package com.github.dennisit.vplus.data.security;

import com.github.dennisit.vplus.data.enums.common.EnableEnum;
import com.github.dennisit.vplus.data.utils.RegexUtils;
import java.util.regex.Pattern;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.util.CollectionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/github/dennisit/vplus/data/security/AuthorityRealm.class */
public class AuthorityRealm extends AuthorizingRealm {
    private static final Logger LOG = LoggerFactory.getLogger(AuthorityRealm.class);
    private AuthorityIFace<Authority, Long> authorityIface;
    private boolean onlyAdmin;

    public AuthorityRealm(AuthorityIFace authorityIFace) {
        this.onlyAdmin = false;
        this.authorityIface = authorityIFace;
    }

    public AuthorityRealm(CacheManager cacheManager, CredentialsMatcher credentialsMatcher) {
        super(cacheManager, credentialsMatcher);
        this.onlyAdmin = false;
    }

    public AuthorityRealm(CacheManager cacheManager, CredentialsMatcher credentialsMatcher, AuthorityIFace authorityIFace) {
        this(cacheManager, credentialsMatcher, authorityIFace, false);
    }

    public AuthorityRealm(CacheManager cacheManager, CredentialsMatcher credentialsMatcher, AuthorityIFace authorityIFace, boolean z) {
        super(cacheManager, credentialsMatcher);
        this.onlyAdmin = false;
        this.authorityIface = authorityIFace;
        this.onlyAdmin = z;
    }

    public AuthorityRealm(CacheManager cacheManager) {
        super(cacheManager);
        this.onlyAdmin = false;
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Authority authority = (Authority) principalCollection.getPrimaryPrincipal();
        LOG.info("当前登录用户:{}", authority.getShowName());
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addStringPermissions(this.authorityIface.selectPermissions(Long.valueOf(authority.getUserId())));
        simpleAuthorizationInfo.addRoles(this.authorityIface.selectRoles(Long.valueOf(authority.getUserId())));
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
        String str = (String) usernamePasswordToken.getPrincipal();
        String str2 = new String((char[]) usernamePasswordToken.getCredentials());
        Authority selectByEmail = Pattern.matches(RegexUtils.EMAIL, str) ? this.authorityIface.selectByEmail(str) : Pattern.matches(RegexUtils.PHONE, str) ? this.authorityIface.selectByPhone(str) : this.authorityIface.selectByProviderUerId(str);
        if (null == selectByEmail) {
            throw new UnknownAccountException("账号不存在");
        }
        if (this.onlyAdmin && !CollectionUtils.isEmpty(this.authorityIface.selectRoles(Long.valueOf(selectByEmail.getUserId())))) {
            throw new AuthenticationException("非系统管理账号");
        }
        if (EnableEnum.DISABLE.getValue() == selectByEmail.getEnabled()) {
            throw new LockedAccountException("账号锁定");
        }
        return new SimpleAuthenticationInfo(selectByEmail, str2, ByteSource.Util.bytes(selectByEmail.getSalt()), getName());
    }

    public void setOnlyAdmin(boolean z) {
        this.onlyAdmin = z;
    }

    public void setAuthorityIFace(AuthorityIFace authorityIFace) {
        this.authorityIface = authorityIFace;
    }
}
