package com.gccloud.starter.core.service.impl;

import com.baomidou.mybatisplus.core.toolkit.IdWorker;
import com.gccloud.starter.common.config.GlobalConfig;
import com.gccloud.starter.common.config.bean.Jwt;
import com.gccloud.starter.common.config.bean.Login;
import com.gccloud.starter.common.constant.GlobalConst;
import com.gccloud.starter.common.entity.SysUserEntity;
import com.gccloud.starter.common.exception.GlobalException;
import com.gccloud.starter.common.module.login.cache.SysTokenCache;
import com.gccloud.starter.common.utils.BeanConvertUtils;
import com.gccloud.starter.common.utils.IPUtils;
import com.gccloud.starter.common.utils.TokenUtils;
import com.gccloud.starter.common.vo.CurrentUserBase;
import com.gccloud.starter.core.service.ISysTokenService;
import com.gccloud.starter.core.service.ISysUserService;
import com.gccloud.starter.core.vo.SysTokenVO;
import com.gccloud.starter.plugins.cache.common.IStarterCache;
import eu.bitwalker.useragentutils.UserAgent;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@ConditionalOnProperty(prefix = "gc.starter.component", name = {"ISysTokenService"}, havingValue = "SysTokenServiceImpl", matchIfMissing = true)
@Service
/* loaded from: input_file:com/gccloud/starter/core/service/impl/SysTokenServiceImpl.class */
public class SysTokenServiceImpl implements ISysTokenService {
    private static final Logger log = LoggerFactory.getLogger(SysTokenServiceImpl.class);

    @Autowired
    private GlobalConfig globalConfig;

    @Resource
    private IStarterCache starterCache;

    @Autowired
    private ISysUserService userService;

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public String create(String str, Map<String, Object> map) {
        Jwt jwt = this.globalConfig.getJwt();
        JwtBuilder expiration = Jwts.builder().signWith(SignatureAlgorithm.forName(jwt.getAlg()), jwt.getSecret()).setClaims(map).setIssuer(jwt.getIssuer()).setAudience(str + "").setIssuedAt(new Date()).setExpiration(new Date(System.currentTimeMillis() + (jwt.getExpiration().longValue() * 1000)));
        expiration.setId(map.get("id").toString());
        return expiration.compact();
    }

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public SysTokenVO create(String str) {
        return create(str, "pc");
    }

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public SysTokenVO create(String str, String str2) {
        SysUserEntity sysUserEntity = (SysUserEntity) this.userService.getById(str);
        if (sysUserEntity == null) {
            throw new GlobalException("用户不存在", 404);
        }
        SysTokenVO sysTokenVO = new SysTokenVO();
        HashMap hashMap = new HashMap(16);
        hashMap.put("uid", str);
        hashMap.put("uname", sysUserEntity.getUsername());
        hashMap.put("rname", StringUtils.isBlank(sysUserEntity.getRealName()) ? sysUserEntity.getUsername() : sysUserEntity.getRealName());
        hashMap.put("tid", sysUserEntity.getTenantId());
        hashMap.put("oid", sysUserEntity.getOrgId());
        Login login = this.globalConfig.getLogin();
        String str3 = sysUserEntity.getUsername() + ":" + str2;
        if (GlobalConst.Login.LoginStrategy.MULTI_TERMINAL == login.getLoginStrategy()) {
            str3 = str3 + "_" + IdWorker.getIdStr();
        }
        hashMap.put("id", str3);
        sysTokenVO.setToken(create(sysUserEntity.getId(), hashMap));
        if (this.globalConfig.getJwt().getStoreStrategy() != GlobalConst.Jwt.StoreStrategy.NONE) {
            SysTokenCache sysTokenCache = (SysTokenCache) BeanConvertUtils.convert(sysTokenVO, SysTokenCache.class);
            try {
                HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
                String header = request.getHeader("User-Agent");
                if (StringUtils.isNotBlank(header)) {
                    UserAgent parseUserAgentString = UserAgent.parseUserAgentString(header);
                    sysTokenCache.setBrowserName(parseUserAgentString.getBrowser().getName());
                    sysTokenCache.setDeviceName(parseUserAgentString.getOperatingSystem().getName());
                    sysTokenCache.setUserAgent(header);
                }
                sysTokenCache.setIp(IPUtils.getIp(request));
            } catch (Exception e) {
                log.error(ExceptionUtils.getStackTrace(e));
            }
            sysTokenCache.setRealName(StringUtils.isBlank(sysUserEntity.getRealName()) ? sysUserEntity.getUsername() : sysUserEntity.getRealName());
            Date date = new Date();
            sysTokenCache.setCreateDate(date);
            sysTokenCache.setUpdateDate(date);
            sysTokenCache.setDeadDate(new Date(System.currentTimeMillis() + (this.globalConfig.getJwt().getExpiration().longValue() * 1000)));
            sysTokenCache.setId(str3);
            this.starterCache.put(SysTokenCache.class.getSimpleName(), str3, sysTokenCache);
        }
        return sysTokenVO;
    }

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public void checkAllowedTerminal(String str) {
        if (!this.globalConfig.getLogin().getAllowedTerminal().contains(str)) {
            throw new GlobalException("不支持终端: " + str + " 进行访问");
        }
    }

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public CurrentUserBase getUserFromToken(String str) {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        if (GlobalConst.Jwt.StoreStrategy.NONE == this.globalConfig.getJwt().getStoreStrategy()) {
            Claims claims = (Claims) Jwts.parser().setSigningKey(this.globalConfig.getJwt().getSecret()).parseClaimsJws(str).getBody();
            if (StringUtils.isBlank((String) claims.get("id", String.class))) {
                log.error("无法从jwt中获取id值，生成JWT的服务端未设置该值");
                return null;
            }
            CurrentUserBase currentUserBase = new CurrentUserBase();
            currentUserBase.setId((String) claims.get("uid", String.class));
            currentUserBase.setName((String) claims.get("uname", String.class));
            currentUserBase.setRealName((String) claims.get("rname", String.class));
            currentUserBase.setTenantId((String) claims.get("tid", String.class));
            currentUserBase.setOrgId((String) claims.get("oid", String.class));
            currentUserBase.setTokenId((String) claims.get("id", String.class));
            return currentUserBase;
        }
        Claims claims2 = (Claims) Jwts.parser().setSigningKey(this.globalConfig.getJwt().getSecret()).setAllowedClockSkewSeconds(System.currentTimeMillis()).parseClaimsJws(str).getBody();
        String str2 = (String) claims2.get("id", String.class);
        if (StringUtils.isBlank(str2)) {
            log.error("无法从jwt中获取id值，生成JWT的服务端未设置该值");
            return null;
        }
        SysTokenCache sysTokenCache = (SysTokenCache) this.starterCache.get(SysTokenCache.class, str2, SysTokenCache.class);
        if (sysTokenCache == null) {
            log.error("token 未获取到，可能原因：(1) 太长时间没有访问，过期了，属于正常情况 (2) 多个节点服务器时间未同步 (3)token 缓存用的不是同一个中间件");
            return null;
        }
        if (!StringUtils.equals(sysTokenCache.getToken(), str)) {
            log.error("用户: {} 可能被人顶下线了", sysTokenCache.getRealName());
            return null;
        }
        sysTokenCache.setUpdateDate(new Date());
        sysTokenCache.setDeadDate(new Date(System.currentTimeMillis() + (this.globalConfig.getJwt().getExpiration().longValue() * 1000)));
        SysUserEntity sysUserEntity = (SysUserEntity) this.userService.getById((Serializable) claims2.get("uid", String.class));
        if (sysUserEntity == null) {
            return null;
        }
        if (sysUserEntity.getStatus() == null) {
            log.error("用户{}状态异常,为空", sysUserEntity.getUsername());
            return null;
        }
        if (!GlobalConst.User.Status.NORMAL.equals(sysUserEntity.getStatus())) {
            log.error("用户{}状态异常 {}", sysUserEntity.getUsername(), sysUserEntity.getStatus());
            return null;
        }
        CurrentUserBase currentUserBase2 = new CurrentUserBase();
        currentUserBase2.setId(sysUserEntity.getId());
        currentUserBase2.setName(sysUserEntity.getUsername());
        currentUserBase2.setRealName(StringUtils.isBlank(sysUserEntity.getRealName()) ? sysUserEntity.getUsername() : sysUserEntity.getRealName());
        currentUserBase2.setTenantId(sysUserEntity.getTenantId());
        currentUserBase2.setOrgId(sysUserEntity.getOrgId());
        currentUserBase2.setTokenId((String) claims2.get("id", String.class));
        this.starterCache.put(SysTokenCache.class, str2, sysTokenCache);
        return currentUserBase2;
    }

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public void kickoutByUserId(String str) {
        for (SysTokenCache sysTokenCache : this.starterCache.getAll(SysTokenCache.class, SysTokenCache.class)) {
            try {
                if (((String) ((Claims) Jwts.parser().setSigningKey(this.globalConfig.getJwt().getSecret()).parseClaimsJws(sysTokenCache.getToken()).getBody()).get("uid", String.class)).equals(str)) {
                    this.starterCache.invalidate(SysTokenCache.class, sysTokenCache.getId());
                }
            } catch (Exception e) {
                log.error(ExceptionUtils.getStackTrace(e));
            }
        }
    }

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public void kickoutByUserName(String str) {
        for (SysTokenCache sysTokenCache : this.starterCache.getAll(SysTokenCache.class, SysTokenCache.class)) {
            try {
                if (((String) ((Claims) Jwts.parser().setSigningKey(this.globalConfig.getJwt().getSecret()).parseClaimsJws(sysTokenCache.getToken()).getBody()).get("uname", String.class)).equals(str)) {
                    this.starterCache.invalidate(SysTokenCache.class, sysTokenCache.getId());
                }
            } catch (Exception e) {
                log.error(ExceptionUtils.getStackTrace(e));
            }
        }
    }

    @Override // com.gccloud.starter.core.service.ISysTokenService
    public Claims getJwtClaims() {
        try {
            return (Claims) Jwts.parser().setSigningKey(this.globalConfig.getJwt().getSecret()).setAllowedClockSkewSeconds(System.currentTimeMillis()).parseClaimsJws(TokenUtils.getToken(((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest(), this.globalConfig.getJwt())).getBody();
        } catch (Exception e) {
            log.error(ExceptionUtils.getStackTrace(e));
            return null;
        }
    }
}
