package com.xforce.bi.auth.encryptions.impl;

import com.xforce.bi.auth.encryptions.AuthEncryptionInterface;
import com.xforce.bi.user.beans.AuthSource;
import com.xforce.bi.user.beans.UserInfo;
import com.xforceplus.tenantsecurity.domain.AuthorizedUser;
import com.xforceplus.tenantsecurity.domain.UserType;
import com.xforceplus.tenantsecurity.jwt.JwtUtils;
import com.xforceplus.tenantsecurity.utils.CompressionUtils;
import com.xforceplus.tenantsecurity.utils.JsonUtils;
import java.util.Map;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.util.Assert;
import org.springframework.web.servlet.HandlerMapping;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:com/xforce/bi/auth/encryptions/impl/UserCenterAuthEncryption.class */
public class UserCenterAuthEncryption implements AuthEncryptionInterface {
    private static final Logger log = LoggerFactory.getLogger(UserCenterAuthEncryption.class);
    private static final String NOT_USER_CENTER = "非用户中心的用户";

    @Value("${xforce.encriptions.usercenter.accessTokenKey:xforce-saas-token}")
    private String accessTokenKey = "";

    @Value("${xforce.encriptions.usercenter.secret:my_sessionjw_tsecret_xdfdffdsdfdfs}")
    private String secret;

    @Override // com.xforce.bi.auth.encryptions.AuthEncryptionInterface
    public UserInfo decode(HttpServletRequest httpServletRequest) throws Exception {
        String token = getToken(httpServletRequest);
        Assert.hasText(token, "用户中心认证方式取到token为空");
        Map<String, String> verifyAndDecodeToken = JwtUtils.verifyAndDecodeToken(this.secret, token);
        Assert.notNull(verifyAndDecodeToken, "claims == null, 访问失败，没有登录");
        return transferToBIUser(getUserOfUserCenter(httpServletRequest, verifyAndDecodeToken, token));
    }

    private UserInfo transferToBIUser(AuthorizedUser authorizedUser) {
        UserInfo userInfo = new UserInfo();
        userInfo.setAccessToken(authorizedUser.token());
        userInfo.setUsername(authorizedUser.getUsername());
        userInfo.setTenantId(String.valueOf(authorizedUser.getTenantId()));
        userInfo.setTenantCode(authorizedUser.getTenantCode());
        userInfo.setAuthSource(AuthSource.USER_CENTER);
        userInfo.setMobile(authorizedUser.getMobile());
        userInfo.setEmail(authorizedUser.getEmail());
        return userInfo;
    }

    private AuthorizedUser getUserOfUserCenter(HttpServletRequest httpServletRequest, Map<String, String> map, String str) {
        String decode = CompressionUtils.decode(map.get("userinfo"));
        Assert.hasText(decode, "访问失败，无效令牌");
        AuthorizedUser authorizedUser = (AuthorizedUser) JsonUtils.fromJson(decode, AuthorizedUser.class);
        Assert.notNull(authorizedUser, "userinfo is null");
        Long tenantId = getTenantId(httpServletRequest);
        if (tenantId != null) {
            authorizedUser.setTenantId(tenantId.longValue());
        }
        authorizedUser.setToken(str);
        return authorizedUser;
    }

    private Long getTenantId(HttpServletRequest httpServletRequest) {
        Long l;
        String header = httpServletRequest.getHeader("tenantId");
        if (header == null) {
            header = (String) ((Map) httpServletRequest.getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE)).get("tenantId");
        }
        try {
            l = Long.valueOf(Long.parseLong(header));
        } catch (NumberFormatException e) {
            log.warn(e.getMessage() + ", tenantId = " + header);
            l = null;
        }
        return l;
    }

    private String getToken(HttpServletRequest httpServletRequest) {
        Cookie cookie = WebUtils.getCookie(httpServletRequest, UserType.USER.tokenKey());
        if (cookie != null) {
            return cookie.getValue();
        }
        log.warn("Cookie中无token");
        String header = httpServletRequest.getHeader(this.accessTokenKey);
        if (StringUtils.isNotEmpty(header)) {
            return header;
        }
        log.warn("Header中无token");
        return WebUtils.findParameterValue(httpServletRequest, UserType.USER.tokenKey());
    }
}
