package com.supwisdom.insititute.attest.server.guard.webapi.controller;

import com.alibaba.fastjson.JSONObject;
import com.supwisdom.insititute.attest.server.core.request.HttpRequestUtils;
import com.supwisdom.insititute.attest.server.guard.domain.core.GuardService;
import com.supwisdom.insititute.attest.server.guard.domain.core.GuardTokenStatus;
import com.supwisdom.insititute.attest.server.guard.domain.core.utils.EncodeUtils;
import com.supwisdom.insititute.attest.server.guard.domain.securephone.SecurePhoneGuardToken;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.SecurePhoneGuardInitRequest;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.SecurePhoneGuardSendRequest;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.SecurePhoneGuardValidRequest;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.SecurePhoneGuardVerifyRequest;
import com.supwisdom.insititute.attest.server.remote.domain.account.entity.Account;
import com.supwisdom.insititute.attest.server.remote.domain.account.service.AccountService;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.interceptor.CacheOperationExpressionEvaluator;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.tags.BindTag;

@RequestMapping(path = {"/api/guard/securephone"})
@Controller
/* loaded from: input_file:BOOT-INF/lib/attest-server-guard-web-api-1.6.8-RELEASE.1.jar:com/supwisdom/insititute/attest/server/guard/webapi/controller/SecurePhoneGuardController.class */
public class SecurePhoneGuardController {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SecurePhoneGuardController.class);

    @Value("${attest-server.prefix:http://localhost:8071/attest}")
    private String attestServerPrefix;

    @Value("${tpas-agent-service.sms.send.by.username.enabled:false}")
    private boolean tpasSmsSendByUsernameEnabled;

    @Autowired
    @Qualifier("securePhoneGuardService")
    private GuardService securePhoneGuardService;

    @Autowired
    private AccountService userSaAccountService;

    @PostMapping(path = {"/init"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject initSecurePhoneGuard(@RequestBody SecurePhoneGuardInitRequest securePhoneGuardInitRequest) {
        String username;
        String state;
        List<Account> loadAccountsByUsername;
        log.debug("SecurePhoneGuardInitRequest is {}", securePhoneGuardInitRequest);
        int i = -1;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("attestServerUrl", (Object) this.attestServerPrefix);
        try {
            username = securePhoneGuardInitRequest.getUsername();
            state = securePhoneGuardInitRequest.getState();
            loadAccountsByUsername = this.userSaAccountService.loadAccountsByUsername(username);
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            str = e.getMessage();
        }
        if (loadAccountsByUsername == null || loadAccountsByUsername.size() == 0) {
            throw new Exception("Account [" + username + "] is not exist");
        }
        Account account = loadAccountsByUsername.get(0);
        String init = this.securePhoneGuardService.init(username, state, securePhoneGuardInitRequest.getAllClaims());
        jSONObject.put("gid", (Object) init);
        SecurePhoneGuardToken securePhoneGuardToken = (SecurePhoneGuardToken) this.securePhoneGuardService.load(init, SecurePhoneGuardToken.class);
        securePhoneGuardToken.setName(account.getName());
        securePhoneGuardToken.setSecurePhone(this.tpasSmsSendByUsernameEnabled ? account.getUsername() : account.getSecurePhone());
        this.securePhoneGuardService.store(securePhoneGuardToken);
        String securePhone = account.getSecurePhone();
        if (StringUtils.isNotBlank(securePhone)) {
            jSONObject.put("securePhone", (Object) (this.tpasSmsSendByUsernameEnabled ? "***********" : EncodeUtils.encodeMobile(securePhone)));
        }
        i = 0;
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }

    @PostMapping(path = {"/send"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject send(@RequestBody SecurePhoneGuardSendRequest securePhoneGuardSendRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        try {
            httpServletRequest.getRemoteAddr();
            httpServletRequest.getHeader(HttpRequestUtils.USER_AGENT_HEADER);
            httpServletRequest.getHeader("X-Attest-Device-Id");
            String gid = securePhoneGuardSendRequest.getGid();
            if (GuardTokenStatus.EXPIRED.equals(this.securePhoneGuardService.status(gid))) {
                jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) "expired");
                i = -1;
            } else {
                this.securePhoneGuardService.send(gid);
                jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) "ok");
                i = 0;
            }
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            i = -1;
            str = e.getMessage();
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }

    @PostMapping(path = {"/valid"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject valid(@RequestBody SecurePhoneGuardValidRequest securePhoneGuardValidRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = -1;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        try {
            httpServletRequest.getRemoteAddr();
            httpServletRequest.getHeader(HttpRequestUtils.USER_AGENT_HEADER);
            httpServletRequest.getHeader("X-Attest-Device-Id");
            jSONObject.put(BindTag.STATUS_VARIABLE_NAME, (Object) Integer.valueOf(this.securePhoneGuardService.valid(securePhoneGuardValidRequest.getGid(), securePhoneGuardValidRequest.getCode(), null, null).getStatus()));
            jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) "ok");
            i = 0;
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            str = e.getMessage();
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }

    @PostMapping(path = {"/verify"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject verify(@RequestBody SecurePhoneGuardVerifyRequest securePhoneGuardVerifyRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = -1;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put(BindTag.STATUS_VARIABLE_NAME, (Object) Integer.valueOf(this.securePhoneGuardService.verify(securePhoneGuardVerifyRequest.getGid(), securePhoneGuardVerifyRequest.getUsername(), securePhoneGuardVerifyRequest.getState(), securePhoneGuardVerifyRequest.getAllClaims()).getStatus()));
            i = 0;
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            str = e.getMessage();
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }
}
