package com.xforceplus.security.login.controller;

import com.xforceplus.business.tenant.service.UserService;
import com.xforceplus.config.MessageTemplateProperties;
import com.xforceplus.entity.User;
import com.xforceplus.feign.tenant.message.SmsAuthCodeFeignClient;
import com.xforceplus.security.limit.Limit;
import com.xforceplus.security.login.context.LoginContext;
import com.xforceplus.security.login.exception.AuthenticationException;
import com.xforceplus.security.login.request.LoginRequest;
import com.xforceplus.security.login.request.PasswordLoginRequest;
import com.xforceplus.security.login.request.SmsLoginRequest;
import com.xforceplus.security.login.request.TwoFactorPasswordLoginRequest;
import com.xforceplus.security.login.request.TwoFactorSmsLoginRequest;
import com.xforceplus.security.login.response.LoginResponse;
import com.xforceplus.security.login.response.LoginTokenResponse;
import com.xforceplus.security.login.service.LoginService;
import com.xforceplus.tenant.security.autoscan.annotation.AuthorizedDefinition;
import com.xforceplus.utils.RegExUtil;
import com.xforececlound.message.model.AuthCodeResp;
import com.xforececlound.message.model.SmsCodeReq;
import io.swagger.annotations.ApiOperation;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.ResponseCookie;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.ResponseBody;

@Validated
@Controller
/* loaded from: input_file:com/xforceplus/security/login/controller/LoginController.class */
public class LoginController {
    private static final Logger log = LoggerFactory.getLogger(LoginController.class);
    private final LoginService loginService;
    private final UserService userService;
    private final SmsAuthCodeFeignClient smsAuthCodeFeignClient;
    private final MessageTemplateProperties messageTemplateProperties;

    public LoginController(LoginService loginService, UserService userService, SmsAuthCodeFeignClient smsAuthCodeFeignClient, MessageTemplateProperties messageTemplateProperties) {
        this.loginService = loginService;
        this.userService = userService;
        this.smsAuthCodeFeignClient = smsAuthCodeFeignClient;
        this.messageTemplateProperties = messageTemplateProperties;
    }

    @PostMapping({"/api/security/normal/login"})
    @Limit(key = "login")
    @ApiOperation("对应原来的 'api/normal/login'")
    @AuthorizedDefinition(authentication = false, authorization = false)
    @ResponseBody
    public ResponseEntity<LoginResponse<LoginTokenResponse>> login(@Valid @RequestBody PasswordLoginRequest passwordLoginRequest, HttpServletRequest httpServletRequest) {
        log.info("tenant-service normal login=={}", passwordLoginRequest);
        return buildResponse(this.loginService.login(passwordLoginRequest, httpServletRequest));
    }

    @PostMapping({"/api/security/internal/login"})
    @Limit(key = "login")
    @ApiOperation("对应原来的 'api/internal/login'")
    @AuthorizedDefinition(authentication = false, authorization = false)
    @ResponseBody
    public ResponseEntity<LoginResponse<LoginTokenResponse>> internalLogin(@Valid @RequestBody PasswordLoginRequest passwordLoginRequest, HttpServletRequest httpServletRequest) {
        log.info("tenant-service internal login=={}", passwordLoginRequest);
        return buildResponse(this.loginService.internalLogin(passwordLoginRequest, httpServletRequest));
    }

    @PostMapping({"/api/security/sms/login/v2"})
    @ApiOperation("对应原来的 'api/sms/login/v2'")
    @AuthorizedDefinition(authentication = false, authorization = false)
    @ResponseBody
    public ResponseEntity<LoginResponse<LoginTokenResponse>> smsLoginV2(@Valid @RequestBody SmsLoginRequest smsLoginRequest, HttpServletRequest httpServletRequest) {
        log.info("tenant-service sms login v2 =={}", smsLoginRequest);
        return buildResponse(this.loginService.login(smsLoginRequest, httpServletRequest));
    }

    @PostMapping({"/api/security/sms/login"})
    @Limit(key = "login")
    @ApiOperation("对应原来的 'api/sms/login'")
    @AuthorizedDefinition(authentication = false, authorization = false)
    @ResponseBody
    public ResponseEntity<LoginResponse<LoginTokenResponse>> smsLogin(@Valid @RequestBody SmsLoginRequest smsLoginRequest, HttpServletRequest httpServletRequest) {
        log.info("tenant-service sms login v1 =={}", smsLoginRequest);
        return buildResponse(this.loginService.smsLogin(smsLoginRequest, httpServletRequest));
    }

    @PostMapping({"/api/security/two-factor/sms/login"})
    @ApiOperation("对应原来的 'api/login/double-auth/code'")
    @ResponseBody
    public ResponseEntity<LoginResponse<LoginTokenResponse>> login(@RequestBody TwoFactorSmsLoginRequest twoFactorSmsLoginRequest, HttpServletRequest httpServletRequest) {
        log.info("tenant-service  two-factor sms login v1 =={}", twoFactorSmsLoginRequest);
        return buildResponse(this.loginService.login(twoFactorSmsLoginRequest, httpServletRequest));
    }

    @PostMapping({"/api/security/two-factor/password/login"})
    @ApiOperation("对应原来的 'api/login/double-auth/pwd'")
    @ResponseBody
    public ResponseEntity<LoginResponse<LoginTokenResponse>> login(@Valid @RequestBody TwoFactorPasswordLoginRequest twoFactorPasswordLoginRequest, HttpServletRequest httpServletRequest) {
        log.info("tenant-service  two-factor password login  =={}", twoFactorPasswordLoginRequest);
        return buildResponse(this.loginService.login(twoFactorPasswordLoginRequest, httpServletRequest));
    }

    private <T extends LoginRequest> ResponseEntity<LoginResponse<LoginTokenResponse>> buildResponse(LoginContext<T> loginContext) {
        ResponseEntity.BodyBuilder ok = ResponseEntity.ok();
        Set<ResponseCookie> cookies = loginContext.getCookies();
        if (cookies != null && !cookies.isEmpty()) {
            HttpHeaders httpHeaders = new HttpHeaders();
            cookies.forEach(responseCookie -> {
                httpHeaders.add("Set-Cookie", responseCookie.toString());
            });
            ok = (ResponseEntity.BodyBuilder) ok.headers(httpHeaders);
        }
        return ok.body(LoginResponse.builder().data(loginContext.getResponse()).build());
    }

    @ApiOperation("对应原来的 'api/sms/login/{phone}'")
    @AuthorizedDefinition(authentication = false, authorization = false)
    @GetMapping({"/api/security/sms/login/{phone}"})
    @ResponseBody
    public LoginResponse<String> sendSms(@PathVariable("phone") String str) {
        if (!RegExUtil.checkMobile(str)) {
            throw new AuthenticationException(0, "请输入正确的手机号码！");
        }
        User findByUsername = this.userService.findByUsername(str, 0);
        if (findByUsername == null) {
            throw new AuthenticationException(3, "用户名或密码错误。");
        }
        if (1 != findByUsername.getAccount().getStatus().intValue()) {
            throw new AuthenticationException(0, "账号未启用！");
        }
        SmsCodeReq smsCodeReq = new SmsCodeReq();
        smsCodeReq.setMobile(str);
        smsCodeReq.setTemplateCode(this.messageTemplateProperties.getSmsCode());
        smsCodeReq.setExpireTime(3);
        smsCodeReq.setTenantId(findByUsername.getTenantId());
        AuthCodeResp sendAuthCode = this.smsAuthCodeFeignClient.sendAuthCode(String.valueOf(ObjectUtils.defaultIfNull(findByUsername.getTenantId(), 0)), smsCodeReq);
        if (sendAuthCode == null) {
            throw new AuthenticationException(0, "发送短信验证码失败。");
        }
        if (sendAuthCode.getCode() != 1) {
            throw new AuthenticationException(0, sendAuthCode.getDesc());
        }
        String msgId = sendAuthCode.getMsgId();
        if (StringUtils.isBlank(msgId)) {
            throw new AuthenticationException(0, "发送验证码失败");
        }
        return LoginResponse.builder().data(msgId).build();
    }
}
