package com.supwisdom.institute.personal.security.center.bff.controller;

import com.supwisdom.infras.communication.CommunicateUtil;
import com.supwisdom.institute.license.LicenseControlSwitch;
import com.supwisdom.institute.personal.security.center.bff.base.exception.DefaultErrorException;
import com.supwisdom.institute.personal.security.center.bff.base.vo.response.DefaultApiResponse;
import com.supwisdom.institute.personal.security.center.bff.constants.CheckTypeConstants;
import com.supwisdom.institute.personal.security.center.bff.entity.Safety;
import com.supwisdom.institute.personal.security.center.bff.entity.User;
import com.supwisdom.institute.personal.security.center.bff.nonce.NonceUtil;
import com.supwisdom.institute.personal.security.center.bff.service.SafetyService;
import com.supwisdom.institute.personal.security.center.bff.service.SecurityFlowConfigService;
import com.supwisdom.institute.personal.security.center.bff.service.UserService;
import com.supwisdom.institute.personal.security.center.bff.utils.CodeUtil;
import com.supwisdom.institute.personal.security.center.bff.utils.CurrentUserUtil;
import com.supwisdom.institute.personal.security.center.bff.utils.TemplateUtil;
import com.supwisdom.institute.personal.security.center.bff.vo.request.usersecurity.UserSecurityQuestionBindQuestionRequest;
import com.supwisdom.institute.personal.security.center.bff.vo.request.usersecurity.UserSecurityQuestionCheckCodeRequest;
import com.supwisdom.institute.personal.security.center.bff.vo.request.usersecurity.UserSecurityQuestionSendCodeRequest;
import com.supwisdom.institute.personal.security.center.bff.vo.response.usersecurity.data.UserSecurityQuestionBindQuestionResponseData;
import com.supwisdom.institute.personal.security.center.bff.vo.response.usersecurity.data.UserSecurityQuestionCheckCodeResponseData;
import com.supwisdom.institute.personal.security.center.bff.vo.response.usersecurity.data.UserSecurityQuestionInitQuestionResponseData;
import com.supwisdom.institute.personal.security.center.bff.vo.response.usersecurity.data.UserSecurityQuestionSendCodeResponseData;
import com.supwisdom.institute.personal.security.center.license.LicenseFuncConstants;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import java.util.HashMap;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

@Api(value = "user-security-question", tags = {"user-security-question"}, description = "保护接口 - 用户的安全信息 - 安全问题")
@RequestMapping({"/api/v1/user/security/question"})
@LicenseControlSwitch(funcs = {LicenseFuncConstants.FUNC_ID_D_02_02})
@RestController
/* loaded from: input_file:com/supwisdom/institute/personal/security/center/bff/controller/UserSecurityQuestionController.class */
public class UserSecurityQuestionController {

    @Autowired
    private UserService userService;

    @Autowired
    private SafetyService safetyService;

    @Autowired
    private SecurityFlowConfigService securityFlowConfigService;

    @Value("${email.template.userSecurityQuestionSendCode:{name}：您正在设置安全问题，须验证身份，验证码{code}，有效期5分钟，请尽快完成验证。}")
    private String emailTemplateUserSecurityQuestionSendCode;

    @Value("${sms.template.userSecurityQuestionSendCode:{name}：您正在设置安全问题，须验证身份，验证码{code}，有效期5分钟，请尽快完成验证。}")
    private String smsTemplateUserSecurityQuestionSendCode;
    private String emailTemplateCodeUserSecurityQuestionSendCode = "email.template.userSecurityQuestionSendCode";
    private String smsTemplateCodeUserSecurityQuestionSendCode = "sms.template.userSecurityQuestionSendCode";

    @Value("${sms.template.prefix:}")
    private String smsPrefix = "";

    @RequestMapping(method = {RequestMethod.GET}, path = {"/initQuestion"})
    @ApiOperation(value = "设置安全问题 - 0 初始化", notes = "设置安全问题 - 0 初始化", nickname = "personal-security-center-user-security-question-initQuestion")
    public DefaultApiResponse<UserSecurityQuestionInitQuestionResponseData> initQuestion() {
        int i = 1;
        String currentUserId = CurrentUserUtil.currentUserId();
        if (this.userService.getUser(currentUserId) == null) {
            throw new DefaultErrorException(500, "exception.user.not.exist");
        }
        Safety userSafety = this.safetyService.getUserSafety(currentUserId);
        if (StringUtils.isEmpty(userSafety.getSecureQuestion1()) || StringUtils.isEmpty(userSafety.getSecureQuestion2())) {
            i = 2;
        } else {
            boolean isVerificationEnabled = this.securityFlowConfigService.load().isVerificationEnabled();
            if (!isVerificationEnabled) {
                i = 2;
            }
            if (isVerificationEnabled) {
                boolean isNotBlank = StringUtils.isNotBlank(userSafety.getSecurePhone());
                boolean isNotBlank2 = StringUtils.isNotBlank(userSafety.getSecureEmail());
                if (!isNotBlank && !isNotBlank2) {
                    i = 2;
                }
            }
        }
        HashMap hashMap = new HashMap();
        hashMap.put("userId", currentUserId);
        hashMap.put("step", Integer.valueOf(i));
        hashMap.put("initQuestion", true);
        if (i == 2) {
            hashMap.put("checkCode", true);
        }
        String generate = NonceUtil.generate(hashMap);
        UserSecurityQuestionInitQuestionResponseData userSecurityQuestionInitQuestionResponseData = new UserSecurityQuestionInitQuestionResponseData();
        userSecurityQuestionInitQuestionResponseData.setNonce(generate);
        userSecurityQuestionInitQuestionResponseData.setStep(i);
        userSecurityQuestionInitQuestionResponseData.setMessage("初始化成功");
        return new DefaultApiResponse<>(0, "初始化成功", userSecurityQuestionInitQuestionResponseData);
    }

    @RequestMapping(method = {RequestMethod.POST}, path = {"/sendCode"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ApiOperation(value = "设置安全问题 - 1.0 发送验证码", notes = "设置安全问题 - 1.0 发送验证码", nickname = "personal-security-center-user-security-question-sendCode")
    public DefaultApiResponse<UserSecurityQuestionSendCodeResponseData> sendCode(@RequestBody UserSecurityQuestionSendCodeRequest userSecurityQuestionSendCodeRequest) {
        String nonce = userSecurityQuestionSendCodeRequest.getNonce();
        if (nonce == null || nonce.isEmpty()) {
            throw new DefaultErrorException(500, "exception.user.security.question.parameter.error");
        }
        String checkType = userSecurityQuestionSendCodeRequest.getCheckType();
        if (checkType == null || checkType.isEmpty()) {
            throw new DefaultErrorException(500, "exception.user.security.question.parameter.error");
        }
        HashMap hashMap = new HashMap();
        if (!NonceUtil.verify(nonce, hashMap)) {
            throw new DefaultErrorException(500, "exception.user.security.question.nonce.error");
        }
        if (!hashMap.containsKey("initQuestion") || !Boolean.valueOf(String.valueOf(hashMap.get("initQuestion"))).booleanValue()) {
            throw new DefaultErrorException(500, "exception.user.security.question.step.error");
        }
        if ((hashMap.containsKey("errorTimes") ? Integer.valueOf(String.valueOf(hashMap.get("errorTimes"))).intValue() : 0) >= 3) {
            throw new DefaultErrorException(500, "exception.user.security.question.code.error");
        }
        String currentUserId = CurrentUserUtil.currentUserId();
        if (!currentUserId.equals(String.valueOf(hashMap.get("userId")))) {
            throw new DefaultErrorException(500, "exception.user.security.question.userId.error");
        }
        User user = this.userService.getUser(currentUserId);
        if (user == null) {
            throw new DefaultErrorException(500, "exception.user.not.exist");
        }
        Safety userSafety = this.safetyService.getUserSafety(currentUserId);
        if (userSafety == null) {
            throw new DefaultErrorException(500, "exception.user.safety.not.exist");
        }
        hashMap.put("userId", currentUserId);
        hashMap.put("step", 1);
        long currentTimeMillis = System.currentTimeMillis();
        long j = -1;
        if (hashMap.containsKey("codeCreatedAt")) {
            j = Long.valueOf(String.valueOf(hashMap.get("codeCreatedAt"))).longValue();
        }
        if (j > 0 && Math.abs(currentTimeMillis - j) < 60000) {
            String generate = NonceUtil.generate(hashMap);
            UserSecurityQuestionSendCodeResponseData userSecurityQuestionSendCodeResponseData = new UserSecurityQuestionSendCodeResponseData();
            userSecurityQuestionSendCodeResponseData.setNonce(generate);
            userSecurityQuestionSendCodeResponseData.setStep(1);
            userSecurityQuestionSendCodeResponseData.setMessage("发送失败，发送太频繁了");
            return new DefaultApiResponse<>(1, "发送失败，发送太频繁了", userSecurityQuestionSendCodeResponseData);
        }
        String generate2 = CodeUtil.generate(4);
        boolean z = -1;
        switch (checkType.hashCode()) {
            case -1070931784:
                if (checkType.equals(CheckTypeConstants.EMAIL_ADDRESS)) {
                    z = true;
                    break;
                }
                break;
            case -1068855134:
                if (checkType.equals(CheckTypeConstants.MOBILE)) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                String securePhone = userSafety.getSecurePhone();
                if (!StringUtils.isEmpty(securePhone)) {
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("prefix", this.smsPrefix);
                    hashMap2.put("name", user.getName());
                    hashMap2.put("operation", "设置安全问题");
                    hashMap2.put("code", generate2);
                    CommunicateUtil.sendContentByMobile("验证身份", TemplateUtil.replaceParams(TemplateUtil.TEMPLATE_CATEGORY_SMS, this.smsTemplateCodeUserSecurityQuestionSendCode, this.smsTemplateUserSecurityQuestionSendCode, hashMap2), securePhone);
                    break;
                } else {
                    hashMap.put("sendCode", false);
                    String generate3 = NonceUtil.generate(hashMap);
                    UserSecurityQuestionSendCodeResponseData userSecurityQuestionSendCodeResponseData2 = new UserSecurityQuestionSendCodeResponseData();
                    userSecurityQuestionSendCodeResponseData2.setNonce(generate3);
                    userSecurityQuestionSendCodeResponseData2.setStep(1);
                    userSecurityQuestionSendCodeResponseData2.setMessage("发送失败，未绑定安全手机");
                    return new DefaultApiResponse<>(1, "发送失败，未绑定安全手机", userSecurityQuestionSendCodeResponseData2);
                }
            case true:
                String secureEmail = userSafety.getSecureEmail();
                if (!StringUtils.isEmpty(secureEmail)) {
                    HashMap hashMap3 = new HashMap();
                    hashMap3.put("name", user.getName());
                    hashMap3.put("operation", "设置安全问题");
                    hashMap3.put("code", generate2);
                    CommunicateUtil.sendContentByEmailAddress("验证身份", TemplateUtil.replaceParams(TemplateUtil.TEMPLATE_CATEGORY_EMAIL, this.emailTemplateCodeUserSecurityQuestionSendCode, this.emailTemplateUserSecurityQuestionSendCode, hashMap3), secureEmail);
                    break;
                } else {
                    hashMap.put("sendCode", false);
                    String generate4 = NonceUtil.generate(hashMap);
                    UserSecurityQuestionSendCodeResponseData userSecurityQuestionSendCodeResponseData3 = new UserSecurityQuestionSendCodeResponseData();
                    userSecurityQuestionSendCodeResponseData3.setNonce(generate4);
                    userSecurityQuestionSendCodeResponseData3.setStep(1);
                    userSecurityQuestionSendCodeResponseData3.setMessage("发送失败，未绑定安全邮箱");
                    return new DefaultApiResponse<>(1, "发送失败，未绑定安全邮箱", userSecurityQuestionSendCodeResponseData3);
                }
            default:
                throw new DefaultErrorException(500, "exception.user.security.question.checkType.not.support");
        }
        hashMap.put("sendCode", true);
        hashMap.put("code", generate2);
        hashMap.put("codeCreatedAt", Long.valueOf(System.currentTimeMillis()));
        String generate5 = NonceUtil.generate(hashMap);
        UserSecurityQuestionSendCodeResponseData userSecurityQuestionSendCodeResponseData4 = new UserSecurityQuestionSendCodeResponseData();
        userSecurityQuestionSendCodeResponseData4.setNonce(generate5);
        userSecurityQuestionSendCodeResponseData4.setStep(1);
        userSecurityQuestionSendCodeResponseData4.setMessage("发送成功");
        return new DefaultApiResponse<>(0, "发送成功", userSecurityQuestionSendCodeResponseData4);
    }

    @RequestMapping(method = {RequestMethod.POST}, path = {"/checkCode"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ApiOperation(value = "设置安全问题 - 1.1 验证验证码", notes = "设置安全问题 - 1.1 验证验证码", nickname = "personal-security-center-user-security-question-checkCode")
    public DefaultApiResponse<UserSecurityQuestionCheckCodeResponseData> checkCode(@RequestBody UserSecurityQuestionCheckCodeRequest userSecurityQuestionCheckCodeRequest) {
        int i;
        String str;
        String nonce = userSecurityQuestionCheckCodeRequest.getNonce();
        if (nonce == null || nonce.isEmpty()) {
            throw new DefaultErrorException(500, "exception.user.security.question.parameter.error");
        }
        String code = userSecurityQuestionCheckCodeRequest.getCode();
        if (code == null || code.isEmpty()) {
            throw new DefaultErrorException(500, "exception.user.security.question.parameter.error");
        }
        HashMap hashMap = new HashMap();
        if (!NonceUtil.verify(nonce, hashMap)) {
            throw new DefaultErrorException(500, "exception.user.security.question.nonce.error");
        }
        if (!hashMap.containsKey("sendCode") || !Boolean.valueOf(String.valueOf(hashMap.get("sendCode"))).booleanValue()) {
            throw new DefaultErrorException(500, "exception.user.security.question.step.error");
        }
        int intValue = hashMap.containsKey("errorTimes") ? Integer.valueOf(String.valueOf(hashMap.get("errorTimes"))).intValue() : 0;
        if (intValue >= 3) {
            throw new DefaultErrorException(500, "exception.user.security.question.code.error");
        }
        String currentUserId = CurrentUserUtil.currentUserId();
        if (!currentUserId.equals(String.valueOf(hashMap.get("userId")))) {
            throw new DefaultErrorException(500, "exception.user.security.question.userId.error");
        }
        if (this.userService.getUser(currentUserId) == null) {
            throw new DefaultErrorException(500, "exception.user.not.exist");
        }
        UserSecurityQuestionCheckCodeResponseData userSecurityQuestionCheckCodeResponseData = new UserSecurityQuestionCheckCodeResponseData();
        if (code.equalsIgnoreCase(String.valueOf(hashMap.get("code")))) {
            if (System.currentTimeMillis() - Long.valueOf(String.valueOf(hashMap.get("codeCreatedAt"))).longValue() > 300000) {
                hashMap.put("userId", currentUserId);
                hashMap.put("step", 1);
                hashMap.put("checkCode", false);
                int i2 = intValue + 1;
                hashMap.put("errorTimes", Integer.valueOf(i2));
                userSecurityQuestionCheckCodeResponseData.setNonce(NonceUtil.generate(hashMap));
                userSecurityQuestionCheckCodeResponseData.setStep(1);
                userSecurityQuestionCheckCodeResponseData.setMessage(i2 == 3 ? "验证失败次数过多，请重新验证" : "验证失败，验证码过期！剩余 " + (3 - i2) + " 次机会");
                i = 1;
                str = i2 == 3 ? "验证失败次数过多，请重新验证" : "验证失败，验证码过期！剩余 " + (3 - i2) + " 次机会";
            } else {
                hashMap.put("userId", currentUserId);
                hashMap.put("step", 2);
                hashMap.put("checkCode", true);
                hashMap.put("errorTimes", 0);
                userSecurityQuestionCheckCodeResponseData.setNonce(NonceUtil.generate(hashMap));
                userSecurityQuestionCheckCodeResponseData.setStep(2);
                userSecurityQuestionCheckCodeResponseData.setMessage("验证成功");
                i = 0;
                str = "验证成功";
            }
        } else {
            hashMap.put("userId", currentUserId);
            hashMap.put("step", 1);
            hashMap.put("checkCode", false);
            int i3 = intValue + 1;
            hashMap.put("errorTimes", Integer.valueOf(i3));
            userSecurityQuestionCheckCodeResponseData.setNonce(NonceUtil.generate(hashMap));
            userSecurityQuestionCheckCodeResponseData.setStep(1);
            userSecurityQuestionCheckCodeResponseData.setMessage(i3 == 3 ? "验证失败次数过多，请重新验证" : "验证失败，验证码错误！剩余 " + (3 - i3) + " 次机会");
            i = 1;
            str = i3 == 3 ? "验证失败次数过多，请重新验证" : "验证失败，验证码错误！剩余 " + (3 - i3) + " 次机会";
        }
        return new DefaultApiResponse<>(i, str, userSecurityQuestionCheckCodeResponseData);
    }

    @RequestMapping(method = {RequestMethod.POST}, path = {"/bindQuestion"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ApiOperation(value = "设置安全问题 - 2 设置安全问题", notes = "设置安全问题 - 2 设置安全问题", nickname = "personal-security-center-user-security-question-bindQuestion")
    public DefaultApiResponse<UserSecurityQuestionBindQuestionResponseData> bindQuestion(@RequestBody UserSecurityQuestionBindQuestionRequest userSecurityQuestionBindQuestionRequest) {
        String nonce = userSecurityQuestionBindQuestionRequest.getNonce();
        if (nonce == null || nonce.isEmpty()) {
            throw new DefaultErrorException(500, "exception.user.security.question.parameter.error");
        }
        String question1 = userSecurityQuestionBindQuestionRequest.getQuestion1();
        String question1Answer = userSecurityQuestionBindQuestionRequest.getQuestion1Answer();
        String question2 = userSecurityQuestionBindQuestionRequest.getQuestion2();
        String question2Answer = userSecurityQuestionBindQuestionRequest.getQuestion2Answer();
        if (StringUtils.isEmpty(question1) || StringUtils.isEmpty(question1Answer) || StringUtils.isEmpty(question2) || StringUtils.isEmpty(question2Answer)) {
            throw new DefaultErrorException(500, "exception.user.security.question.parameter.error");
        }
        HashMap hashMap = new HashMap();
        if (!NonceUtil.verify(nonce, hashMap)) {
            throw new DefaultErrorException(500, "exception.user.security.question.nonce.error");
        }
        if (!hashMap.containsKey("checkCode") || !Boolean.valueOf(String.valueOf(hashMap.get("checkCode"))).booleanValue()) {
            throw new DefaultErrorException(500, "exception.user.security.question.step.error");
        }
        String currentUserId = CurrentUserUtil.currentUserId();
        if (!currentUserId.equals(String.valueOf(hashMap.get("userId")))) {
            throw new DefaultErrorException(500, "exception.user.security.question.userId.error");
        }
        if (this.userService.getUser(currentUserId) == null) {
            throw new DefaultErrorException(500, "exception.user.not.exist");
        }
        UserSecurityQuestionBindQuestionResponseData userSecurityQuestionBindQuestionResponseData = new UserSecurityQuestionBindQuestionResponseData();
        this.safetyService.saveQuestion(currentUserId, question1, question1Answer, question2, question2Answer);
        userSecurityQuestionBindQuestionResponseData.setStep(0);
        userSecurityQuestionBindQuestionResponseData.setMessage("设置成功");
        return new DefaultApiResponse<>(0, "设置成功", userSecurityQuestionBindQuestionResponseData);
    }
}
