package com.asiainfo.aisquare.aisp.security.auth.service.impl;

import com.alibaba.fastjson.JSONObject;
import com.asiainfo.aisquare.aisp.common.basic.exception.BizException;
import com.asiainfo.aisquare.aisp.common.basic.utils.AuthUtil;
import com.asiainfo.aisquare.aisp.common.basic.utils.MessageUtils;
import com.asiainfo.aisquare.aisp.entity.auth.AuthChangeRoleInfo;
import com.asiainfo.aisquare.aisp.entity.auth.AuthMenu;
import com.asiainfo.aisquare.aisp.entity.auth.AuthProfile;
import com.asiainfo.aisquare.aisp.entity.auth.AuthTenant;
import com.asiainfo.aisquare.aisp.entity.auth.UserLoginDetail;
import com.asiainfo.aisquare.aisp.entity.auth.enums.AuthRoleTypeEnum;
import com.asiainfo.aisquare.aisp.security.api.service.IAuthApiService;
import com.asiainfo.aisquare.aisp.security.auth.dto.CheckUrlDto;
import com.asiainfo.aisquare.aisp.security.auth.service.AuthService;
import com.asiainfo.aisquare.aisp.security.menu.service.MenuService;
import com.asiainfo.aisquare.aisp.security.role.entity.Role;
import com.asiainfo.aisquare.aisp.security.role.service.RoleService;
import com.asiainfo.aisquare.aisp.security.role.service.RoleTypeService;
import com.asiainfo.aisquare.aisp.security.tenant.entity.Tenant;
import com.asiainfo.aisquare.aisp.security.tenant.service.TenantService;
import com.asiainfo.aisquare.aisp.security.user.entity.AuthUserDetails;
import com.asiainfo.aisquare.aisp.security.utils.SecurityUtils;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import java.lang.invoke.SerializedLambda;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import javax.annotation.Resource;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/asiainfo/aisquare/aisp/security/auth/service/impl/AuthServiceImpl.class */
public class AuthServiceImpl implements AuthService {
    private static final Logger log = LoggerFactory.getLogger(AuthServiceImpl.class);

    @Resource
    RoleService roleService;

    @Resource
    RoleTypeService roleTypeService;

    @Resource
    TenantService tenantService;

    @Resource
    MenuService menuService;

    @Resource
    IAuthApiService authApiService;

    @Resource
    @Lazy
    TokenStore tokenStore;

    @Resource
    UserDetailsService userDetailsService;

    @Override // com.asiainfo.aisquare.aisp.security.auth.service.AuthService
    public UserLoginDetail getUserInfo(String str) {
        AuthUserDetails authUserDetails;
        log.info("获取用户信息：{}", str);
        if (StringUtils.isEmpty(str)) {
            str = AuthUtil.getToken();
        }
        OAuth2Authentication readAuthentication = this.tokenStore.readAuthentication(str);
        if (readAuthentication.getPrincipal() instanceof String) {
            authUserDetails = (AuthUserDetails) this.userDetailsService.loadUserByUsername((String) readAuthentication.getPrincipal());
        } else {
            authUserDetails = (AuthUserDetails) readAuthentication.getPrincipal();
        }
        UserLoginDetail userLoginDetail = new UserLoginDetail();
        userLoginDetail.setToken(str);
        userLoginDetail.setUserInfo(SecurityUtils.toAuthUserInfo(authUserDetails));
        userLoginDetail.setRoleInfoList((List) authUserDetails.getRoles().stream().map(SecurityUtils::toAuthRole).collect(Collectors.toList()));
        log.info("获取用户信息成功：{},{}", str, JSONObject.toJSONString(userLoginDetail));
        return userLoginDetail;
    }

    @Override // com.asiainfo.aisquare.aisp.security.auth.service.AuthService
    public AuthChangeRoleInfo changeRole(Long l) {
        AuthUserDetails authUserDetails;
        List<AuthMenu> menuTreeById;
        AuthChangeRoleInfo authChangeRoleInfo = new AuthChangeRoleInfo();
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication.getPrincipal() instanceof String) {
            authUserDetails = (AuthUserDetails) this.userDetailsService.loadUserByUsername((String) authentication.getPrincipal());
        } else {
            authUserDetails = (AuthUserDetails) authentication.getPrincipal();
        }
        AuthProfile authProfile = SecurityUtils.getAuthProfile();
        if (!hasRole(l)) {
            throw new BizException(MessageUtils.message("auth.user.has.not.assign.role", new Object[0]));
        }
        Role roleById = this.roleService.getRoleById(l);
        if (roleById.isSuperAdmin()) {
            if (!l.equals(authProfile.getRoleId())) {
                SecurityUtils.setAuthProfile(AuthProfile.builder().userId(authUserDetails.getId()).userName(authUserDetails.getUserName()).roleId(l).roleName(roleById.getRoleName()).build());
            }
            ArrayList arrayList = new ArrayList();
            arrayList.add("*.*.*");
            SecurityUtils.setRolePermissions(l, arrayList);
            menuTreeById = this.roleTypeService.getDetail(AuthRoleTypeEnum.ADMIN.getTypeId()).getMenuList();
        } else {
            if (!l.equals(authProfile.getRoleId())) {
                SecurityUtils.setAuthProfile(AuthProfile.builder().userId(authUserDetails.getId()).userName(authUserDetails.getUserName()).roleId(l).roleName(roleById.getRoleName()).projectId(roleById.getProjectId()).projectName(roleById.getProjectName()).tenantId(roleById.getTenantId()).tenantName(roleById.getTenantName()).build());
            }
            menuTreeById = this.roleService.getMenuTreeById(l);
        }
        if (CollectionUtils.isEmpty(menuTreeById)) {
            throw new BizException(MessageUtils.message("auth.role.resource.empty", new Object[0]));
        }
        List<AuthTenant> tenantTreeById = this.roleService.getTenantTreeById(l);
        AuthProfile authProfile2 = SecurityUtils.getAuthProfile();
        authChangeRoleInfo.setMenus(menuTreeById);
        authChangeRoleInfo.setTenants(tenantTreeById);
        authChangeRoleInfo.setAuthProfile(authProfile2);
        return authChangeRoleInfo;
    }

    @Override // com.asiainfo.aisquare.aisp.security.auth.service.AuthService
    public List<AuthMenu> getRoleMenus(Long l) {
        List<AuthMenu> menuTreeById;
        Role roleById = this.roleService.getRoleById(l);
        if (!hasRole(l)) {
            throw new BizException(MessageUtils.message("auth.user.has.not.assign.role", new Object[0]));
        }
        if (AuthRoleTypeEnum.ADMIN.getTypeId().equals(roleById.getRoleType())) {
            ArrayList arrayList = new ArrayList();
            arrayList.add("*.*.*");
            SecurityUtils.setRolePermissions(l, arrayList);
            menuTreeById = this.roleTypeService.getDetail(AuthRoleTypeEnum.ADMIN.getTypeId()).getMenuList();
        } else {
            menuTreeById = this.roleService.getMenuTreeById(l);
        }
        if (CollectionUtils.isEmpty(menuTreeById)) {
            throw new BizException(MessageUtils.message("auth.role.resource.empty", new Object[0]));
        }
        return menuTreeById;
    }

    @Override // com.asiainfo.aisquare.aisp.security.auth.service.AuthService
    public AuthProfile changeTenant(Long l) {
        AuthProfile authProfile = SecurityUtils.getAuthProfile();
        if (l == null) {
            Role roleById = this.roleService.getRoleById(authProfile.getRoleId());
            authProfile.setTenantId(roleById.getTenantId());
            authProfile.setProjectId(roleById.getProjectId());
            authProfile.setTenantName(roleById.getTenantName());
            authProfile.setProjectName(roleById.getProjectName());
            SecurityUtils.setAuthProfile(authProfile);
        } else {
            if (!hasTenant(l)) {
                throw new BizException(MessageUtils.message("auth.user.has.not.assign.tenant", new Object[0]));
            }
            Tenant tenantById = this.tenantService.getTenantById(l);
            if (tenantById.hasFatherTenant()) {
                authProfile.setTenantId(tenantById.getFatherTenantId());
                authProfile.setTenantName(tenantById.getFatherTenantName());
                authProfile.setProjectId(tenantById.getId());
                authProfile.setProjectName(tenantById.getTenantName());
                SecurityUtils.setAuthProfile(authProfile);
            } else {
                authProfile.setTenantId(tenantById.getId());
                authProfile.setTenantName(tenantById.getTenantName());
                authProfile.setProjectId((Long) null);
                authProfile.setProjectName((String) null);
                SecurityUtils.setAuthProfile(authProfile);
            }
        }
        return authProfile;
    }

    @Override // com.asiainfo.aisquare.aisp.security.auth.service.AuthService
    public AuthProfile getAuthProfile() {
        return SecurityUtils.getAuthProfile();
    }

    @Override // com.asiainfo.aisquare.aisp.security.auth.service.AuthService
    public boolean checkUrlAuth(CheckUrlDto checkUrlDto) {
        List list = this.menuService.list((LambdaQueryWrapper) new LambdaQueryWrapper().eq((v0) -> {
            return v0.getAddress();
        }, checkUrlDto.getAddress()));
        if (CollectionUtils.isEmpty(list)) {
            return false;
        }
        List list2 = (List) list.stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toList());
        Long roleId = AuthUtil.getAuthProfile().getRoleId();
        List<Long> maxMenuIds = roleId == null ? getMaxMenuIds() : this.roleService.getMenuIdsOfRole(roleId);
        if (CollectionUtils.isEmpty(maxMenuIds)) {
            return false;
        }
        return CollectionUtils.isNotEmpty(CollectionUtils.retainAll(maxMenuIds, list2));
    }

    private List<Long> getMaxMenuIds() {
        List list = (List) AuthUtil.getUserLoginDetailNew(AuthUtil.getToken()).getRoleInfoList().stream().map((v0) -> {
            return v0.getId();
        }).collect(Collectors.toList());
        HashSet hashSet = new HashSet();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            hashSet.addAll(this.roleService.getMenuIdsById(Long.valueOf((String) it.next())));
        }
        return Arrays.asList(hashSet.toArray(new Long[0]));
    }

    private boolean hasRole(Long l) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (authentication.getPrincipal() instanceof String ? (AuthUserDetails) this.userDetailsService.loadUserByUsername((String) authentication.getPrincipal()) : (AuthUserDetails) authentication.getPrincipal()).getRoles().stream().filter(role -> {
            return l.equals(role.getId());
        }).findFirst().orElse(null) != null;
    }

    private boolean hasTenant(Long l) {
        return this.roleService.getTenantsById(SecurityUtils.getAuthProfile().getRoleId()).stream().filter(tenant -> {
            return l.equals(tenant.getId());
        }).findFirst().orElse(null) != null;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -110831682:
                if (implMethodName.equals("getAddress")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/baomidou/mybatisplus/core/toolkit/support/SFunction") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/asiainfo/aisquare/aisp/security/menu/entity/Menu") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                    return (v0) -> {
                        return v0.getAddress();
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
