package com.xforceplus.security.strategy.controller;

import com.xforceplus.api.common.response.ResponseEntity;
import com.xforceplus.api.model.AccountModel;
import com.xforceplus.api.model.TenantPolicyModel;
import com.xforceplus.business.account.service.AccountService;
import com.xforceplus.business.tenant.service.TenantService;
import com.xforceplus.domain.tenant.TenantPolicyDto;
import com.xforceplus.security.password.utils.PasswordRegBuilderUtils;
import com.xforceplus.security.strategy.model.PasswordCheckWithPattern;
import com.xforceplus.security.strategy.model.PasswordPatternStrategy;
import com.xforceplus.security.strategy.service.StrategyService;
import com.xforceplus.tenant.security.autoscan.annotation.AuthorizedDefinition;
import com.xforceplus.utils.PasswordCheckUtils;
import io.swagger.annotations.ApiOperation;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.validation.Valid;
import javax.validation.constraints.Min;
import javax.validation.constraints.NotBlank;
import org.apache.commons.collections4.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Validated
@Controller
/* loaded from: input_file:com/xforceplus/security/strategy/controller/StrategyController.class */
public class StrategyController {
    private static final Logger log = LoggerFactory.getLogger(StrategyController.class);
    private final StrategyService strategyService;
    private final AccountService accountService;
    private final TenantService tenantService;

    public StrategyController(StrategyService strategyService, AccountService accountService, TenantService tenantService) {
        this.strategyService = strategyService;
        this.accountService = accountService;
        this.tenantService = tenantService;
    }

    @AuthorizedDefinition(authorization = false)
    @RequestMapping(name = "刷新租户策略缓存", value = {"${xforce.tenant.service.url.prefix:/api}/global${xforce.tenant.service.version:}/strategies/refresh"}, method = {RequestMethod.POST})
    @ResponseBody
    public String refresh() {
        return this.strategyService.refresh();
    }

    @RequestMapping(name = "默认租户策略列表", value = {"${xforce.tenant.service.url.prefix:/api}/global${xforce.tenant.service.version:}/strategies"}, method = {RequestMethod.GET})
    @ApiOperation("默认租户策略列表")
    @AuthorizedDefinition(resources = {"xforce:operation:tag:view"})
    @ResponseBody
    public ResponseEntity<List<? extends TenantPolicyDto>> strategies() {
        return ResponseEntity.ok(this.strategyService.findAllPlatformPolicy());
    }

    @AuthorizedDefinition(authentication = false, authorization = false)
    @RequestMapping(name = "默认租户密码策略列表", value = {"${xforce.tenant.service.url.prefix:/api}/global${xforce.tenant.service.version:}/strategies/password-patterns"}, method = {RequestMethod.GET})
    @ResponseBody
    public ResponseEntity<Set<String>> passwordPatterns() {
        return ResponseEntity.ok(PasswordPatternStrategy.PATTERN_MAP.keySet());
    }

    @AuthorizedDefinition(authentication = false, authorization = false)
    @RequestMapping(name = "根据登录账号匹配最佳租户密码策略", value = {"${xforce.tenant.service.url.prefix:/api}/global${xforce.tenant.service.version:}/accounts/{loginName}/password-pattern"}, method = {RequestMethod.GET})
    @ResponseBody
    public ResponseEntity<String> findPasswordPatternByLoginName(@PathVariable("loginName") @NotBlank @Valid String str) {
        AccountModel.Request.Login login = new AccountModel.Request.Login();
        login.setUsername(str);
        List<Long> findTenantIdsByLogin = this.accountService.findTenantIdsByLogin(login);
        if (findTenantIdsByLogin == null) {
            throw new IllegalArgumentException("不存在的登录名");
        }
        return findPasswordPatternByTenantIds(new HashSet(findTenantIdsByLogin));
    }

    @AuthorizedDefinition(authorization = false)
    @RequestMapping(name = "根据租户id匹配最佳租户密码策略", value = {"${xforce.tenant.service.url.prefix:/api}/global${xforce.tenant.service.version:}/tenants/{tenantId}/password-pattern"}, method = {RequestMethod.GET})
    @ResponseBody
    public ResponseEntity<String> findPasswordPatternByTenantId(@PathVariable("tenantId") @Valid @Min(1) long j) {
        this.tenantService.findById(Long.valueOf(j));
        return findPasswordPatternByTenantIds((Set) Stream.of(Long.valueOf(j)).collect(Collectors.toSet()));
    }

    @PostMapping(name = "校验密码复杂度", value = {"${xforce.tenant.service.url.prefix:/api}/global${xforce.tenant.service.version:}/accounts/pwd/check"})
    @ApiOperation("校验密码复杂度")
    @AuthorizedDefinition(resources = {"xforce:operation:tag:view"})
    @ResponseBody
    public ResponseEntity<PasswordCheckWithPattern> checkPasswordWithSecurityPolicy(@Valid @RequestBody TenantPolicyModel.Request.PasswordCheck passwordCheck) {
        AccountModel.Request.Login login = new AccountModel.Request.Login();
        login.setUsername(passwordCheck.getLoginName());
        List<Long> findTenantIdsByLogin = this.accountService.findTenantIdsByLogin(login);
        if (CollectionUtils.isEmpty(findTenantIdsByLogin)) {
            Long tenantId = passwordCheck.getTenantId();
            findTenantIdsByLogin = tenantId == null ? Collections.singletonList(0L) : Collections.singletonList(tenantId);
        }
        return ResponseEntity.ok(PasswordCheckUtils.check(passwordCheck.getPassword(), findPasswordPatternStrategyByTenantIds(new HashSet(findTenantIdsByLogin))));
    }

    private ResponseEntity<String> findPasswordPatternByTenantIds(Set<Long> set) {
        PasswordPatternStrategy findPasswordPatternStrategyByTenantIds = findPasswordPatternStrategyByTenantIds(set);
        if (findPasswordPatternStrategyByTenantIds == null) {
            return ResponseEntity.ok();
        }
        ResponseEntity<String> ok = ResponseEntity.ok(findPasswordPatternStrategyByTenantIds.getPatternModel().getPattern().pattern());
        ok.setMessage(findPasswordPatternStrategyByTenantIds.getPatternModel().getPatternDesc());
        return ok;
    }

    private PasswordPatternStrategy findPasswordPatternStrategyByTenantIds(Set<Long> set) {
        Map loadStrategiesMap = this.strategyService.loadStrategiesMap(set, PasswordPatternStrategy.class);
        if (loadStrategiesMap == null) {
            return null;
        }
        if (loadStrategiesMap.size() == 1) {
            return (PasswordPatternStrategy) loadStrategiesMap.values().iterator().next();
        }
        loadStrategiesMap.remove(0L);
        return loadStrategiesMap.size() == 1 ? (PasswordPatternStrategy) loadStrategiesMap.values().iterator().next() : PasswordRegBuilderUtils.getSuitableStrategy(((Map) Objects.requireNonNull(loadStrategiesMap)).values());
    }
}
