package com.elitescloud.boot.auth.provider.security.grant.wecom;

import cn.hutool.core.text.CharSequenceUtil;
import com.elitescloud.boot.auth.client.common.AuthorizationException;
import com.elitescloud.boot.auth.provider.common.LoginAccountType;
import com.elitescloud.boot.auth.provider.provider.wecom.WecomTemplate;
import com.elitescloud.boot.auth.provider.provider.wecom.param.login.Code2UserInfoResult;
import com.elitescloud.boot.auth.provider.provider.wecom.param.login.Ticket2UserDetailResult;
import com.elitescloud.boot.auth.provider.security.grant.AbstractCustomAuthenticationProvider;
import com.elitescloud.boot.auth.provider.security.jackson.mixin.grant.MixinWecomAuthenticationToken;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.AuthenticationException;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/boot/auth/provider/security/grant/wecom/WecomAuthenticationProvider.class */
public class WecomAuthenticationProvider extends AbstractCustomAuthenticationProvider<WecomAuthenticationToken> {
    private static final Logger log = LogManager.getLogger(WecomAuthenticationProvider.class);

    @Autowired
    private WecomTemplate wecomTemplate;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.elitescloud.boot.auth.provider.security.grant.AbstractCustomAuthenticationProvider
    public GeneralUserDetails retrieveUser(WecomAuthenticationToken wecomAuthenticationToken) throws AuthenticationException {
        String str = (String) wecomAuthenticationToken.getPrincipal();
        if (!StringUtils.hasText(str)) {
            throw new AuthorizationException("appId为空");
        }
        LoginAccountType accountType = wecomAuthenticationToken.getAccountType();
        if (accountType == null) {
            throw new AuthorizationException("账号类型为空");
        }
        String agentId = wecomAuthenticationToken.getAgentId();
        if (!StringUtils.hasText(agentId)) {
            throw new AuthorizationException("应用ID为空");
        }
        String str2 = (String) wecomAuthenticationToken.getCredentials();
        if (!StringUtils.hasText(str2)) {
            throw new AuthorizationException("授权码code为空");
        }
        Code2UserInfoResult code2UserInfo = this.wecomTemplate.code2UserInfo(str, agentId, str2);
        if (!code2UserInfo.isSuccess()) {
            throw new AuthorizationException(String.format("调用企业微信服务器认证失败[%s,%s]", code2UserInfo.getErrcode(), code2UserInfo.getErrmsg()));
        }
        if (accountType == LoginAccountType.ID || accountType == LoginAccountType.USERNAME) {
            String userid = code2UserInfo.getUserid();
            if (CharSequenceUtil.isBlank(userid)) {
                throw new AuthorizationException("企业微信认证失败");
            }
            return accountType == LoginAccountType.ID ? this.userDetailManager.loadUserById(userid) : this.userDetailManager.loadUserByUsername(userid);
        }
        if (!StringUtils.hasText(code2UserInfo.getUser_ticket())) {
            throw new AuthorizationException("用户票据为空，请确认已授权手机号或邮箱");
        }
        Ticket2UserDetailResult userByTicket = this.wecomTemplate.getUserByTicket(str, agentId, code2UserInfo.getUser_ticket());
        if (!userByTicket.isSuccess()) {
            throw new AuthorizationException(String.format("调用企业微信服务器认证失败[%s,%s]", code2UserInfo.getErrcode(), code2UserInfo.getErrmsg()));
        }
        if (accountType == LoginAccountType.MOBILE) {
            if (StringUtils.hasText(userByTicket.getMobile())) {
                return this.userDetailManager.loadUserByMobile(userByTicket.getMobile());
            }
            throw new AuthorizationException("获取企微中的手机号失败");
        }
        if (accountType != LoginAccountType.EMAIL) {
            throw new AuthorizationException("暂不支持的账号类型" + String.valueOf(accountType));
        }
        String blankToDefault = CharSequenceUtil.blankToDefault(userByTicket.getBiz_mail(), userByTicket.getEmail());
        if (StringUtils.hasText(blankToDefault)) {
            return this.userDetailManager.loadUserByEmail(blankToDefault);
        }
        throw new AuthorizationException("获取企微中的邮箱失败");
    }

    @Override // com.elitescloud.boot.auth.provider.security.grant.AbstractCustomAuthenticationProvider
    public Class<WecomAuthenticationToken> getAuthenticationTokenType() {
        return WecomAuthenticationToken.class;
    }

    @Override // com.elitescloud.boot.auth.provider.security.grant.AbstractCustomAuthenticationProvider
    public Class<?> getMixinAuthenticationTokenType() {
        return MixinWecomAuthenticationToken.class;
    }
}
