package com.supwisdom.insititute.token.server.security.webapi.controller;

import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.supwisdom.insititute.token.server.account.domain.entity.Account;
import com.supwisdom.insititute.token.server.security.domain.core.userdetails.TokenUser;
import com.supwisdom.insititute.token.server.security.domain.service.AuthService;
import com.supwisdom.insititute.token.server.security.domain.service.TokenService;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.InvalidMimeTypeException;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
/* loaded from: input_file:BOOT-INF/lib/token-server-security-web-api-1.3.8-SNAPSHOT.jar:com/supwisdom/insititute/token/server/security/webapi/controller/PasswordLoginController.class */
public class PasswordLoginController {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) PasswordLoginController.class);

    @Autowired
    protected AuthService authService;

    @Autowired
    protected TokenService tokenService;

    @PostMapping(value = {"/jwt/token/login"}, params = {"username", "password"}, produces = {"text/plain", "application/json;charset=UTF-8"})
    public String jwtTokenLogin(@RequestHeader(name = "accept") String str, @RequestParam(name = "username", required = true) String str2, @RequestParam(name = "password", required = true) String str3, @RequestParam(name = "appId", required = true) String str4, @RequestParam(name = "deviceId", required = true) String str5, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        MediaType parseMediaType = MediaType.parseMediaType(str);
        httpServletResponse.setContentType(parseMediaType.toString());
        TokenUser tokenUser = null;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
            if (usernamePasswordAuthenticationToken.isAuthenticated() && (usernamePasswordAuthenticationToken.getPrincipal() instanceof TokenUser)) {
                tokenUser = (TokenUser) usernamePasswordAuthenticationToken.getPrincipal();
            }
        }
        if (tokenUser == null) {
            throw new UsernameNotFoundException(String.format("%s not found", str2));
        }
        Map<String, String> parseRequestParamter = this.authService.parseRequestParamter(httpServletRequest);
        log.debug("generateToken for tokenUser {}, start  at {}", tokenUser.getUsername(), Long.valueOf(System.currentTimeMillis()));
        String generateToken = this.tokenService.generateToken(str4, str5, tokenUser, parseRequestParamter);
        log.debug("generateToken for tokenUser {}, finish at {}", tokenUser.getUsername(), Long.valueOf(System.currentTimeMillis()));
        if (parseMediaType.equals(MediaType.TEXT_PLAIN)) {
            return generateToken;
        }
        if (!parseMediaType.equals(MediaType.APPLICATION_JSON_UTF8)) {
            throw new InvalidMimeTypeException(parseMediaType.toString(), "not supported, only support \"accept: text/plain\" and \"accept: application/json;charset=UTF-8\".");
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("idToken", (Object) generateToken);
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) 0);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2.toJSONString();
    }

    @PostMapping(value = {"/password/passwordLogin"}, params = {"username", "password", "appId", "deviceId"}, produces = {"application/json;charset=UTF-8"})
    public String passwordLogin(@RequestParam(name = "appId", required = true) String str, @RequestParam(name = "deviceId", required = true) String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        TokenUser tokenUser = null;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = (UsernamePasswordAuthenticationToken) authentication;
            if (usernamePasswordAuthenticationToken.isAuthenticated() && (usernamePasswordAuthenticationToken.getPrincipal() instanceof TokenUser)) {
                tokenUser = (TokenUser) usernamePasswordAuthenticationToken.getPrincipal();
            }
        }
        if (tokenUser == null) {
            throw new UsernameNotFoundException("user not found");
        }
        Map<String, String> parseRequestParamter = this.authService.parseRequestParamter(httpServletRequest);
        List<Account> accounts = tokenUser.getAccounts();
        if (accounts == null || accounts.size() <= 1) {
            Account account = accounts.get(0);
            String generateToken = this.tokenService.generateToken(str, str2, tokenUser, parseRequestParamter);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("idToken", (Object) generateToken);
            jSONObject.put("userNonActivated", (Object) account.getUserNonActivated());
            jSONObject.put("userNonCompleted", (Object) account.getUserNonCompleted());
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("code", (Object) 0);
            jSONObject2.put("data", (Object) jSONObject);
            return jSONObject2.toJSONString();
        }
        SecurityContextHolder.getContext().setAuthentication(null);
        SecurityContextHolder.clearContext();
        String buildCid = this.authService.buildCid(str, str2, accounts, parseRequestParamter);
        JSONArray convertAccounts = convertAccounts(accounts);
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put("cid", (Object) buildCid);
        jSONObject3.put("accounts", (Object) convertAccounts);
        JSONObject jSONObject4 = new JSONObject();
        jSONObject4.put("code", (Object) 100000);
        jSONObject4.put("message", (Object) "select one account from accounts");
        jSONObject4.put("data", (Object) jSONObject3);
        return jSONObject4.toJSONString();
    }

    private JSONArray convertAccounts(List<Account> list) {
        JSONArray jSONArray = new JSONArray();
        for (Account account : list) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("id", (Object) account.getId());
            jSONObject.put("username", (Object) account.getUsername());
            jSONObject.put("name", (Object) account.getName());
            jSONObject.put("identityTypeName", (Object) account.getIdentityTypeName());
            jSONObject.put("organizationName", (Object) account.getOrganizationName());
            jSONObject.put("normal", (Object) Boolean.valueOf(account.isNormal()));
            jSONArray.add(jSONObject);
        }
        return jSONArray;
    }
}
