package com.nb6868.onex.common.shiro;

import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.bean.copier.CopyOptions;
import cn.hutool.core.lang.Assert;
import cn.hutool.core.map.MapUtil;
import cn.hutool.core.util.NumberUtil;
import cn.hutool.core.util.ObjUtil;
import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.json.JSONObject;
import cn.hutool.json.JSONUtil;
import cn.hutool.jwt.JWT;
import com.nb6868.onex.common.Const;
import com.nb6868.onex.common.auth.AuthConst;
import com.nb6868.onex.common.auth.AuthProps;
import com.nb6868.onex.common.params.BaseParamsService;
import com.nb6868.onex.common.util.JwtUtils;
import jakarta.validation.constraints.NotNull;
import java.util.Map;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;

@ConditionalOnProperty(name = {"onex.shiro.type"}, havingValue = "jwt", matchIfMissing = true)
@Component
/* loaded from: input_file:com/nb6868/onex/common/shiro/ShiroJwtRealm.class */
public class ShiroJwtRealm extends BaseShiroRealm {

    @Autowired
    private AuthProps authProps;

    @Autowired
    private BaseParamsService paramsService;

    @Autowired
    private ShiroDao shiroDao;

    protected AuthenticationInfo doGetAuthenticationInfo(@NotNull AuthenticationToken authenticationToken) throws AuthenticationException {
        Long valueOf;
        String tokenFromAuthenticationToken = getTokenFromAuthenticationToken(authenticationToken);
        Assert.isTrue(StrUtil.isNotBlank(tokenFromAuthenticationToken), () -> {
            return new AuthenticationException(Const.MSG_LOGIN_REQUIRED);
        });
        JWT parseToken = JwtUtils.parseToken(tokenFromAuthenticationToken);
        Assert.isTrue(ObjUtil.isNotNull(parseToken) && ObjUtil.isNotNull(parseToken.getPayload()) && ObjUtil.isNotNull(parseToken.getPayload().getClaimsJson()), () -> {
            return new AuthenticationException("登录信息错误,请重新登录...");
        });
        String str = parseToken.getPayload().getClaimsJson().getStr(this.authProps.getTokenJwtKey());
        Assert.isTrue(StrUtil.isNotBlank(str), () -> {
            return new AuthenticationException("登录信息缺少key,请重新登录...");
        });
        JSONObject systemPropsJson = this.paramsService.getSystemPropsJson(str);
        Assert.notNull(systemPropsJson, () -> {
            return new AuthenticationException("缺少登录信息配置,请重新登录...");
        });
        if (AuthConst.TOKEN_STORE_TYPE_VALUE.equalsIgnoreCase(systemPropsJson.getStr(AuthConst.TOKEN_STORE_TYPE_KEY, AuthConst.TOKEN_STORE_TYPE_VALUE))) {
            valueOf = MapUtil.getLong(this.shiroDao.getUserTokenByToken(tokenFromAuthenticationToken), "user_id");
        } else {
            Assert.isTrue(JwtUtils.verifyKeyAndExp(parseToken, systemPropsJson.getStr(AuthConst.TOKEN_JWT_KEY_KEY, AuthConst.TOKEN_JWT_KEY_VALUE)), () -> {
                return new AuthenticationException("登录信息已失效,请重新登录...");
            });
            valueOf = Long.valueOf(NumberUtil.parseLong(parseToken.getPayload().getClaimsJson().getStr("id")));
        }
        Assert.notNull(valueOf, () -> {
            return new AuthenticationException("缺少登录用户信息,请重新登录...");
        });
        Map<String, Object> userById = this.shiroDao.getUserById(valueOf);
        Assert.notNull(userById, () -> {
            return new AuthenticationException("缺少登录账号信息,请重新登录...");
        });
        Assert.isTrue(MapUtil.getInt(userById, "state", -1).intValue() == 1, () -> {
            return new AuthenticationException("账号已锁定,请联系管理员...");
        });
        ShiroUser shiroUser = (ShiroUser) BeanUtil.toBean(userById, ShiroUser.class, CopyOptions.create().setAutoTransCamelCase(true).setIgnoreCase(true).setIgnoreError(true));
        if (ObjectUtil.isNotEmpty(userById.get("ext_info"))) {
            shiroUser.setExtInfo(JSONUtil.parseObj(userById.get("ext_info").toString()));
        }
        if (shiroUser.getExtInfo() == null) {
            shiroUser.setExtInfo(new JSONObject());
        }
        shiroUser.setLoginType(str);
        shiroUser.setLoginConfig(systemPropsJson);
        if (AuthConst.TOKEN_STORE_TYPE_VALUE.equalsIgnoreCase(systemPropsJson.getStr(AuthConst.TOKEN_STORE_TYPE_KEY, AuthConst.TOKEN_STORE_TYPE_VALUE)) && systemPropsJson.getInt(AuthConst.TOKEN_RENEWAL_EXPIRE_KEY, AuthConst.TOKEN_RENEWAL_EXPIRE_VALUE).intValue() > 0) {
            this.shiroDao.updateTokenExpireTime(tokenFromAuthenticationToken, systemPropsJson.getInt(AuthConst.TOKEN_RENEWAL_EXPIRE_KEY, AuthConst.TOKEN_RENEWAL_EXPIRE_VALUE));
        }
        return new SimpleAuthenticationInfo(shiroUser, tokenFromAuthenticationToken, getName());
    }
}
