package com.elitescloud.boot.auth.provider.provider;

import com.elitescloud.boot.auth.cas.model.UserDetailExtendDTO;
import com.elitescloud.boot.auth.cas.provider.PwdStrategyTransferHelper;
import com.elitescloud.boot.auth.client.token.AbstractCustomAuthenticationToken;
import com.elitescloud.boot.auth.config.AuthorizationSdkProperties;
import com.elitescloud.boot.auth.model.Result;
import com.elitescloud.boot.auth.provider.security.AuthenticationCheckService;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:com/elitescloud/boot/auth/provider/provider/PwdExpiredTimeProvider.class */
public class PwdExpiredTimeProvider<T extends AbstractCustomAuthenticationToken<T>> implements AuthenticationCheckService<T> {
    private static final Logger log = LoggerFactory.getLogger(PwdExpiredTimeProvider.class);
    private final AuthorizationSdkProperties sdkProperties;
    private final PwdStrategyTransferHelper pwdStrategyTransferHelper;

    public PwdExpiredTimeProvider(AuthorizationSdkProperties authorizationSdkProperties, PwdStrategyTransferHelper pwdStrategyTransferHelper) {
        this.sdkProperties = authorizationSdkProperties;
        this.pwdStrategyTransferHelper = pwdStrategyTransferHelper;
    }

    @Override // com.elitescloud.boot.auth.provider.security.AuthenticationCheckService
    public void additionalAuthenticationChecks(GeneralUserDetails generalUserDetails, T t) throws AuthenticationException {
        if (Boolean.FALSE.equals(this.sdkProperties.getVerifyPwdExpiredTime())) {
            log.debug("不校验密码过期时间");
            return;
        }
        if (generalUserDetails.getUser().getPwdExpiredTime() != null) {
            return;
        }
        Long casUserId = generalUserDetails.getUser().getCasUserId();
        if (casUserId == null) {
            log.debug("统一身份认证用户ID为空，无需获取密码过期时间");
            return;
        }
        try {
            Result loginUserDetailExtend = this.pwdStrategyTransferHelper.getLoginUserDetailExtend(casUserId);
            if (Boolean.FALSE.equals(loginUserDetailExtend.getSuccess())) {
                log.error("查询密码过期时间失败：{}，{}", casUserId, loginUserDetailExtend.getMsg());
                return;
            }
            if (loginUserDetailExtend.getData() == null) {
                log.warn("在认证中心未查询到用户数据：{}", casUserId);
                return;
            }
            UserDetailExtendDTO data = loginUserDetailExtend.getData();
            if (data.getNeedReset() != null) {
                generalUserDetails.getUser().setNeedReset(data.getNeedReset());
            }
            generalUserDetails.getUser().setPwdExpiredTime(data.getPwdExpiredTime());
        } catch (Exception e) {
            log.error("查询账号密码过期时间异常：{}", casUserId, e);
        }
    }
}
