package com.supwisdom.institute.cas.site.h5.workweixin.web.flow;

import com.alibaba.fastjson.JSONObject;
import com.supwisdom.institute.cas.core.utils.workweixin.WorkWeixinUtils;
import com.supwisdom.institute.cas.site.account.Account;
import com.supwisdom.institute.cas.site.account.service.AccountService;
import com.supwisdom.institute.cas.site.common.util.RSAUtils;
import com.supwisdom.institute.cas.site.common.util.UserAgentUtils;
import com.supwisdom.institute.cas.site.config.Config;
import com.supwisdom.institute.cas.site.config.ConfigManager;
import com.supwisdom.institute.cas.site.config.ConfigUtil;
import com.supwisdom.institute.cas.site.federated.authentication.FederatedUserinfo;
import com.supwisdom.institute.cas.site.federated.authentication.principal.FederatedClientCredential;
import com.supwisdom.institute.cas.site.federation.Federation;
import com.supwisdom.institute.cas.site.federation.FederationManager;
import com.supwisdom.institute.cas.site.federation.FederationRepository;
import com.supwisdom.institute.cas.site.federation.authentication.principal.FederationCredential;
import com.supwisdom.institute.cas.site.h5.workweixin.authentication.WorkWeixinH5Credential;
import com.supwisdom.institute.cas.site.state.StateUtil;
import com.supwisdom.institute.cas.site.web.flow.actions.CasServerMultiAccountAction;
import com.supwisdom.institute.cas.site.web.flow.model.AccountModel;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.adaptive.AdaptiveAuthenticationPolicy;
import org.apereo.cas.authentication.principal.WebApplicationService;
import org.apereo.cas.services.ServicesManager;
import org.apereo.cas.web.flow.actions.AbstractNonInteractiveCredentialsAction;
import org.apereo.cas.web.flow.resolver.CasDelegatingWebflowEventResolver;
import org.apereo.cas.web.flow.resolver.CasWebflowEventResolver;
import org.apereo.cas.web.support.WebUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.webflow.action.EventFactorySupport;
import org.springframework.webflow.execution.Event;
import org.springframework.webflow.execution.RequestContext;

/* loaded from: input_file:com/supwisdom/institute/cas/site/h5/workweixin/web/flow/WorkWeixinH5AuthenticationAction.class */
public class WorkWeixinH5AuthenticationAction extends AbstractNonInteractiveCredentialsAction {
    private static final Logger log = LoggerFactory.getLogger(WorkWeixinH5AuthenticationAction.class);
    private final ServicesManager servicesManager;

    @Autowired
    private ConfigManager configManager;

    @Autowired
    private AccountService accountService;

    @Autowired
    @Qualifier("remoteFederationManager")
    private FederationManager federationManager;

    @Autowired
    @Qualifier("remoteFederationRepository")
    private FederationRepository federationRepository;

    @Value("${cas.server.prefix:http://localhost:8080/cas}")
    private String casServerPrefix;

    public WorkWeixinH5AuthenticationAction(CasDelegatingWebflowEventResolver casDelegatingWebflowEventResolver, CasWebflowEventResolver casWebflowEventResolver, AdaptiveAuthenticationPolicy adaptiveAuthenticationPolicy, ServicesManager servicesManager) {
        super(casDelegatingWebflowEventResolver, casWebflowEventResolver, adaptiveAuthenticationPolicy);
        this.servicesManager = servicesManager;
    }

    private String getConfigValue(String str, String str2) {
        Config config = this.configManager.getConfigs().get(str);
        return (config == null || !StringUtils.isNotBlank(config.getConfigValue())) ? str2 : config.getConfigValue();
    }

    private Boolean getConfigValue(String str, Boolean bool) {
        Config config = this.configManager.getConfigs().get(str);
        return (config == null || !StringUtils.isNotBlank(config.getConfigValue())) ? bool : Boolean.valueOf(config.getConfigValue());
    }

    private Boolean isEnabled() {
        if (getConfigValue("login.federation.workweixin.enabled", (Boolean) false).booleanValue()) {
            return getConfigValue("casServer.federation.workweixinh5.enabled", (Boolean) false);
        }
        return false;
    }

    protected Event doExecute(RequestContext requestContext) {
        String configValue = getConfigValue("casServer.federation.workweixinh5.corpid", "");
        String configValue2 = getConfigValue("casServer.federation.workweixinh5.secret", "");
        if (!isEnabled().booleanValue()) {
            return error();
        }
        if (StringUtils.isBlank(configValue) || StringUtils.isBlank(configValue2)) {
            return error();
        }
        String httpServletRequestUserAgentFromRequestContext = WebUtils.getHttpServletRequestUserAgentFromRequestContext(requestContext);
        log.debug("work weixin h5, doExecute, Request user agent [{}]", httpServletRequestUserAgentFromRequestContext);
        if (!UserAgentUtils.isWorkweixin(httpServletRequestUserAgentFromRequestContext) && !UserAgentUtils.isWechatClient(httpServletRequestUserAgentFromRequestContext) && !UserAgentUtils.isWxamp(httpServletRequestUserAgentFromRequestContext)) {
            return error();
        }
        String str = requestContext.getRequestParameters().get("code");
        String str2 = requestContext.getRequestParameters().get("state");
        WebApplicationService service = WebUtils.getService(requestContext);
        FederatedUserinfo federatedUserinfo = null;
        if (str != null) {
            try {
                String userId = WorkWeixinUtils.getUserId(configValue, configValue2, str);
                if (StringUtils.isNotBlank(userId)) {
                    String user = WorkWeixinUtils.getUser(configValue, configValue2, userId);
                    if (StringUtils.isNotBlank(user)) {
                        log.info("user from work weixin: {}", user);
                        JSONObject parseObject = JSONObject.parseObject(user);
                        String string = parseObject.getString("name");
                        String string2 = parseObject.getString("avatar");
                        try {
                            String str3 = null;
                            Account loadAccountByUsername = this.accountService.loadAccountByUsername(userId);
                            if (loadAccountByUsername != null) {
                                str3 = loadAccountByUsername.getUserNo();
                            } else {
                                List<Account> loadAccountsByUserNo = this.accountService.loadAccountsByUserNo(userId);
                                if (loadAccountsByUserNo != null && loadAccountsByUserNo.size() > 0) {
                                    str3 = userId;
                                }
                            }
                            if (str3 != null) {
                                federatedBind(str3, "workweixin", userId, string, string2);
                            }
                        } catch (Exception e) {
                            e.printStackTrace();
                        }
                        federatedUserinfo = new FederatedUserinfo("workweixin", userId);
                        federatedUserinfo.setName(string);
                        federatedUserinfo.setLogo(string2);
                    }
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                return error();
            }
        }
        log.debug("Retrieved federated userinfo from client as [{}]", federatedUserinfo);
        if (federatedUserinfo == null) {
            throw new IllegalArgumentException("Unable to determine federated userinfo from the context with client workweixin");
        }
        federatedUserinfo.getExternalInfo();
        String federatedType = federatedUserinfo.getFederatedType();
        String federatedId = federatedUserinfo.getFederatedId();
        Federation loadByFederatedTypeId = this.federationRepository.loadByFederatedTypeId(federatedType, federatedId);
        if (loadByFederatedTypeId == null || StringUtils.isBlank(loadByFederatedTypeId.getFederatedId())) {
            requestContext.getFlowScope().put("federation", new FederationCredential());
            WebUtils.putCredential(requestContext, new FederatedClientCredential("WORKWEIXINH5", federatedId, federatedUserinfo, "workweixin"));
            return getEventFactorySupport().event(this, "federatedBindAccount");
        }
        WorkWeixinH5Credential workWeixinH5Credential = new WorkWeixinH5Credential("WORKWEIXINH5", federatedId, str, str2, service);
        WebUtils.putCredential(requestContext, workWeixinH5Credential);
        String userNo = loadByFederatedTypeId.getUserNo();
        List<Account> loadAccountsByUserNo2 = StringUtils.isNotBlank(userNo) ? this.accountService.loadAccountsByUserNo(userNo) : this.accountService.loadAccountsByUserId(loadByFederatedTypeId.getUserId());
        if (loadAccountsByUserNo2 == null || loadAccountsByUserNo2.isEmpty()) {
            return error();
        }
        String name = federatedUserinfo.getName();
        String logo = federatedUserinfo.getLogo();
        if (StringUtils.isBlank(userNo)) {
            userNo = loadAccountsByUserNo2.get(0).getUserNo();
        }
        federatedBind(userNo, federatedType, federatedId, name, logo);
        if (loadAccountsByUserNo2.size() == 1) {
            requestContext.getFlowScope().put("originalUsername", "");
            workWeixinH5Credential.setAccount(loadAccountsByUserNo2.get(0));
            WebUtils.putCredential(requestContext, workWeixinH5Credential);
            return super.doExecute(requestContext);
        }
        if (loadAccountsByUserNo2.size() <= 1) {
            return error();
        }
        boolean configValue3 = ConfigUtil.instance().getConfigValue("casServer.config.hideWrittenoffAccount", false);
        ArrayList arrayList = new ArrayList();
        for (Account account : loadAccountsByUserNo2) {
            if (!configValue3 || !account.isWrittenoff()) {
                arrayList.add(new AccountModel(account));
            }
        }
        if (arrayList.size() == 1) {
            workWeixinH5Credential.setAccount(((AccountModel) arrayList.get(0)).getAccount());
            WebUtils.putCredential(requestContext, workWeixinH5Credential);
            return super.doExecute(requestContext);
        }
        Collections.sort(arrayList);
        requestContext.getFlowScope().put("casServerMultiAccounts", arrayList);
        return getEventFactorySupport().event(this, CasServerMultiAccountAction.EVENT_ID_SELECT_ACCOUNT);
    }

    protected Event doPreExecute(RequestContext requestContext) throws Exception {
        WebApplicationService service;
        String configValue = getConfigValue("casServer.federation.workweixinh5.corpid", "");
        if (!isEnabled().booleanValue() || StringUtils.isBlank(configValue)) {
            return null;
        }
        String httpServletRequestUserAgentFromRequestContext = WebUtils.getHttpServletRequestUserAgentFromRequestContext(requestContext);
        log.debug("work weixin h5, doPreExecute, Request user agent [{}]", httpServletRequestUserAgentFromRequestContext);
        if ((!UserAgentUtils.isWorkweixin(httpServletRequestUserAgentFromRequestContext) && !UserAgentUtils.isWechatClient(httpServletRequestUserAgentFromRequestContext) && !UserAgentUtils.isWxamp(httpServletRequestUserAgentFromRequestContext)) || (service = WebUtils.getService(requestContext)) == null || !StringUtils.isBlank(requestContext.getRequestParameters().get("code"))) {
            return null;
        }
        String str = this.casServerPrefix + "/login";
        if (service != null) {
            str = str + "?service=" + URLEncoder.encode(service.getId(), RSAUtils.CHARSET);
        }
        log.debug("work weixin h5, doPreExecute, redirectUrl2 is {}", str);
        String oAuth2AuthorizeUrl = WorkWeixinUtils.getOAuth2AuthorizeUrl(configValue, str, StateUtil.generateKey());
        log.info("work weixin h5, doPreExecute, redirect to url [{}]", oAuth2AuthorizeUrl);
        WebUtils.putServiceRedirectUrl(requestContext, oAuth2AuthorizeUrl);
        return new EventFactorySupport().event(this, "redirect");
    }

    protected Credential constructCredentialsFromRequest(RequestContext requestContext) {
        return null;
    }

    private void federatedBind(String str, String str2, String str3, String str4, String str5) {
        try {
            Federation federation = new Federation();
            federation.setUserNo(str);
            federation.setFederatedType(str2);
            federation.setFederatedId(str3);
            federation.setFederatedInfo(str4);
            federation.setFederatedLogo(str5);
            this.federationManager.bind(federation, null, null);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
