package com.elitescloud.cloudt.tims.sso;

import cn.hutool.core.text.CharSequenceUtil;
import com.elitescloud.cloudt.authorization.sdk.util.ObjectMapperFactory;
import com.elitescloud.cloudt.authorization.sdk.util.RestTemplateFactory;
import com.elitescloud.cloudt.common.exception.BusinessException;
import com.elitescloud.cloudt.tims.sso.common.TimsSsoConstant;
import com.elitescloud.cloudt.tims.sso.params.TimsSsoLoginDTO;
import com.elitescloud.cloudt.tims.sso.params.TimsSsoResetPwdDTO;
import com.elitescloud.cloudt.tims.sso.params.TimsSsoResult;
import com.elitescloud.cloudt.tims.sso.params.TimsSsoUserDTO;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.net.URI;
import java.util.Objects;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:com/elitescloud/cloudt/tims/sso/SsoSdkClient.class */
public class SsoSdkClient {
    private static final Logger log = LoggerFactory.getLogger(SsoSdkClient.class);
    private TimsSsoProperties ssoProperties;
    private final RestTemplate restTemplate = RestTemplateFactory.instance();
    private final ObjectMapper objectMapper = ObjectMapperFactory.instance();
    private static SsoSdkClient instance;

    public static SsoSdkClient getInstance() {
        if (instance == null) {
            synchronized (SsoSdkClient.class) {
                if (instance != null) {
                    return instance;
                }
                instance = new SsoSdkClient();
            }
        }
        return instance;
    }

    private SsoSdkClient() {
    }

    public String addUser(@NotNull TimsSsoUserDTO timsSsoUserDTO) {
        checkUser(timsSsoUserDTO);
        if (log.isDebugEnabled()) {
            log.debug("[SSO]同步用户信息：{}", obj2json(timsSsoUserDTO));
        }
        TimsSsoResult timsSsoResult = (TimsSsoResult) exchange(TimsSsoConstant.URI_USER_ADD, HttpMethod.POST, new HttpEntity<>(timsSsoUserDTO), new ParameterizedTypeReference<TimsSsoResult>() { // from class: com.elitescloud.cloudt.tims.sso.SsoSdkClient.1
        }, new String[0]);
        log.info("[SSO]同步用户信息结果：{}", timsSsoResult);
        if (Objects.equals(timsSsoResult.getCode(), Integer.valueOf(TimsSsoConstant.CODE_USER_NO_EXIST))) {
            throw new BusinessException("创建失败：该员工编码在SSO中不存在");
        }
        return timsSsoResult.getDataSafely(num -> {
            if (num.intValue() == 422) {
                return "向SSO同步账号信息失败" + ":" + (StringUtils.hasText(timsSsoUserDTO.getPhonenumber()) ? "手机号已存在" : "账号已存在");
            }
            return "向SSO同步账号信息失败";
        });
    }

    public String tokenByLogin(@NotNull TimsSsoLoginDTO timsSsoLoginDTO) {
        Assert.hasText(timsSsoLoginDTO.getUsername(), "用户名为空");
        Assert.hasText(timsSsoLoginDTO.getPassword(), "密码为空");
        timsSsoLoginDTO.setBrandCode(this.ssoProperties.getBrandCode());
        if (log.isDebugEnabled()) {
            log.debug("[SSO]用户登录信息：{}", obj2json(timsSsoLoginDTO));
        }
        TimsSsoResult timsSsoResult = (TimsSsoResult) exchange(TimsSsoConstant.URI_USER_TOKEN_LOGIN, HttpMethod.POST, new HttpEntity<>(timsSsoLoginDTO), new ParameterizedTypeReference<TimsSsoResult>() { // from class: com.elitescloud.cloudt.tims.sso.SsoSdkClient.2
        }, new String[0]);
        log.info("[SSO]用户登录结果：{}", timsSsoResult);
        if (Objects.equals(timsSsoResult.getCode(), Integer.valueOf(TimsSsoConstant.CODE_NO_PERMISSION))) {
            log.warn("不支持的账号类型，账号：{}", timsSsoLoginDTO.getUsername());
            return null;
        }
        String dataSafely = timsSsoResult.getDataSafely(num -> {
            return num.intValue() == 401 ? "账号或密码错误" : "SSO认证失败";
        });
        if (CharSequenceUtil.startWithIgnoreCase(dataSafely, TimsSsoConstant.TOKEN_TYPE)) {
            dataSafely = dataSafely.substring(TimsSsoConstant.TOKEN_TYPE.length());
        }
        return dataSafely.trim();
    }

    public boolean tokenByRenew(@NotBlank String str) {
        Assert.hasText(str, "token为空");
        if (!CharSequenceUtil.startWithIgnoreCase(str, TimsSsoConstant.TOKEN_TYPE)) {
            str = "Bearer " + str;
        }
        log.info("[SSO]token续期：{}", str);
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Authorization", str);
        TimsSsoResult timsSsoResult = (TimsSsoResult) exchange(TimsSsoConstant.URI_USER_TOKEN_RENEW, HttpMethod.GET, new HttpEntity<>(httpHeaders), new ParameterizedTypeReference<TimsSsoResult>() { // from class: com.elitescloud.cloudt.tims.sso.SsoSdkClient.3
        }, new String[0]);
        log.info("[SSO]token续期结果：{}", timsSsoResult);
        return timsSsoResult.isSuccess();
    }

    public boolean resetPassword(@NotNull TimsSsoResetPwdDTO timsSsoResetPwdDTO) {
        checkRestPwd(timsSsoResetPwdDTO);
        if (log.isDebugEnabled()) {
            log.debug("[SSO]重置密码信息：{}", obj2json(timsSsoResetPwdDTO));
        }
        TimsSsoResult timsSsoResult = (TimsSsoResult) exchange(TimsSsoConstant.URI_USER_PASSWORD_RESET, HttpMethod.PUT, new HttpEntity<>(timsSsoResetPwdDTO), new ParameterizedTypeReference<TimsSsoResult>() { // from class: com.elitescloud.cloudt.tims.sso.SsoSdkClient.4
        }, new String[0]);
        log.info("[SSO]重置密码结果：{}", timsSsoResult);
        return timsSsoResult.isSuccess();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSsoProperties(TimsSsoProperties timsSsoProperties) {
        instance.ssoProperties = timsSsoProperties;
        Assert.hasText(timsSsoProperties.getServerAddr(), "SSO服务的地址未配置");
        Assert.hasText(timsSsoProperties.getBrandCode(), "SSO的品牌编号未配置");
    }

    private void checkUser(TimsSsoUserDTO timsSsoUserDTO) {
        Assert.notNull(timsSsoUserDTO, "用户信息为空");
        Assert.hasText(timsSsoUserDTO.getUserType(), "用户类型为空");
        if (TimsSsoConstant.USER_TYPE_HEADQUARTERS.equals(timsSsoUserDTO.getUserType())) {
            Assert.hasText(timsSsoUserDTO.getEmployeeCode(), "员工号为空");
        } else {
            if (!TimsSsoConstant.USER_TYPE_PARTNER.equals(timsSsoUserDTO.getUserType())) {
                throw new IllegalArgumentException("不支持的账号类型：" + timsSsoUserDTO.getUserType());
            }
            Assert.hasText(timsSsoUserDTO.getPhonenumber(), "手机号为空");
            Assert.hasText(timsSsoUserDTO.getUsername(), "用户名为空");
        }
        Assert.hasText(timsSsoUserDTO.getPassword(), "向SSO同步账号时密码不能为空");
        timsSsoUserDTO.setBrandCode(this.ssoProperties.getBrandCode());
    }

    private void checkRestPwd(TimsSsoResetPwdDTO timsSsoResetPwdDTO) {
        Assert.notNull(timsSsoResetPwdDTO, "重置密码信息为空");
        Assert.hasText(timsSsoResetPwdDTO.getUserType(), "用户类型为空");
        if (!CharSequenceUtil.equalsAny(timsSsoResetPwdDTO.getUserType(), new CharSequence[]{TimsSsoConstant.USER_TYPE_HEADQUARTERS, TimsSsoConstant.USER_TYPE_PARTNER})) {
            throw new IllegalArgumentException("不支持的账号类型：" + timsSsoResetPwdDTO.getUserType());
        }
        Assert.hasText(timsSsoResetPwdDTO.getUsername(), "用户名为空");
        Assert.hasText(timsSsoResetPwdDTO.getOldPassword(), "旧密码为空");
        Assert.hasText(timsSsoResetPwdDTO.getNewPassword(), "新密码为空");
        timsSsoResetPwdDTO.setBrandCode(this.ssoProperties.getBrandCode());
    }

    private <T> T exchange(@NotNull String str, @NotNull HttpMethod httpMethod, HttpEntity<?> httpEntity, ParameterizedTypeReference<T> parameterizedTypeReference, String... strArr) {
        Assert.notNull(this.ssoProperties, "SSO配置尚未初始化");
        String uri = buildURI(str, strArr).toString();
        try {
            ResponseEntity exchange = this.restTemplate.exchange(uri, httpMethod, httpEntity, parameterizedTypeReference, new Object[0]);
            if (exchange.getStatusCode() != HttpStatus.OK) {
                log.error("[SSO]调用接口失败：{}, {}", uri, exchange);
                throw new BusinessException("调用SSO服务失败：" + exchange.getStatusCodeValue());
            }
            log.info("[SSO]接口{}调用成功", uri);
            return (T) exchange.getBody();
        } catch (Throwable th) {
            log.error("[SSO]{}调用失败：", uri, th);
            throw new IllegalStateException("远程服务器异常", th);
        }
    }

    private String obj2json(Object obj) {
        if (obj == null) {
            return null;
        }
        if (obj.getClass().isPrimitive()) {
            return obj.toString();
        }
        try {
            return this.objectMapper.writeValueAsString(obj);
        } catch (JsonProcessingException e) {
            throw new IllegalArgumentException("对象转json异常", e);
        }
    }

    private URI buildURI(String str, String... strArr) {
        Assert.state(StringUtils.hasText(str), "调用接口路径为空");
        Assert.state(StringUtils.hasText(this.ssoProperties.getServerAddr()), "SSO服务器地址为空");
        return UriComponentsBuilder.fromHttpUrl(this.ssoProperties.getServerAddr()).path(str).build(strArr);
    }
}
