package com.supwisdom.institute.cas.site.oauthcode.authentication;

import com.alibaba.fastjson.JSONObject;
import com.supwisdom.institute.cas.core.utils.HttpUtils;
import com.supwisdom.institute.cas.site.account.Account;
import com.supwisdom.institute.cas.site.account.service.AccountService;
import com.supwisdom.institute.cas.site.authentication.CasServerAccountCredential;
import com.supwisdom.institute.cas.site.authentication.exceptions.AccountNonActivatedException;
import com.supwisdom.institute.cas.site.authx.log.enums.AuthnFailReason;
import com.supwisdom.institute.cas.site.common.util.RSAUtils;
import com.supwisdom.institute.cas.site.lock.service.LockValidator;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.LinkedHashMap;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.AccountLockedException;
import javax.security.auth.login.AccountNotFoundException;
import org.apache.http.HttpResponse;
import org.apereo.cas.authentication.AbstractAuthenticationHandler;
import org.apereo.cas.authentication.AuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.BasicCredentialMetaData;
import org.apereo.cas.authentication.Credential;
import org.apereo.cas.authentication.DefaultAuthenticationHandlerExecutionResult;
import org.apereo.cas.authentication.PreventedException;
import org.apereo.cas.authentication.exceptions.AccountDisabledException;
import org.apereo.cas.authentication.principal.PrincipalFactory;
import org.apereo.cas.services.ServicesManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:com/supwisdom/institute/cas/site/oauthcode/authentication/OAuthCodeAuthenticationHandler.class */
public class OAuthCodeAuthenticationHandler extends AbstractAuthenticationHandler {
    private static final Logger log = LoggerFactory.getLogger(OAuthCodeAuthenticationHandler.class);

    @Autowired
    private LockValidator lockValidator;

    @Autowired
    private AccountService accountService;

    @Value("${zf.oauthcode.accesstoken.url:http://10.112.0.135:81/msso/access_token}")
    private String accesstokenUrl;

    @Value("${zf.oauthcode.userinfo.url:http://10.112.0.135:81/msso/userinfo}")
    private String userinfoUrl;

    @Value("${zf.oauthcode.appid:appid}")
    private String appid;

    @Value("${zf.oauthcode.secret:secret}")
    private String secret;

    public OAuthCodeAuthenticationHandler(String str, ServicesManager servicesManager, PrincipalFactory principalFactory, Integer num) {
        super(str, servicesManager, principalFactory, num);
    }

    public boolean supports(Credential credential) {
        return OAuthCodeCredential.class.isInstance(credential);
    }

    public AuthenticationHandlerExecutionResult authenticate(Credential credential) throws GeneralSecurityException, PreventedException {
        JSONObject userinfoByToken;
        OAuthCodeCredential oAuthCodeCredential = (OAuthCodeCredential) credential;
        log.debug("oauthCodeCredential is [{}]", oAuthCodeCredential.getId());
        String code = oAuthCodeCredential.getCode();
        oAuthCodeCredential.getState();
        String str = null;
        String str2 = null;
        if (code != null) {
            try {
                JSONObject tokenByCode = getTokenByCode(this.accesstokenUrl, this.appid, this.secret, code);
                if (tokenByCode != null) {
                    str2 = tokenByCode.getString("token");
                }
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        if (str2 != null && (userinfoByToken = getUserinfoByToken(this.userinfoUrl, str2)) != null) {
            str = userinfoByToken.getString("person_code");
        }
        if (str == null) {
            throw new AccountNotFoundException(AuthnFailReason.ACCOUNT_NOT_FOUND.name());
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        try {
            Account loadAccountByUsername = this.accountService.loadAccountByUsername(str);
            if (loadAccountByUsername == null) {
                throw new AccountNotFoundException(AuthnFailReason.ACCOUNT_NOT_FOUND.name());
            }
            loadAccountByUsername.setLoginType("OAuthCode");
            oAuthCodeCredential.setAccount(loadAccountByUsername);
            if (!loadAccountByUsername.getActivation().booleanValue()) {
                throw new AccountNonActivatedException(AuthnFailReason.ACCOUNT_NON_ACTIVATED.name());
            }
            if (!loadAccountByUsername.getEnabled().booleanValue()) {
                throw new AccountDisabledException(AuthnFailReason.ACCOUNT_DISABLED.name());
            }
            if (!loadAccountByUsername.getAccountNonExpired().booleanValue()) {
                throw new AccountExpiredException(AuthnFailReason.ACCOUNT_EXPIRED.name());
            }
            if (!loadAccountByUsername.getAccountNonLocked().booleanValue() && this.lockValidator.isAccountLock(loadAccountByUsername.getUsername())) {
                throw new AccountLockedException(AuthnFailReason.ACCOUNT_LOCKED.name());
            }
            linkedHashMap.put("account", loadAccountByUsername);
            return new DefaultAuthenticationHandlerExecutionResult(this, new BasicCredentialMetaData(new CasServerAccountCredential(str, code, false, loadAccountByUsername, null)), this.principalFactory.createPrincipal(loadAccountByUsername.getUsername(), linkedHashMap), new ArrayList(0));
        } catch (GeneralSecurityException e2) {
            log.error(e2.getMessage(), e2);
            throw e2;
        } catch (Exception e3) {
            log.error(e3.getMessage(), e3);
            throw new AccountNotFoundException(AuthnFailReason.ACCOUNT_NOT_FOUND.name());
        }
    }

    private JSONObject getTokenByCode(String str, String str2, String str3, String str4) {
        JSONObject parseJSONObject;
        int i = 0;
        while (i < 3) {
            HttpResponse httpResponse = null;
            try {
                try {
                    httpResponse = HttpUtils.executePost(str + "?appid=" + str2 + "&secret=" + str3 + "&code=" + str4 + "&grantType=authorization_code", (String) null, new HashMap());
                    parseJSONObject = parseJSONObject(httpResponse);
                } catch (Exception e) {
                    log.error("Get token excption: {}", e.getMessage());
                    HttpUtils.close(httpResponse);
                }
                if (parseJSONObject != null) {
                    String str5 = null;
                    if (parseJSONObject.containsKey("error_code")) {
                        str5 = parseJSONObject.getString("error_code");
                    }
                    if ("00".equalsIgnoreCase(str5)) {
                        HttpUtils.close(httpResponse);
                        return parseJSONObject;
                    }
                    log.error("Get token error: {}", str5);
                    HttpUtils.close(httpResponse);
                    return null;
                }
                HttpUtils.close(httpResponse);
                i++;
                try {
                    Thread.sleep(100 * i * i);
                } catch (InterruptedException e2) {
                    e2.printStackTrace();
                }
            } catch (Throwable th) {
                HttpUtils.close(httpResponse);
                throw th;
            }
        }
        return null;
    }

    private JSONObject getUserinfoByToken(String str, String str2) {
        JSONObject parseJSONObject;
        int i = 0;
        while (i < 3) {
            HttpResponse httpResponse = null;
            try {
                try {
                    httpResponse = HttpUtils.executePost(str + "?token=" + str2, (String) null, new HashMap());
                    parseJSONObject = parseJSONObject(httpResponse);
                } catch (Exception e) {
                    log.error("Get userinfo excption: {}", e.getMessage());
                    HttpUtils.close(httpResponse);
                }
                if (parseJSONObject != null) {
                    String str3 = null;
                    if (parseJSONObject.containsKey("error_code")) {
                        str3 = parseJSONObject.getString("error_code");
                    }
                    if ("00".equalsIgnoreCase(str3)) {
                        HttpUtils.close(httpResponse);
                        return parseJSONObject;
                    }
                    log.error("Get userinfo error: {}", str3);
                    HttpUtils.close(httpResponse);
                    return null;
                }
                HttpUtils.close(httpResponse);
                i++;
                try {
                    Thread.sleep(100 * i * i);
                } catch (InterruptedException e2) {
                    e2.printStackTrace();
                }
            } catch (Throwable th) {
                HttpUtils.close(httpResponse);
                throw th;
            }
        }
        return null;
    }

    private static JSONObject parseJSONObject(HttpResponse httpResponse) {
        if (httpResponse == null) {
            return null;
        }
        try {
            StringBuilder sb = new StringBuilder();
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(httpResponse.getEntity().getContent(), RSAUtils.CHARSET), 8192);
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    log.debug("Fetch response [{}]", sb.toString());
                    return JSONObject.parseObject(sb.toString());
                }
                sb.append(readLine);
            }
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
            return null;
        } catch (IOException e2) {
            e2.printStackTrace();
            return null;
        } catch (UnsupportedOperationException e3) {
            e3.printStackTrace();
            return null;
        }
    }
}
