package org.springblade.auth.service;

import java.time.Duration;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.springblade.auth.constant.AuthConstant;
import org.springblade.auth.utils.TokenUtil;
import org.springblade.common.cache.CacheNames;
import org.springblade.core.redis.cache.BladeRedis;
import org.springblade.core.tool.api.R;
import org.springblade.core.tool.utils.DigestUtil;
import org.springblade.core.tool.utils.Func;
import org.springblade.core.tool.utils.StringUtil;
import org.springblade.core.tool.utils.WebUtil;
import org.springblade.system.cache.ParamCache;
import org.springblade.system.cache.SysCache;
import org.springblade.system.entity.Role;
import org.springblade.system.entity.Tenant;
import org.springblade.system.feign.ISysClient;
import org.springblade.system.user.entity.User;
import org.springblade.system.user.entity.UserInfo;
import org.springblade.system.user.enums.UserEnum;
import org.springblade.system.user.feign.IUserClient;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/springblade/auth/service/BladeUserDetailsServiceImpl.class */
public class BladeUserDetailsServiceImpl implements UserDetailsService {
    public static final Integer FAIL_COUNT = 5;
    public static final String FAIL_COUNT_VALUE = "account.failCount";
    private final IUserClient userClient;
    private final ISysClient sysClient;
    private final BladeRedis bladeRedis;

    /* renamed from: loadUserByUsername, reason: merged with bridge method [inline-methods] */
    public BladeUserDetails m5loadUserByUsername(String str) {
        HttpServletRequest request = WebUtil.getRequest();
        String header = request.getHeader(TokenUtil.TENANT_HEADER_KEY);
        String parameter = request.getParameter("tenant_id");
        String parameter2 = request.getParameter(TokenUtil.PASSWORD_KEY);
        String parameter3 = request.getParameter("grant_type");
        String str2 = TokenUtil.DEFAULT_AVATAR;
        if (TokenUtil.REFRESH_TOKEN_KEY.equals(parameter3)) {
            str2 = request.getParameter("singleRole");
        }
        if (StringUtil.isAllBlank(new CharSequence[]{header, parameter})) {
            throw new UserDeniedAuthorizationException(TokenUtil.TENANT_NOT_FOUND);
        }
        String str3 = StringUtils.isBlank(header) ? parameter : header;
        int failCount = getFailCount(str3, str);
        if (failCount >= Func.toInt(ParamCache.getValue(FAIL_COUNT_VALUE), FAIL_COUNT.intValue())) {
            throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
        }
        R tenant = this.sysClient.getTenant(str3);
        if (!tenant.isSuccess()) {
            throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT);
        }
        if (TokenUtil.judgeTenant((Tenant) tenant.getData())) {
            throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_TENANT_PERMISSION);
        }
        String str4 = Func.toStr(request.getHeader(TokenUtil.USER_TYPE_HEADER_KEY), TokenUtil.DEFAULT_USER_TYPE);
        R userInfo = str4.equals(UserEnum.WEB.getName()) ? this.userClient.userInfo(str3, str, UserEnum.WEB.getName()) : str4.equals(UserEnum.APP.getName()) ? this.userClient.userInfo(str3, str, UserEnum.APP.getName()) : this.userClient.userInfo(str3, str, UserEnum.OTHER.getName());
        if (!userInfo.isSuccess()) {
            throw new UsernameNotFoundException(userInfo.getMsg());
        }
        UserInfo userInfo2 = (UserInfo) userInfo.getData();
        User user = userInfo2.getUser();
        if (user == null || user.getId() == null) {
            setFailCount(str3, str, failCount);
            throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
        }
        if (parameter3 != null && !parameter3.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(DigestUtil.encrypt(parameter2))) {
            setFailCount(str3, str, failCount);
            throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
        }
        if (parameter3 == null && !user.getPassword().equals(DigestUtil.encrypt(parameter2))) {
            setFailCount(str3, str, failCount);
            throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
        }
        if (Func.isEmpty(userInfo2.getRoles())) {
            throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_NO_ROLE);
        }
        List roles = ((UserInfo) userInfo.getData()).getRoles();
        String roleId = user.getRoleId();
        String str5 = TokenUtil.DEFAULT_AVATAR;
        List<Role> roleByIds = SysCache.getRoleByIds(user.getRoleId());
        if (roleByIds != null) {
            for (Role role : roleByIds) {
                str5 = StringUtil.isBlank(str5) ? str5 + role.getId() + "," + role.getRoleName() + "," + role.getRoleAlias() : str5 + "|" + role.getId() + "," + role.getRoleName() + "," + role.getRoleAlias();
            }
        }
        if (StringUtil.isNotBlank(str2)) {
            if (user.getRoleId().indexOf(str2) == -1) {
                throw new UserDeniedAuthorizationException(TokenUtil.USER_SINGLE_ROLE_HAS_NO_PERMISSION);
            }
            Role role2 = SysCache.getRole(Long.valueOf(str2));
            if (role2 == null) {
                throw new UserDeniedAuthorizationException(TokenUtil.USER_SINGLE_ROLE_NOT_FOUNDD);
            }
            roles.clear();
            roles.add(role2.getRoleAlias());
            roleId = role2.getId().toString();
            str5 = roleId + "," + role2.getRoleName() + "," + role2.getRoleAlias();
        }
        delFailCount(str3, str);
        return new BladeUserDetails(user.getId(), user.getTenantId(), TokenUtil.DEFAULT_AVATAR, user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), roleId, Func.join(roles), str5, Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR), str, AuthConstant.ENCRYPT + user.getPassword(), userInfo2.getDetail(), true, true, true, true, AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(roles)));
    }

    private int getFailCount(String str, String str2) {
        return Func.toInt(this.bladeRedis.get(CacheNames.tenantKey(str, "blade:user::blade:fail:", str2)), 0);
    }

    private void setFailCount(String str, String str2, int i) {
        this.bladeRedis.setEx(CacheNames.tenantKey(str, "blade:user::blade:fail:", str2), Integer.valueOf(i + 1), Duration.ofMinutes(10L));
    }

    private void delFailCount(String str, String str2) {
        this.bladeRedis.del(CacheNames.tenantKey(str, "blade:user::blade:fail:", str2));
    }

    public BladeUserDetailsServiceImpl(IUserClient iUserClient, ISysClient iSysClient, BladeRedis bladeRedis) {
        this.userClient = iUserClient;
        this.sysClient = iSysClient;
        this.bladeRedis = bladeRedis;
    }
}
