package com.newcapec.integrating.sso.shuweicas.controller;

import cn.hutool.core.date.DateUtil;
import cn.hutool.core.lang.UUID;
import cn.hutool.core.util.RandomUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.json.JSONObject;
import com.newcapec.integrating.sso.shuweicas.utils.CasUtils;
import com.newcapec.integrating.sso.shuweicas.utils.LoginUser;
import com.newcapec.thirdpart.utils.ConfigNewUtils;
import com.newcapec.thirdpart.utils.GetSysUserAcessToken;
import com.newcapec.thirdpart.utils.PoaUtils;
import com.newcapec.wechat.mp.service.IWxUserService;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springblade.core.log.annotation.ApiLog;
import org.springblade.core.redis.cache.BladeRedis;
import org.springblade.core.secure.TokenInfo;
import org.springblade.system.cache.SysCache;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;

@RequestMapping({"/v1/openApi/sso"})
@RefreshScope
@Controller
/* loaded from: input_file:com/newcapec/integrating/sso/shuweicas/controller/CasController.class */
public class CasController {
    private static final Logger log = LoggerFactory.getLogger(CasController.class);

    @Value("${poa.client.id}")
    private String poaClientId;

    @Value("${poa.client.secret}")
    private String poaClientSecret;

    @Value("${poa.client.scopes}")
    private String poaClientScopes;

    @Value("${poa.server.url}")
    private String poaServerUrl;

    @Autowired
    private BladeRedis redisCache;

    @Autowired
    private IWxUserService wxUserService;

    @ApiLog("sso单点登陆")
    @GetMapping({"/login"})
    public void ssoLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String valueByCodeAndKey = ConfigNewUtils.getValueByCodeAndKey("swCas", "cas_url");
        String valueByCodeAndKey2 = ConfigNewUtils.getValueByCodeAndKey("swCas", "school_code");
        if (StrUtil.isBlank(valueByCodeAndKey)) {
            throw new Exception("请检查第三方配置--树维cas 是否开启");
        }
        String parameter = httpServletRequest.getParameter("openId");
        String parameter2 = httpServletRequest.getParameter("appId");
        String str = "&openId=" + parameter + "&appId" + parameter2;
        boolean z = false;
        if (!StrUtil.hasBlank(new CharSequence[]{parameter, parameter2})) {
            z = true;
        }
        String str2 = valueByCodeAndKey + "/serviceValidate";
        String str3 = valueByCodeAndKey + "/login";
        String str4 = valueByCodeAndKey + "/logout";
        try {
            if (CasUtils.hasTicket(httpServletRequest)) {
                String targetUrl = CasUtils.getTargetUrl(httpServletRequest);
                log.info("targetUrl=========" + targetUrl);
                LoginUser loginUser = CasUtils.getLoginUser(httpServletRequest, str2);
                log.info("loginUser==========" + loginUser.toString());
                HttpSession session = httpServletRequest.getSession();
                if (loginUser.isLogin()) {
                    CasUtils.login(loginUser, session);
                    String str5 = "security" + UUID.randomUUID().toString().replaceAll("-", "") + RandomUtil.randomNumber();
                    this.redisCache.setEx(str5, loginUser.getAccount(), 60L);
                    String str6 = "";
                    String valueByCodeAndKey3 = ConfigNewUtils.getValueByCodeAndKey("swCas", "use_poa_token");
                    if (valueByCodeAndKey3 == null || !"true".equalsIgnoreCase(valueByCodeAndKey3)) {
                        str6 = GetSysUserAcessToken.getTokenInfo(loginUser.getAccount()).getToken();
                    } else {
                        JSONObject poaIdToken = PoaUtils.getPoaIdToken(loginUser.getAccount(), this.poaServerUrl, this.poaClientId, this.poaClientSecret, this.poaClientScopes);
                        if (poaIdToken == null) {
                            log.info("获取POA id token失败，请联系管理员");
                        } else {
                            str6 = poaIdToken.getJSONObject("data").getStr("idToken");
                            if (str6 == null || str6.isEmpty()) {
                                log.info("获取POA id token失败，请联系管理员");
                            }
                        }
                    }
                    String str7 = targetUrl.contains("?") ? targetUrl + str6 + "&t=" + DateUtil.currentSeconds() : targetUrl + "?t=" + DateUtil.currentSeconds() + "&token=" + str6;
                    if (z) {
                        log.info("appId={},openId={},account={}", new Object[]{parameter2, parameter, loginUser.getAccount()});
                        log.info("绑定" + (this.wxUserService.bind(parameter2, parameter, loginUser.getAccount()) ? "成功" : "失败"));
                    }
                    log.info("转发的Url=======" + str7);
                    httpServletResponse.sendRedirect(str7 + "&security=" + str5 + "&schoolCode=" + valueByCodeAndKey2);
                } else {
                    log.info("用户未登录，或者票据无效，登出");
                    String logoutUrl = CasUtils.getLogoutUrl(httpServletRequest, str4);
                    if (z) {
                        logoutUrl = logoutUrl + str;
                    }
                    httpServletResponse.sendRedirect(logoutUrl);
                }
            } else {
                log.info("请求地址未携带票据 ");
                String loginUrl = CasUtils.getLoginUrl(httpServletRequest, str3);
                if (z) {
                    loginUrl = loginUrl + str;
                }
                httpServletResponse.sendRedirect(loginUrl);
            }
        } catch (Exception e) {
            e.printStackTrace();
            log.error("单点登陆失败，错误信息={}", e.toString());
        }
    }

    @ApiLog("sso单点登陆App首页")
    @GetMapping({"/ssoLoginApp"})
    public void ssoLoginApp(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String valueByCodeAndKey = ConfigNewUtils.getValueByCodeAndKey("swCas", "cas_url");
        String valueByCodeAndKey2 = ConfigNewUtils.getValueByCodeAndKey("swCas", "service_type");
        String valueByCodeAndKey3 = ConfigNewUtils.getValueByCodeAndKey("swCas", "school_code");
        if (StrUtil.isBlank(valueByCodeAndKey)) {
            throw new Exception("请检查第三方配置--树维cas 是否开启");
        }
        String parameter = httpServletRequest.getParameter("openId");
        String parameter2 = httpServletRequest.getParameter("appId");
        String str = "&openId=" + parameter + "&appId" + parameter2;
        boolean z = false;
        if (!StrUtil.hasBlank(new CharSequence[]{parameter, parameter2})) {
            z = true;
        }
        String str2 = valueByCodeAndKey + "/serviceValidate";
        String str3 = valueByCodeAndKey + "/login";
        String str4 = valueByCodeAndKey + "/logout";
        try {
            if (CasUtils.hasTicket(httpServletRequest)) {
                LoginUser loginUserApp = CasUtils.getLoginUserApp(httpServletRequest, str2);
                log.info("getLoginUserApp  = " + loginUserApp.toString());
                HttpSession session = httpServletRequest.getSession();
                if (loginUserApp.isLogin()) {
                    CasUtils.login(loginUserApp, session);
                    this.redisCache.setEx("security" + UUID.randomUUID().toString().replaceAll("-", "") + RandomUtil.randomNumber(), loginUserApp.getAccount(), 60L);
                    TokenInfo tokenInfo = GetSysUserAcessToken.getTokenInfo(loginUserApp.getAccount());
                    String paramByKey = SysCache.getParamByKey("APP_ADDR");
                    if (paramByKey == null || paramByKey.isEmpty()) {
                        throw new Exception("业务参数设置-移动端地址，参数不能为空");
                    }
                    String str5 = paramByKey.substring(0, paramByKey.indexOf("#")) + "/#/pages/general/home/home?";
                    if (StrUtil.isNotBlank(valueByCodeAndKey2)) {
                        str5 = str5 + "service=" + valueByCodeAndKey2 + "&";
                    }
                    String str6 = str5 + "auth=" + tokenInfo.getToken() + "&schoolCode=" + valueByCodeAndKey3;
                    log.info("appUrl = " + str6);
                    httpServletResponse.sendRedirect(str6);
                } else {
                    log.info("请求地址未携带票据 ");
                    String str7 = str3 + "?service=" + CasUtils.getBasePath(httpServletRequest) + "v1/openApi/sso/ssoLoginApp";
                    log.info("sendRedirect loginUrl = " + str7);
                    if (z) {
                        str7 = str7 + str;
                    }
                    httpServletResponse.sendRedirect(str7);
                }
            } else {
                log.info("请求地址未携带票据 ");
                String str8 = str3 + "?service=" + CasUtils.getBasePath(httpServletRequest) + "v1/openApi/sso/ssoLoginApp";
                log.info("sendRedirect loginUrl = " + str8);
                if (z) {
                    str8 = str8 + str;
                }
                httpServletResponse.sendRedirect(str8);
            }
        } catch (Exception e) {
            e.printStackTrace();
            log.error("单点登陆失败，错误信息={}", e.toString());
        }
    }

    @ApiLog("sso单点登陆，准备跳转vue登陆页面")
    @GetMapping({"/redirectUrl"})
    public String redirectUrl(String str) {
        String valueByCodeAndKey = ConfigNewUtils.getValueByCodeAndKey("swCas", "saber_cas_login_url");
        if (StrUtil.hasBlank(new CharSequence[]{str}) || !this.redisCache.exists(str).booleanValue()) {
            log.info("非法请求直接跳转到-管理端单点登录页面，不带参数 url = {}", valueByCodeAndKey);
            return "redirect:" + valueByCodeAndKey;
        }
        String str2 = this.redisCache.get(str) + "";
        this.redisCache.del(str);
        String str3 = "sso" + UUID.randomUUID().toString().replaceAll("-", "") + RandomUtil.randomNumber();
        this.redisCache.setEx(str3, str2, 60L);
        log.info("跳转后端vue 单点登录页面url={}", valueByCodeAndKey + "?key=" + str3);
        return "redirect:" + valueByCodeAndKey + "?key=" + str3;
    }

    @GetMapping({"/logout"})
    @ApiLog("树维cas单点登出")
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String valueByCodeAndKey = ConfigNewUtils.getValueByCodeAndKey("swCas", "cas_url");
        if (StrUtil.isBlank(valueByCodeAndKey)) {
            throw new Exception("请检查第三方配置--树维cas 是否开启");
        }
        httpServletResponse.sendRedirect(CasUtils.getLogoutUrl(httpServletRequest, valueByCodeAndKey + "/logout"));
    }
}
