package com.supwisdom.eams.security.superdog.web;

import com.superdog.auth.Authentication;
import com.superdog.auth.SuperDogStatusCodes;
import com.supwisdom.eams.infras.application.Message;
import com.supwisdom.eams.security.log.AuthcLog;
import com.supwisdom.eams.security.log.AuthcLogger;
import com.supwisdom.eams.security.superdog.SuperDogLoginSession;
import com.supwisdom.eams.security.superdog.SuperDogServerProperty;
import com.supwisdom.eams.security.superdog.cache.SuperDogSecurityCache;
import com.supwisdom.eams.security.web.SecuritySupportController;
import com.supwisdom.eams.system.superdog.domain.repo.SuperDogUserRepository;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpSession;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

@RequestMapping({"/super-dog/auth"})
@ConditionalOnProperty(prefix = "eams.security.super-dog", name = {"enable"}, havingValue = "true")
@Controller
/* loaded from: input_file:com/supwisdom/eams/security/superdog/web/SuperDogAuthController.class */
public class SuperDogAuthController extends SecuritySupportController {
    private static final String CHALLENGE_ATTR = "__super_dog_challenge__";
    private static final String ACTION_AUTHC = "superdog-authc";
    private static final String ACTION_PLUGOUT = "superdog-plugout";
    protected SuperDogUserRepository superDogUserRepository;
    protected SuperDogServerProperty superDogConfig;
    protected SuperDogSecurityCache superDogUserCache;
    protected AuthcLogger authcLogger;

    @RequestMapping(value = {""}, method = {RequestMethod.GET})
    public ModelAndView index(@RequestParam(value = "originUrl", required = false) String str, ModelAndView modelAndView) {
        modelAndView.setViewName("super-dog/authc/index");
        modelAndView.addObject("originUrl", str);
        return modelAndView;
    }

    @RequestMapping(value = {"/auth-code"}, method = {RequestMethod.GET})
    @ResponseBody
    public String authCode() {
        return this.superDogConfig.getAuthCode();
    }

    @RequestMapping(value = {"/challenge"}, method = {RequestMethod.GET})
    @ResponseBody
    public String challenge(HttpSession httpSession) {
        return genChallenge(httpSession);
    }

    @RequestMapping(value = {"/verify"}, method = {RequestMethod.GET})
    @ResponseBody
    public Message verify(HttpSession httpSession, @RequestParam("dogId") @NotNull @Valid Integer num, @RequestParam("digest") @NotNull @Valid String str) {
        Long accountId = getAccountId();
        if (!this.superDogUserCache.isSuperDogUser(accountId)) {
            AuthcLog newAuthcLog = this.authcLogger.newAuthcLog(true);
            newAuthcLog.setSuccess(false);
            newAuthcLog.setSource(ACTION_AUTHC);
            newAuthcLog.setErrorMessage("当前用户不是超级狗用户");
            this.authcLogger.writeLog(newAuthcLog);
            return new Message(false, "error", "当前用户不是超级狗用户");
        }
        if (!Objects.equals(this.superDogUserCache.getDogId(accountId), num + "")) {
            AuthcLog newAuthcLog2 = this.authcLogger.newAuthcLog(true);
            newAuthcLog2.setSuccess(false);
            newAuthcLog2.setSource(ACTION_AUTHC);
            newAuthcLog2.setErrorMessage("插入的超级狗和当前用户不匹配");
            this.authcLogger.writeLog(newAuthcLog2);
            return new Message(false, "error", "插入的超级狗和当前用户不匹配");
        }
        try {
            int verifyDigest = Authentication.verifyDigest(this.superDogConfig.getVendorId(), num.intValue(), (String) httpSession.getAttribute(CHALLENGE_ATTR), str, this.superDogConfig.getAuthFactor());
            if (verifyDigest == 0) {
                SuperDogLoginSession.loginSuccess(httpSession);
                AuthcLog newAuthcLog3 = this.authcLogger.newAuthcLog(true);
                newAuthcLog3.setSuccess(true);
                newAuthcLog3.setSource(ACTION_AUTHC);
                this.authcLogger.writeLog(newAuthcLog3);
                Message message = new Message(true, "success", (String) null);
                clearChallenge(httpSession);
                return message;
            }
            AuthcLog newAuthcLog4 = this.authcLogger.newAuthcLog(true);
            newAuthcLog4.setSuccess(false);
            newAuthcLog4.setSource(ACTION_AUTHC);
            newAuthcLog4.setErrorMessage("超级狗异常, ret code: " + SuperDogStatusCodes.getMessage(Integer.valueOf(verifyDigest)));
            this.authcLogger.writeLog(newAuthcLog4);
            Message message2 = new Message(false, "error", "" + verifyDigest);
            clearChallenge(httpSession);
            return message2;
        } catch (Throwable th) {
            clearChallenge(httpSession);
            throw th;
        }
    }

    @RequestMapping({"/plug-out"})
    @ResponseBody
    public Message plugOut(HttpSession httpSession) {
        SuperDogLoginSession.logout(httpSession);
        AuthcLog newAuthcLog = this.authcLogger.newAuthcLog(true);
        newAuthcLog.setSuccess(true);
        newAuthcLog.setSource(ACTION_PLUGOUT);
        this.authcLogger.writeLog(newAuthcLog);
        return new Message(true, "success", "超级狗注销成功");
    }

    @RequestMapping({"/code-message"})
    @ResponseBody
    public Map<Integer, String> codeMessage() {
        return SuperDogStatusCodes.CODE_MESSAGE;
    }

    protected String genChallenge(HttpSession httpSession) {
        String genChallenge = Authentication.genChallenge();
        httpSession.setAttribute(CHALLENGE_ATTR, genChallenge);
        return genChallenge;
    }

    protected void clearChallenge(HttpSession httpSession) {
        httpSession.removeAttribute(CHALLENGE_ATTR);
    }

    @Autowired
    public void setSuperDogUserRepository(SuperDogUserRepository superDogUserRepository) {
        this.superDogUserRepository = superDogUserRepository;
    }

    @Autowired
    public void setSuperDogConfig(SuperDogServerProperty superDogServerProperty) {
        this.superDogConfig = superDogServerProperty;
    }

    @Autowired
    public void setSuperDogUserCache(SuperDogSecurityCache superDogSecurityCache) {
        this.superDogUserCache = superDogSecurityCache;
    }

    @Autowired
    public void setAuthcLogger(AuthcLogger authcLogger) {
        this.authcLogger = authcLogger;
    }
}
