package com.elitescloud.cloudt.authorization.api.provider.security.handler.sso;

import com.elitescloud.cloudt.authorization.api.client.config.support.AuthenticationCallable;
import com.elitescloud.cloudt.authorization.api.provider.security.generator.ticket.TicketGenerator;
import com.elitescloud.cloudt.authorization.sdk.config.AuthorizationSdkProperties;
import com.elitescloud.cloudt.authorization.sdk.sso.TicketResolver;
import com.elitescloud.cloudt.authorization.sdk.util.AuthorizationServerHelper;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import com.elitescloud.cloudt.system.vo.SysUserDTO;
import java.io.IOException;
import java.util.Iterator;
import java.util.concurrent.CompletableFuture;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.core.Authentication;
import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/provider/security/handler/sso/SsoTicketAuthenticationCallable.class */
public class SsoTicketAuthenticationCallable implements AuthenticationCallable {
    private static final Logger a = LogManager.getLogger(SsoTicketAuthenticationCallable.class);
    private final AuthorizationSdkProperties b;
    private final TicketGenerator c;
    private final TicketResolver d;
    private final AuthorizationServerHelper e = AuthorizationServerHelper.getInstance();

    public SsoTicketAuthenticationCallable(AuthorizationSdkProperties authorizationSdkProperties, TicketGenerator ticketGenerator, TicketResolver ticketResolver) {
        this.b = authorizationSdkProperties;
        this.c = ticketGenerator;
        this.d = ticketResolver;
    }

    public void onLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Authentication authentication) throws IOException, ServletException {
        if (authentication.getPrincipal() instanceof GeneralUserDetails) {
            a(httpServletRequest, httpServletResponse, (GeneralUserDetails) authentication.getPrincipal());
        }
    }

    public void onLogout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Object obj) {
        String obtain = this.d.obtain(httpServletRequest);
        if (!StringUtils.hasText(obtain)) {
            a.info("没有单点登录ticket");
        } else {
            this.d.clear(httpServletRequest, httpServletResponse);
            CompletableFuture.runAsync(() -> {
                try {
                    this.c.remove(obtain);
                } catch (Exception e) {
                    a.error("ticket删除异常", e);
                }
                if (CollectionUtils.isEmpty(this.b.getSso().getClientAddress())) {
                    a.warn("未配置单点登录客户端，无法注销客户端");
                    return;
                }
                Iterator it = this.b.getSso().getClientAddress().iterator();
                while (it.hasNext()) {
                    try {
                        this.e.clientLogout((String) it.next(), this.b.getSso().getAuthorizeRevokeEndpoint() + "?server=true", obtain);
                    } catch (Exception e2) {
                        a.error("SSO调用客户端注销异常：", e2);
                    }
                }
            });
        }
    }

    private void a(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, GeneralUserDetails generalUserDetails) {
        String generateTicket;
        if (CollectionUtils.isEmpty(this.b.getSso().getCookieDomains())) {
            a.warn("未配置域名，无需生成单点登录ticket写入cookie");
            return;
        }
        if (this.b.getServer().booleanValue()) {
            generateTicket = this.c.generate(generalUserDetails.getUser());
        } else {
            String a2 = a(generalUserDetails);
            Assert.hasText(a2, "账号为空");
            generateTicket = this.e.generateTicket(this.b.getAuthServer(), a2, this.b.getSso().getAccountType().name());
        }
        if (!StringUtils.hasText(generateTicket)) {
            a.info("未生成ticket，用户：{}", generalUserDetails.getUsername());
        } else {
            a.info("用户{}登录，ticket：{},将写入cookie", generalUserDetails.getUsername(), generateTicket);
            this.d.save(httpServletRequest, httpServletResponse, generateTicket);
        }
    }

    private String a(GeneralUserDetails generalUserDetails) {
        SysUserDTO user = generalUserDetails.getUser();
        switch (a.a[this.b.getSso().getAccountType().ordinal()]) {
            case 1:
                return user.getId().toString();
            case 2:
                return user.getUsername();
            case 3:
                return user.getEmail();
            case 4:
                return user.getMobile();
            default:
                return user.getUsername();
        }
    }
}
