package com.elitescloud.cloudt.authorization.api.provider.sso.impl;

import com.elitescloud.cloudt.authorization.api.client.common.AuthorizationException;
import com.elitescloud.cloudt.authorization.api.client.config.security.handler.DelegateAuthenticationCallable;
import com.elitescloud.cloudt.authorization.api.client.config.security.resolver.BearerTokenResolver;
import com.elitescloud.cloudt.authorization.api.client.config.security.resolver.impl.DefaultBearerTokenResolver;
import com.elitescloud.cloudt.authorization.api.client.config.support.AuthenticationCache;
import com.elitescloud.cloudt.authorization.api.client.tool.RedisHelper;
import com.elitescloud.cloudt.authorization.api.provider.provider.user.UserDetailManager;
import com.elitescloud.cloudt.authorization.api.provider.security.generator.token.TokenGenerator;
import com.elitescloud.cloudt.authorization.sdk.config.AuthorizationSdkProperties;
import com.elitescloud.cloudt.authorization.sdk.model.OAuthToken;
import com.elitescloud.cloudt.authorization.sdk.sso.SsoProvider;
import com.elitescloud.cloudt.authorization.sdk.sso.common.SsoAccountType;
import com.elitescloud.cloudt.authorization.sdk.sso.common.TicketAuthentication;
import com.elitescloud.cloudt.authorization.sdk.sso.model.UserInfoDTO;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import java.util.Collections;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/provider/sso/impl/CloudtSsoProviderImpl.class */
public class CloudtSsoProviderImpl implements SsoProvider {
    private static final Logger log = LogManager.getLogger(CloudtSsoProviderImpl.class);
    private final TokenGenerator tokenGenerator;
    private final AuthenticationCache authenticationCache;
    private final UserDetailManager userDetailManager;
    private final RedisHelper redisHelper;
    private BearerTokenResolver bearerTokenResolver = new DefaultBearerTokenResolver();
    private AuthorizationSdkProperties sdkProperties;
    private DelegateAuthenticationCallable authenticationCallable;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.elitescloud.cloudt.authorization.api.provider.sso.impl.CloudtSsoProviderImpl$1, reason: invalid class name */
    /* loaded from: input_file:com/elitescloud/cloudt/authorization/api/provider/sso/impl/CloudtSsoProviderImpl$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$elitescloud$cloudt$authorization$sdk$sso$common$SsoAccountType = new int[SsoAccountType.values().length];

        static {
            try {
                $SwitchMap$com$elitescloud$cloudt$authorization$sdk$sso$common$SsoAccountType[SsoAccountType.USER_ID.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$elitescloud$cloudt$authorization$sdk$sso$common$SsoAccountType[SsoAccountType.USER_NAME.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$elitescloud$cloudt$authorization$sdk$sso$common$SsoAccountType[SsoAccountType.MOBILE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$elitescloud$cloudt$authorization$sdk$sso$common$SsoAccountType[SsoAccountType.EMAIL.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public CloudtSsoProviderImpl(TokenGenerator tokenGenerator, AuthenticationCache authenticationCache, UserDetailManager userDetailManager, RedisHelper redisHelper) {
        this.tokenGenerator = tokenGenerator;
        this.authenticationCache = authenticationCache;
        this.userDetailManager = userDetailManager;
        this.redisHelper = redisHelper;
    }

    public boolean isAuthenticated(HttpServletRequest httpServletRequest) {
        return this.authenticationCache.getUserDetail(this.bearerTokenResolver.resolve(httpServletRequest)) != null;
    }

    public TicketAuthentication authentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, TicketAuthentication ticketAuthentication) throws AuthenticationException {
        Authentication validateAuthentication = validateAuthentication(ticketAuthentication);
        OAuthToken generate = this.tokenGenerator.generate(validateAuthentication);
        validateAuthentication.setToken(generate);
        try {
            this.redisHelper.execute(redisUtils -> {
                redisUtils.set("cloudt:token:sso:" + ticketAuthentication.getTicket(), generate.getAccessToken());
                return null;
            });
            this.authenticationCallable.onLogin(httpServletRequest, httpServletResponse, generate.getAccessToken(), validateAuthentication);
            return validateAuthentication;
        } catch (Exception e) {
            log.error("单点登录保存token与ticket关联失败", e);
            throw new IllegalStateException("生成token失败", e);
        }
    }

    public void clearToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        try {
            String str2 = (String) this.redisHelper.execute(redisUtils -> {
                return redisUtils.get("cloudt:token:sso:" + str);
            });
            if (StringUtils.hasText(str2)) {
                try {
                    this.redisHelper.execute(redisUtils2 -> {
                        redisUtils2.del(new String[]{"cloudt:token:sso:" + str});
                        return null;
                    });
                } catch (Exception e) {
                    log.error("单点登录获取token与ticket关联失败", e);
                }
                try {
                    this.authenticationCache.removeUserDetail(str2);
                } catch (Exception e2) {
                    log.error("删除用户token失败", e2);
                }
            }
        } catch (Exception e3) {
            log.error("单点登录获取token与ticket关联失败", e3);
            throw new IllegalStateException("获取token失败", e3);
        }
    }

    public void setBearerTokenResolver(BearerTokenResolver bearerTokenResolver) {
        this.bearerTokenResolver = bearerTokenResolver;
    }

    public void setSdkProperties(AuthorizationSdkProperties authorizationSdkProperties) {
        this.sdkProperties = authorizationSdkProperties;
    }

    public void setAuthenticationCallable(DelegateAuthenticationCallable delegateAuthenticationCallable) {
        this.authenticationCallable = delegateAuthenticationCallable;
    }

    private TicketAuthentication validateAuthentication(TicketAuthentication ticketAuthentication) {
        SsoAccountType ssoAccountType = null;
        if (this.sdkProperties != null) {
            ssoAccountType = this.sdkProperties.getSso().getAccountType();
        }
        if (ssoAccountType == null) {
            ssoAccountType = SsoAccountType.USER_NAME;
        }
        UserInfoDTO userInfoDTO = ticketAuthentication.getUserInfoDTO();
        GeneralUserDetails generalUserDetails = null;
        switch (AnonymousClass1.$SwitchMap$com$elitescloud$cloudt$authorization$sdk$sso$common$SsoAccountType[ssoAccountType.ordinal()]) {
            case 1:
                generalUserDetails = this.userDetailManager.loadUserById(userInfoDTO.getUserId());
                break;
            case 2:
                generalUserDetails = this.userDetailManager.loadUserByUsername(userInfoDTO.getUsername());
                break;
            case 3:
                generalUserDetails = this.userDetailManager.loadUserByMobile(userInfoDTO.getMobile());
                break;
            case 4:
                generalUserDetails = this.userDetailManager.loadUserByEmail(userInfoDTO.getEmail());
                break;
        }
        if (generalUserDetails == null) {
            throw new AuthorizationException("用户不存在");
        }
        TicketAuthentication ticketAuthentication2 = new TicketAuthentication(ticketAuthentication.getTicket(), userInfoDTO, Collections.emptyList());
        ticketAuthentication2.setPrincipal(generalUserDetails);
        return ticketAuthentication2;
    }
}
