package cn.ps1.aolai.service;

import cn.ps1.aolai.utils.ConfUtil;
import cn.ps1.aolai.utils.Const;
import cn.ps1.aolai.utils.Digest;
import java.io.PrintWriter;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:cn/ps1/aolai/service/ThirdService.class */
public class ThirdService {
    private static final String TICKET = "ticket";
    private static final String COPMID = "compId";
    private static final String DUTYID = "dutyId";
    private static final String BINDID = "bindId";
    private static final String APPCODE = "appCode";
    private static Logger LOG = LoggerFactory.getLogger(ThirdService.class);

    @Autowired
    private AolaiService aolai;

    @Autowired
    private RedisService redis;

    @Autowired
    private UtilsService utils;

    private boolean verifyAppKey(Object obj) {
        return ConfUtil.APP_KEY.equals(obj) || ConfUtil.ENC_KEY.equals(obj);
    }

    public boolean thirdLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, String> map) {
        if (!map.containsKey(BINDID) || map.containsKey(ConfUtil.USERID)) {
        }
        return false;
    }

    public boolean isSecretKey(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(ConfUtil.CERT_K);
        if (parameter == null) {
            return false;
        }
        String parameter2 = httpServletRequest.getParameter(ConfUtil.JSONSTR);
        if (verifyAppKey(parameter)) {
            if (parameter2 == null) {
                return true;
            }
            return setAttrib(httpServletRequest, this.utils.json2Map(parameter2));
        }
        String sm2PriKey = this.redis.getSm2PriKey(parameter);
        if (sm2PriKey == null || parameter2 == null) {
            return false;
        }
        return setAttrib(httpServletRequest, this.utils.json2Map(Digest.sm2Decrypt(parameter2, sm2PriKey)));
    }

    private boolean setAttrib(HttpServletRequest httpServletRequest, Map<String, Object> map) {
        if (map.isEmpty()) {
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                String str = (String) parameterNames.nextElement();
                map.put(str, httpServletRequest.getParameter(str));
            }
        } else if (map.containsKey("base")) {
            map.remove("base");
        }
        Object obj = map.get(ConfUtil.BASE_DBID);
        if (obj != null) {
            map.put("base", ConfUtil.BASE_NAME + obj + ConfUtil.BASE_DOT);
        }
        if (!map.containsKey("i18n")) {
            map.put("i18n", getUserLang(httpServletRequest));
        }
        httpServletRequest.setAttribute("json", map);
        LOG.debug("> setAttrib(jsonParams)..." + map);
        return true;
    }

    private String getUserLang(HttpServletRequest httpServletRequest) {
        String str = this.utils.userSelf(httpServletRequest).get("userLang");
        return this.utils.isEmpty(str) ? this.utils.getLocale(httpServletRequest).toUpperCase() : str;
    }

    public boolean authAccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Map<String, String> map) throws Exception {
        Map<String, String> userInfo = this.redis.getUserInfo(map.get(ConfUtil.USERID));
        if (userInfo == null) {
            this.redis.clearToken(map);
            return invlidToken(httpServletResponse);
        }
        Map<String, Object> decryptParams = decryptParams(httpServletRequest, userInfo, map);
        String str = ConfUtil.APP_CODE;
        String requestURI = this.utils.getRequestURI(httpServletRequest);
        LOG.debug("> request from " + str + requestURI + "=" + decryptParams);
        if (this.utils.isEmpty(decryptParams.get(APPCODE))) {
            if (str.length() > 0) {
                decryptParams.put(APPCODE, str);
                String trustedRole = trustedRole(decryptParams, userInfo, requestURI);
                if (trustedRole == null) {
                    return denyAccess(httpServletResponse);
                }
                if ("".equals(trustedRole)) {
                    return invlidToken(httpServletResponse);
                }
            }
        } else if (!havePermit(str, requestURI)) {
            return denyAccess(httpServletResponse);
        }
        if (!checkParams(decryptParams, requestURI.substring(1))) {
            return invlidParams(httpServletResponse);
        }
        String str2 = ConfUtil.BASE_DBID;
        if (str.length() > 0 && decryptParams.containsKey(str2)) {
            String str3 = (String) this.utils.json2Map(userInfo.get("userBase")).get(str);
            if (!this.utils.isEmpty(str3) && !"0".equals(str3) && !str3.equals(decryptParams.get(str2))) {
                return invlidParams(httpServletResponse);
            }
        }
        return setAttrib(httpServletRequest, decryptParams);
    }

    private Map<String, Object> decryptParams(HttpServletRequest httpServletRequest, Map<String, String> map, Map<String, String> map2) {
        String str = map2.get(ConfUtil.CERTID);
        httpServletRequest.setAttribute("user", map);
        httpServletRequest.setAttribute(ConfUtil.USERID, map.get(ConfUtil.USERID));
        httpServletRequest.setAttribute(ConfUtil.CERTID, str);
        String parameter = httpServletRequest.getParameter(ConfUtil.JSONSTR);
        if (!ConfUtil.IS_ENC_OMIT && !this.utils.isEmpty(parameter)) {
            parameter = Digest.sm4Decrypt(parameter, str);
        }
        return this.utils.json2Map(parameter);
    }

    private boolean checkParams(Map<?, ?> map, String str) {
        String str2 = ConfUtil.VALID_MUST + ConfUtil.getValid(str);
        return str2.length() == 0 || this.utils.availParams(map, str2.split(ConfUtil.COMMA));
    }

    private boolean havePermit(String str, String str2) {
        if (str.length() == 0) {
            return true;
        }
        String str3 = Const.RDS_APPID + str;
        Map<String, String> hmget = this.redis.hmget(str3);
        if (hmget == null) {
            hmget = getActionList(str);
            LOG.debug("> havePermit..." + hmget);
            if (hmget.isEmpty()) {
                return false;
            }
            this.redis.hmset(str3, hmget, Const.TWO_HH);
        }
        return hmget.containsKey(str2);
    }

    private Map<String, String> getActionList(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("actApp", str);
        hashMap.put("actMark", "0");
        hashMap.put("actState", "1");
        return this.utils.list2Map(this.aolai.findList("ACTION", hashMap), "actUri", "actState");
    }

    private String trustedRole(Map<String, Object> map, Map<String, String> map2, String str) {
        Map<String, Object> roleParams = this.aolai.getRoleParams(map, map2);
        return this.redis.getActionRole(map.get(APPCODE) + "." + roleParams.get(COPMID) + "." + roleParams.get(DUTYID), str);
    }

    public boolean invlidToken(HttpServletResponse httpServletResponse) throws Exception {
        return invalidResult(httpServletResponse, "3");
    }

    private boolean invlidParams(HttpServletResponse httpServletResponse) throws Exception {
        return invalidResult(httpServletResponse, "2");
    }

    private boolean denyAccess(HttpServletResponse httpServletResponse) throws Exception {
        return invalidResult(httpServletResponse, "5");
    }

    private boolean invalidResult(HttpServletResponse httpServletResponse, String str) throws Exception {
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.setCharacterEncoding(Const.UTF8);
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(this.utils.obj2Str(this.utils.result(str)));
        writer.flush();
        writer.close();
        return false;
    }

    public Object getCertKey(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter(TICKET);
        if (!this.utils.isEmpty(parameter) && ConfUtil.IS_API_OPEN) {
            new HashMap();
            HashMap hashMap = new HashMap();
            hashMap.put("certState", "1");
            hashMap.put(ConfUtil.CERTID, parameter);
            Map<String, String> findOne = this.aolai.findOne("CERT", hashMap, ConfUtil.CERTINFO);
            if (findOne.containsKey("status")) {
                int msec = getMsec(httpServletRequest.getParameter("msec"));
                String randStr = Digest.randStr(findOne.get("certKey"));
                this.redis.set(Const.RDS_APPID + parameter, randStr, msec);
                this.redis.set(Const.RDS_CERT + randStr, parameter, msec);
                findOne.put("certKey", randStr);
                return this.utils.success(findOne);
            }
        }
        return this.utils.result("2");
    }

    private int getMsec(String str) {
        return this.utils.isInteger(str) ? Integer.parseInt(str) : Const.TEN_HH;
    }
}
