package com.supwisdom.insititute.token.server.security.webapi.controller;

import com.alibaba.fastjson.JSONObject;
import com.aliyuncs.auth.AuthConstant;
import com.supwisdom.insititute.token.server.account.domain.service.AccountService;
import com.supwisdom.insititute.token.server.config.domain.entity.cas.sa.Config;
import com.supwisdom.insititute.token.server.config.domain.service.ConfigRetriever;
import com.supwisdom.insititute.token.server.security.domain.attest.detect.Detector;
import com.supwisdom.insititute.token.server.security.domain.attest.guard.FaceVerifyGuardRemote;
import com.supwisdom.insititute.token.server.security.domain.attest.guard.FedAuthGuardRemote;
import com.supwisdom.insititute.token.server.security.domain.attest.guard.SecureEmailGuardRemote;
import com.supwisdom.insititute.token.server.security.domain.attest.guard.SecurePhoneGuardRemote;
import com.supwisdom.insititute.token.server.security.domain.mfa.state.MfaState;
import com.supwisdom.insititute.token.server.security.domain.mfa.state.MfaStateStore;
import com.supwisdom.insititute.token.server.security.domain.passwordencoder.SecurityPasswordEncoder;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller("mfaController")
/* loaded from: input_file:BOOT-INF/lib/token-server-security-web-api-1.5.5-SNAPSHOT.jar:com/supwisdom/insititute/token/server/security/webapi/controller/MfaController.class */
public class MfaController {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) MfaController.class);

    @Autowired
    private ConfigRetriever casServerSaApiConfigRetriever;

    @Autowired
    private AccountService accountService;

    @Autowired
    private SecurityPasswordEncoder securityPasswordEncoder;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    @Qualifier("usernameLoginDeviceDetector")
    private Detector usernameLoginDeviceDetector;

    @Autowired
    @Qualifier("usernameRecentDeviceDetector")
    private Detector usernameRecentDeviceDetector;

    @Autowired
    private SecureEmailGuardRemote secureEmailGuardRemote;

    @Autowired
    private SecurePhoneGuardRemote securePhoneGuardRemote;

    @Autowired
    private FedAuthGuardRemote fedAuthGuardRemote;

    @Autowired
    private FaceVerifyGuardRemote faceVerifyGuardRemote;

    @Autowired
    private MfaStateStore mfaStateStore;

    private String getConfigValue(String str, String str2) {
        Config config = this.casServerSaApiConfigRetriever.getConfigs().get(str);
        return (config == null || !StringUtils.isNotBlank(config.getConfigValue())) ? str2 : config.getConfigValue();
    }

    private Boolean getConfigValue(String str, Boolean bool) {
        Config config = this.casServerSaApiConfigRetriever.getConfigs().get(str);
        if (config == null || !StringUtils.isNotBlank(config.getConfigValue())) {
            return bool;
        }
        try {
            return Boolean.valueOf(config.getConfigValue());
        } catch (Exception e) {
            return bool;
        }
    }

    private Integer getConfigValue(String str, Integer num) {
        Config config = this.casServerSaApiConfigRetriever.getConfigs().get(str);
        if (config == null || !StringUtils.isNotBlank(config.getConfigValue())) {
            return num;
        }
        try {
            return Integer.valueOf(config.getConfigValue());
        } catch (Exception e) {
            return num;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x0174  */
    @org.springframework.web.bind.annotation.PostMapping(path = {"/mfa/detect"})
    @org.springframework.web.bind.annotation.ResponseBody
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.alibaba.fastjson.JSONObject detect(@org.springframework.web.bind.annotation.RequestParam(name = "username") java.lang.String r7, @org.springframework.web.bind.annotation.RequestParam(name = "password", required = false) java.lang.String r8, @org.springframework.web.bind.annotation.RequestParam(name = "deviceId") java.lang.String r9, javax.servlet.http.HttpServletRequest r10, javax.servlet.http.HttpServletResponse r11) {
        /*
            Method dump skipped, instructions count: 1417
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.supwisdom.insititute.token.server.security.webapi.controller.MfaController.detect(java.lang.String, java.lang.String, java.lang.String, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse):com.alibaba.fastjson.JSONObject");
    }

    @GetMapping({"/mfa/initByType/{type}"})
    @ResponseBody
    public JSONObject initByType(@PathVariable(name = "type") String str, @RequestParam(name = "state") String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        JSONObject init;
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        MfaState loadState = this.mfaStateStore.loadState(str2);
        String username = loadState.getUsername();
        String remoteIp = loadState.getRemoteIp();
        String userAgent = loadState.getUserAgent();
        String deviceId = loadState.getDeviceId();
        String str3 = null;
        String str4 = null;
        if ("secureemail".equals(str)) {
            JSONObject init2 = this.secureEmailGuardRemote.init(username, remoteIp, userAgent, deviceId, str2, null);
            if (init2 != null) {
                str3 = init2.getString("attestServerUrl");
                str4 = init2.getString("gid");
                jSONObject2.put("secureEmail", (Object) init2.getString("secureEmail"));
            }
        } else if ("securephone".equals(str)) {
            JSONObject init3 = this.securePhoneGuardRemote.init(username, remoteIp, userAgent, deviceId, str2, null);
            if (init3 != null) {
                str3 = init3.getString("attestServerUrl");
                str4 = init3.getString("gid");
                jSONObject2.put("securePhone", (Object) init3.getString("securePhone"));
            }
        } else if ("fedauth".equals(str)) {
            JSONObject init4 = this.fedAuthGuardRemote.init(username, remoteIp, userAgent, deviceId, str2, null);
            if (init4 != null) {
                str3 = init4.getString("attestServerUrl");
                str4 = init4.getString("gid");
                jSONObject2.put("fedAuth", (Object) init4.getJSONObject("fedAuth"));
            }
        } else if ("faceverify".equals(str) && (init = this.faceVerifyGuardRemote.init(username, remoteIp, userAgent, deviceId, str2, null)) != null) {
            str3 = init.getString("attestServerUrl");
            str4 = init.getString("gid");
        }
        if (StringUtils.isBlank(str4)) {
            jSONObject.put("code", (Object) (-1));
            jSONObject.put("error", (Object) "not support");
        } else {
            loadState.setType(str);
            loadState.setGid(str4);
            this.mfaStateStore.renewState(str2, loadState, Long.valueOf(AuthConstant.TSC_VALID_TIME_SECONDS));
            log.debug("renew stateData {} to redis with stateKey {}", loadState, str2);
            jSONObject2.put("attestServerUrl", (Object) str3);
            jSONObject2.put("gid", (Object) str4);
            jSONObject.put("code", (Object) 0);
            jSONObject.put("data", (Object) jSONObject2);
        }
        return jSONObject;
    }
}
