package org.zodiac.auth.granter;

import java.time.Duration;
import org.zodiac.auth.constants.AuthCacheNames;
import org.zodiac.auth.provider.AuthTokenGranter;
import org.zodiac.auth.provider.AuthTokenParameter;
import org.zodiac.auth.util.AuthTokenUtil;
import org.zodiac.commons.util.Func;
import org.zodiac.core.service.exception.ServiceException;
import org.zodiac.redis.RedisDataOperation;
import org.zodiac.sdk.toolkit.util.crypto.DigestUtil;
import org.zodiac.sdk.toolkit.util.lang.StrUtil;
import org.zodiac.security.auth.SecurityAuthGranterType;
import org.zodiac.tenant.model.TenantUserInfo;
import org.zodiac.tenant.model.TenantUserTypeEnum;
import org.zodiac.tenant.model.entity.TenantRoleEntity;
import org.zodiac.tenant.model.entity.TenantUserEntity;
import org.zodiac.tenant.model.entity.TenantUserExcelEntity;
import org.zodiac.tenant.model.entity.TenantUserOauthEntity;
import org.zodiac.tenant.model.entity.TenantryEntity;
import org.zodiac.tenant.model.vo.SwaggerTenantRoleViewVO;
import org.zodiac.tenant.model.vo.TenantUserViewVO;
import org.zodiac.tenant.service.TenantRoleService;
import org.zodiac.tenant.service.TenantUserService;
import org.zodiac.tenant.service.TenantryService;

/* loaded from: input_file:org/zodiac/auth/granter/AbstractAuthCaptchaTokenGranter.class */
public abstract class AbstractAuthCaptchaTokenGranter<RE extends TenantRoleEntity, RV extends SwaggerTenantRoleViewVO<RV>, UE extends TenantUserEntity, UEE extends TenantUserExcelEntity, UEI extends TenantUserInfo<UE>, UEOU extends TenantUserOauthEntity, UV extends TenantUserViewVO, TE extends TenantryEntity> implements AuthTokenGranter<UE> {
    public static final String GRANT_TYPE = SecurityAuthGranterType.CAPTCHA.getType();
    public static final Integer FAIL_COUNT = 5;
    private final TenantUserService<UE, UEE, UEI, UEOU, UV> userService;
    private final TenantRoleService<RE, RV> roleService;
    private final TenantryService<TE> tenantService;
    private final RedisDataOperation redisDataOperation;

    public AbstractAuthCaptchaTokenGranter(TenantUserService<UE, UEE, UEI, UEOU, UV> tenantUserService, TenantRoleService<RE, RV> tenantRoleService, TenantryService<TE> tenantryService, RedisDataOperation redisDataOperation) {
        this.userService = tenantUserService;
        this.roleService = tenantRoleService;
        this.tenantService = tenantryService;
        this.redisDataOperation = redisDataOperation;
    }

    @Override // org.zodiac.auth.provider.AuthTokenGranter
    public TenantUserInfo<UE> grant(AuthTokenParameter authTokenParameter) {
        AuthCaptchaToken obtainToken = obtainToken();
        if (null == obtainToken) {
            return null;
        }
        String str = (String) this.redisDataOperation.get(AuthCacheNames.CAPTCHA_KEY + obtainToken.getCaptchaKey());
        if (obtainToken.getCaptchaCode() == null || !StrUtil.equalsIgnoreCase(str, obtainToken.getCaptchaCode())) {
            throw new ServiceException("验证码不正确。");
        }
        String str2 = authTokenParameter.getArgs().getStr("tenantId");
        String str3 = authTokenParameter.getArgs().getStr("username");
        String str4 = authTokenParameter.getArgs().getStr("password");
        int i = Func.toInt(this.redisDataOperation.get(AuthCacheNames.tenantKey(str2, AuthCacheNames.USER_FAIL_KEY, str3)), 0);
        if (i >= FAIL_COUNT.intValue()) {
            throw new ServiceException("登录错误次数过多，请稍后再试。");
        }
        TenantUserInfo<UE> tenantUserInfo = null;
        if (Func.isNoneBlank(new CharSequence[]{str3, str4})) {
            if (AuthTokenUtil.judgeTenant(this.tenantService.getByTenantId(str2))) {
                throw new ServiceException("租户授权已过期，请联系管理员。");
            }
            String str5 = authTokenParameter.getArgs().getStr("userType");
            tenantUserInfo = str5.equals(TenantUserTypeEnum.WEB.getName()) ? this.userService.userInfo(str2, str3, DigestUtil.hex(str4), TenantUserTypeEnum.WEB) : str5.equals(TenantUserTypeEnum.APP.getName()) ? this.userService.userInfo(str2, str3, DigestUtil.hex(str4), TenantUserTypeEnum.APP) : this.userService.userInfo(str2, str3, DigestUtil.hex(str4), TenantUserTypeEnum.OTHER);
        }
        if (tenantUserInfo == null || tenantUserInfo.getUser() == null) {
            this.redisDataOperation.setEx(AuthCacheNames.tenantKey(str2, AuthCacheNames.USER_FAIL_KEY, str3), Integer.valueOf(i + 1), Duration.ofMinutes(30L));
        }
        if (Func.isNotEmpty(obtainToken.getDept()) && tenantUserInfo != null && tenantUserInfo.getUser().getDeptId().contains(obtainToken.getDept())) {
            tenantUserInfo.getUser().setDeptId(obtainToken.getDept());
        }
        if (Func.isNotEmpty(obtainToken.getRole()) && tenantUserInfo != null && tenantUserInfo.getUser().getRoleId().contains(obtainToken.getRole())) {
            tenantUserInfo.setRoles(this.roleService.getRoleAliases(obtainToken.getRole()));
            tenantUserInfo.getUser().setRoleId(obtainToken.getRole());
        }
        return tenantUserInfo;
    }

    protected abstract AuthCaptchaToken obtainToken();
}
