package org.springblade.auth.service;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springblade.auth.constant.AuthConstant;
import org.springblade.auth.enums.BladeUserEnum;
import org.springblade.auth.utils.TokenUtil;
import org.springblade.core.tool.api.R;
import org.springblade.core.tool.utils.Func;
import org.springblade.core.tool.utils.StringUtil;
import org.springblade.core.tool.utils.WebUtil;
import org.springblade.system.cache.SysCache;
import org.springblade.system.entity.Role;
import org.springblade.system.entity.Tenant;
import org.springblade.system.feign.ISysClient;
import org.springblade.system.user.entity.User;
import org.springblade.system.user.entity.UserInfo;
import org.springblade.system.user.feign.IUserClient;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/springblade/auth/service/BladeUserDetailsServiceImpl.class */
public class BladeUserDetailsServiceImpl implements UserDetailsService {
    private IUserClient userClient;
    private ISysClient sysClient;

    /* renamed from: loadUserByUsername, reason: merged with bridge method [inline-methods] */
    public BladeUserDetails m4loadUserByUsername(String str) {
        HttpServletRequest request = WebUtil.getRequest();
        String header = request.getHeader(TokenUtil.TENANT_HEADER_KEY);
        String parameter = request.getParameter("tenant_id");
        String parameter2 = request.getParameter(TokenUtil.GRANT_TYPE);
        String str2 = TokenUtil.DEFAULT_AVATAR;
        if ("refresh_token".equals(parameter2)) {
            str2 = request.getParameter("singleRole");
        }
        if (StringUtil.isAllBlank(new CharSequence[]{header, parameter})) {
            throw new UserDeniedAuthorizationException(TokenUtil.TENANT_NOT_FOUND);
        }
        String str3 = StringUtils.isBlank(header) ? parameter : header;
        R tenant = this.sysClient.getTenant(str3);
        if (!tenant.isSuccess()) {
            throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT);
        }
        if (TokenUtil.judgeTenant((Tenant) tenant.getData())) {
            throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT_PERMISSION);
        }
        String str4 = Func.toStr(request.getHeader(TokenUtil.USER_TYPE_HEADER_KEY), TokenUtil.DEFAULT_USER_TYPE);
        R userInfoByMultipleAccount = str4.equals(BladeUserEnum.WEB.getName()) ? this.userClient.userInfoByMultipleAccount(str3, str) : str4.equals(BladeUserEnum.APP.getName()) ? this.userClient.userInfoByMultipleAccount(str3, str) : this.userClient.userInfo(str3, str);
        if (!userInfoByMultipleAccount.isSuccess()) {
            throw new UsernameNotFoundException(userInfoByMultipleAccount.getMsg());
        }
        UserInfo userInfo = (UserInfo) userInfoByMultipleAccount.getData();
        User user = userInfo.getUser();
        if (user == null || user.getId() == null) {
            throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
        }
        if (Func.isEmpty(userInfo.getRoles())) {
            throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_ROLE);
        }
        List roles = ((UserInfo) userInfoByMultipleAccount.getData()).getRoles();
        String roleId = user.getRoleId();
        String str5 = TokenUtil.DEFAULT_AVATAR;
        List<Role> roleByIds = SysCache.getRoleByIds(user.getRoleId());
        if (roleByIds != null) {
            for (Role role : roleByIds) {
                str5 = StringUtil.isBlank(str5) ? str5 + role.getId() + "_" + role.getRoleName() + "_" + role.getRoleAlias() : str5 + "|" + role.getId() + "_" + role.getRoleName() + "_" + role.getRoleAlias();
            }
        }
        if (StringUtil.isNotBlank(str2)) {
            if (user.getRoleId().indexOf(str2) == -1) {
                throw new UserDeniedAuthorizationException(TokenUtil.USER_SINGLE_ROLE_HAS_NO_PERMISSION);
            }
            Role role2 = SysCache.getRole(Long.valueOf(str2));
            if (role2 == null) {
                throw new UserDeniedAuthorizationException(TokenUtil.USER_SINGLE_ROLE_NOT_FOUNDD);
            }
            roles.clear();
            roles.add(role2.getRoleAlias());
            roleId = role2.getId().toString();
            str5 = roleId + "_" + role2.getRoleName();
        }
        return new BladeUserDetails(user.getId(), user.getTenantId(), user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), roleId, Func.join(roles), str5, Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR), str, AuthConstant.ENCRYPT + user.getPassword(), true, true, true, true, AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(roles)));
    }

    public BladeUserDetailsServiceImpl(IUserClient iUserClient, ISysClient iSysClient) {
        this.userClient = iUserClient;
        this.sysClient = iSysClient;
    }
}
