_LAST_EXCEPTION");
        }
        model.addAttribute("appId", this.mAppConfig.getDingAppKey());
        model.addAttribute("banner", "用户登录");
        model.addAttribute("callbackUrl", this.mAppConfig.getDingCodeCallbackUrl());
        return "t_login";
    }

    @RequestMapping({AppConsts.sPagePath_ResetExpiredPasswd})
    public String pwdReset(Model model, HttpServletRequest httpServletRequest, HttpSession httpSession) {
        model.addAttribute("authToken", httpServletRequest.getAttribute("authToken"));
        return "t_pwd_reset";
    }

    @RequestMapping({"/manage"})
    public String manage(Model model) {
        ResSpace resSpace;
        User checkUser = SecurityUtils.checkUser();
        List<ResSpace> resSpaceOfUserInClientApp = this.mResMngServer.getClientAppDataMng().getResSpaceOfUserInClientApp(checkUser.getId(), this.mResMngServer.getClientAppId_SailAC());
        if (resSpaceOfUserInClientApp.size() > 0 && (resSpace = (ResSpace) XC.findFirst(resSpaceOfUserInClientApp, resSpace2 -> {
            return AppConsts.sResSpaceType_ClientApp.equals(resSpace2.getType());
        }).orElse(null)) != null) {
            model.addAttribute("resId", resSpace.getResId());
        }
        model.addAttribute("sysEnv", MSApp.instance().getSysEnv());
        model.addAttribute("user", new JSONObject().put("displayName", checkUser.getDisplayName()).put("id", checkUser.getId()));
        model.addAttribute("authes", checkUser.getAuthorities());
        model.addAttribute("credentialRenewalDays", this.mAppConfig.getCredentialRenewalDays());
        return "pages/manage/index";
    }
}
