package com.kdgcsoft.jt.frame.shiro;

import cn.hutool.core.util.StrUtil;
import com.alibaba.dubbo.config.annotation.Reference;
import com.kdgcsoft.jt.frame.component.entity.AuthMenuVo;
import com.kdgcsoft.jt.frame.component.entity.LoginUsers;
import com.kdgcsoft.jt.frame.model.entity.SysUser;
import com.kdgcsoft.jt.frame.model.service.LoginUsersService;
import com.kdgcsoft.jt.frame.model.service.SysMenuService;
import com.kdgcsoft.jt.frame.model.service.SysRoleService;
import com.kdgcsoft.jt.frame.model.service.SysUserService;
import com.kdgcsoft.jt.frame.plugins.log.AsyncLog;
import com.kdgcsoft.jt.frame.plugins.log.factory.LogRunnableFactory;
import com.kdgcsoft.jt.frame.prop.ProjectProperties;
import com.kdgcsoft.jt.frame.utils.BeanUtils;
import com.kdgcsoft.jt.frame.utils.IpUtil;
import com.kdgcsoft.jt.frame.utils.UserAgentUtil;
import com.kdgcsoft.scrdc.frame.webframe.core.config.shiro.ShiroCasProperties;
import com.kdgcsoft.scrdc.frame.webframe.core.exception.LoginException;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cas.CasRealm;
import org.apache.shiro.cas.CasToken;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.util.CollectionUtils;
import org.apache.shiro.util.StringUtils;
import org.jasig.cas.client.authentication.AttributePrincipal;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.TicketValidationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;

@Component
/* loaded from: input_file:com/kdgcsoft/jt/frame/shiro/CasShiroRealm.class */
public class CasShiroRealm extends CasRealm {
    private static final Logger LOG = LoggerFactory.getLogger(CasShiroRealm.class);

    @Resource
    private ShiroCasProperties shiroCasProperties;

    @Resource
    private ProjectProperties projectProperties;

    @Reference(check = false, lazy = true, retries = 1)
    private LoginUsersService loginUsersService;

    @Reference(check = false, lazy = true, retries = 1)
    private SysRoleService sysRoleService;

    @Reference(check = false, lazy = true, retries = 1)
    private SysMenuService sysMenuService;

    @Reference(check = false, lazy = true, retries = 1)
    private SysUserService sysUserService;

    @PostConstruct
    public void initProperties() {
        LOG.info("配置基本属性");
        setDefaultRoles("ROLE_USER");
        setCasServerUrlPrefix(StrUtil.isNotEmpty(this.shiroCasProperties.getTicketValidateUrl()) ? this.shiroCasProperties.getTicketValidateUrl() : this.shiroCasProperties.getCasServerUrl());
        setCasService(this.shiroCasProperties.getService() + "toIndex");
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        LoginUsers loginUsers = (LoginUsers) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setRoles((Set) this.sysRoleService.queryUserRoleRelByUserId(loginUsers.getLoginUserId()).stream().map((v0) -> {
            return v0.getRoleCode();
        }).collect(Collectors.toSet()));
        simpleAuthorizationInfo.setStringPermissions((Set) this.sysMenuService.queryAuthMenuByUserIdAndSubSysId(loginUsers.getLoginUserId(), this.projectProperties.getSubSysKey()).stream().map((v0) -> {
            return v0.getMenuCode();
        }).collect(Collectors.toSet()));
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        LOG.info("进入doGetAuthenticationInfo");
        try {
            CasToken casToken = (CasToken) authenticationToken;
            if (authenticationToken == null) {
                return null;
            }
            String str = (String) casToken.getCredentials();
            if (!StringUtils.hasText(str)) {
                return null;
            }
            try {
                Assertion validate = ensureTicketValidator().validate(str, getCasService());
                LOG.info("远程验证通过");
                AttributePrincipal principal = validate.getPrincipal();
                String name = principal.getName();
                Map attributes = principal.getAttributes();
                casToken.setUserId(name);
                if (Boolean.parseBoolean((String) attributes.get(getRememberMeAttributeName()))) {
                    casToken.setRememberMe(true);
                }
                try {
                    LoginUsers loadLoginUserByUserName = this.loginUsersService.loadLoginUserByUserName(name);
                    SysUser findUserInfoByName = this.sysUserService.findUserInfoByName(name);
                    loadLoginUserByUserName.setSysUser(findUserInfoByName);
                    loadLoginUserByUserName.setUserId(1L);
                    loadLoginUserByUserName.setUserName(findUserInfoByName.getUserName());
                    loadLoginUserByUserName.setRoles((List) this.sysRoleService.queryUserOwnRoleListByUserId(loadLoginUserByUserName.getLoginUserId(), "1".equals(loadLoginUserByUserName.getSysUser().getSuperAdmin())).stream().map((v0) -> {
                        return v0.getRoleId();
                    }).collect(Collectors.toList()));
                    List<AuthMenuVo> queryAuthMenuByUserIdAndSubSysId = this.sysMenuService.queryAuthMenuByUserIdAndSubSysId(loadLoginUserByUserName.getLoginUserId(), this.projectProperties.getSubSysKey());
                    loadLoginUserByUserName.setMenuInfo(queryAuthMenuByUserIdAndSubSysId);
                    List list = (List) queryAuthMenuByUserIdAndSubSysId.stream().map((v0) -> {
                        return v0.getMenuCode();
                    }).collect(Collectors.toList());
                    queryAuthMenuByUserIdAndSubSysId.forEach(authMenuVo -> {
                        if (BeanUtils.isNotEmpty(authMenuVo.getToolBtns())) {
                            authMenuVo.getToolBtns().forEach(str2 -> {
                                list.add(authMenuVo.getMenuCode() + "." + str2);
                            });
                        }
                        if (BeanUtils.isNotEmpty(authMenuVo.getColBtns())) {
                            authMenuVo.getColBtns().forEach(str3 -> {
                                list.add(authMenuVo.getMenuCode() + "." + str3);
                            });
                        }
                    });
                    loadLoginUserByUserName.setPermissions(list);
                    SimplePrincipalCollection simplePrincipalCollection = new SimplePrincipalCollection(CollectionUtils.asList(new Object[]{loadLoginUserByUserName, attributes}), getName());
                    if (this.projectProperties.isLogEnable()) {
                        AsyncLog.getInstance().executeLog(LogRunnableFactory.loginLog(loadLoginUserByUserName.getLoginUserId(), name, IpUtil.getIpAddress(RequestContextHolder.getRequestAttributes().getRequest()), "browser：" + UserAgentUtil.getBrowser().getName() + " version：" + UserAgentUtil.getUserAgent().getVersion(), this.projectProperties.getSubSysKey()));
                    }
                    return new SimpleAuthenticationInfo(simplePrincipalCollection, str);
                } catch (NullPointerException e) {
                    throw new LoginException("用户不存在", e);
                }
            } catch (TicketValidationException e2) {
                throw new LoginException("用户名密码出错", e2);
            }
        } catch (Exception e3) {
            e3.printStackTrace();
            throw new AuthenticationException(e3.getMessage(), e3);
        }
    }
}
