package com.xforceplus.security.login.filter.impl;

import com.xforceplus.entity.Account;
import com.xforceplus.entity.User;
import com.xforceplus.security.login.context.LoginContext;
import com.xforceplus.security.login.filter.GenerateTokenFilter;
import com.xforceplus.security.login.filter.PostLoginSuccessFilter;
import com.xforceplus.security.login.request.LoginRequest;
import com.xforceplus.security.login.service.TenantSecretService;
import com.xforceplus.security.strategy.model.GenerateTokenStrategy;
import com.xforceplus.security.strategy.model.Strategy;
import com.xforceplus.tenant.security.token.encoder.JwtEncoder;
import io.geewit.utils.uuid.UUID;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import org.apache.commons.codec.digest.Md5Crypt;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.data.redis.core.StringRedisTemplate;

/* loaded from: input_file:com/xforceplus/security/login/filter/impl/GenerateTokenStrategyFilter.class */
public class GenerateTokenStrategyFilter implements GenerateTokenFilter, PostLoginSuccessFilter<GenerateTokenStrategy> {
    private static final Logger log = LoggerFactory.getLogger(GenerateTokenStrategyFilter.class);
    public static final String TENANT_USER_TOKEN_PREFIX = "tenant:user:token:";
    public static final String TENANT_USER_TOKEN_BLACK_LIST_PREFIX = "tenant:user:token:blacklist:";
    public static final String MD5_SALT = "$1$/v6QjxiQ";
    private int priority;
    private ApplicationContext applicationContext;

    /* loaded from: input_file:com/xforceplus/security/login/filter/impl/GenerateTokenStrategyFilter$GenerateTokenStrategyFilterBuilder.class */
    public static class GenerateTokenStrategyFilterBuilder {
        private int priority;
        private ApplicationContext applicationContext;

        GenerateTokenStrategyFilterBuilder() {
        }

        public GenerateTokenStrategyFilterBuilder priority(int i) {
            this.priority = i;
            return this;
        }

        public GenerateTokenStrategyFilterBuilder applicationContext(ApplicationContext applicationContext) {
            this.applicationContext = applicationContext;
            return this;
        }

        public GenerateTokenStrategyFilter build() {
            return new GenerateTokenStrategyFilter(this.priority, this.applicationContext);
        }

        public String toString() {
            return "GenerateTokenStrategyFilter.GenerateTokenStrategyFilterBuilder(priority=" + this.priority + ", applicationContext=" + this.applicationContext + ")";
        }
    }

    @Override // com.xforceplus.security.login.filter.StrategyFilter
    public ApplicationContext getApplicationContext() {
        return this.applicationContext;
    }

    @Override // com.xforceplus.security.login.filter.StrategyFilter
    public int priority() {
        return this.priority;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // com.xforceplus.security.login.filter.StrategyFilter
    public GenerateTokenStrategy defaultStrategy() {
        return GenerateTokenStrategy.builder().build();
    }

    @Override // com.xforceplus.security.login.filter.StrategyFilter
    public Class<GenerateTokenStrategy> strategyClass() {
        return GenerateTokenStrategy.class;
    }

    @Override // com.xforceplus.security.login.filter.GenerateTokenFilter, com.xforceplus.security.login.filter.StrategyFilter
    public boolean matches(LoginContext<? extends LoginRequest> loginContext) {
        log.debug("execute {}Filter.matches", strategyClass().getSimpleName());
        if (!super.matches(loginContext)) {
            return false;
        }
        if (loginContext.getUser() != null) {
            return true;
        }
        log.debug("this {}Filter.loginContext.user = null, do nothing", strategyClass().getSimpleName());
        return false;
    }

    @Override // com.xforceplus.security.login.filter.GenerateTokenFilter
    public void executeGenerateToken(LoginContext<? extends LoginRequest> loginContext) {
        log.debug("execute {}Filter.executeGenerateToken", strategyClass().getSimpleName());
        User user = loginContext.getUser();
        if (StringUtils.isBlank(user.getLoginId())) {
            user.setLoginId(UUID.randomUUID().toString());
        }
        if (StringUtils.isNotBlank(user.getUserName())) {
            user.setUsername(user.getUserName());
        } else if (StringUtils.isBlank(user.getUsername())) {
            if (StringUtils.isNotBlank(user.getEmail())) {
                user.setUsername(user.getEmail());
            } else if (StringUtils.isNotBlank(user.getMobile())) {
                user.setUsername(user.getMobile());
            }
        }
        Account account = user.getAccount();
        if (StringUtils.isNotBlank(account.getUsername())) {
            user.setLoginName(account.getUsername());
        } else if (StringUtils.isNotBlank(account.getEmail())) {
            user.setLoginName(account.getEmail());
        } else if (StringUtils.isNotBlank(account.getTelPhone())) {
            user.setLoginName(account.getTelPhone());
        }
        String encode = JwtEncoder.encode(user, this.applicationContext.getEnvironment().getProperty("xforce.tenant.security.jwt.secret", "my_sessionjw_tsecret_xdfdffdsdfdfs"), TenantSecretService.TENANT_AND_SECRET);
        loginContext.setToken(encode);
        loginContext.getResponse().setToken(encode);
        loginContext.setSuccess(true);
    }

    @Override // com.xforceplus.security.login.filter.PostLoginSuccessFilter
    public void executePostLoginSuccess(LoginContext<? extends LoginRequest> loginContext) {
        log.debug("execute {}Filter.executePostLoginSuccess", strategyClass().getSimpleName());
        StringRedisTemplate stringRedisTemplate = (StringRedisTemplate) this.applicationContext.getBean(StringRedisTemplate.class);
        Map<Long, Strategy> tenantStrategyMap = loginContext.getTenantStrategyMap();
        Long currentTenantId = loginContext.getCurrentTenantId();
        if (currentTenantId == null) {
            log.debug("execute {}Filter.currentTenantId == null, do nothing", strategyClass().getSimpleName());
        } else {
            tenantStrategyMap.forEach((l, strategy) -> {
                if (l.equals(currentTenantId) && (strategy instanceof GenerateTokenStrategy) && strategy.isEnabled() && ((GenerateTokenStrategy) strategy).isSingleSession()) {
                    Long id = loginContext.getUser().getId();
                    Object obj = stringRedisTemplate.opsForValue().get(TENANT_USER_TOKEN_PREFIX + l + ":" + id);
                    String md5Crypt = Md5Crypt.md5Crypt(loginContext.getToken().getBytes(), MD5_SALT);
                    if (null != obj) {
                        String str = (String) obj;
                        if (!stringRedisTemplate.opsForSet().isMember(TENANT_USER_TOKEN_BLACK_LIST_PREFIX + l + ":" + id, str).booleanValue() && !str.equals(md5Crypt)) {
                            stringRedisTemplate.opsForSet().add(TENANT_USER_TOKEN_BLACK_LIST_PREFIX + l + ":" + id, new String[]{str});
                            stringRedisTemplate.expire(TENANT_USER_TOKEN_BLACK_LIST_PREFIX + l + ":" + id, 10L, TimeUnit.HOURS);
                            log.info("用户id:{}已在其他地方登录，前一次登录token被拉黑,其md5值为: {}", id, str);
                        }
                    }
                    stringRedisTemplate.opsForValue().set(TENANT_USER_TOKEN_PREFIX + l + ":" + id, md5Crypt, 10L, TimeUnit.HOURS);
                }
            });
        }
    }

    GenerateTokenStrategyFilter(int i, ApplicationContext applicationContext) {
        this.priority = i;
        this.applicationContext = applicationContext;
    }

    public static GenerateTokenStrategyFilterBuilder builder() {
        return new GenerateTokenStrategyFilterBuilder();
    }
}
