package com.frameworkset.platform.admin.action;

import com.frameworkset.util.StringUtil;
import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Map;
import java.util.Random;
import javax.imageio.ImageIO;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.log4j.Logger;
import org.frameworkset.platform.action.SysInfo;
import org.frameworkset.platform.config.ConfigManager;
import org.frameworkset.platform.framework.Framework;
import org.frameworkset.platform.framework.Item;
import org.frameworkset.platform.framework.MenuHelper;
import org.frameworkset.platform.framework.Module;
import org.frameworkset.platform.framework.SubSystem;
import org.frameworkset.platform.security.AccessControl;
import org.frameworkset.platform.security.PermissionModule;
import org.frameworkset.platform.security.authorization.AccessException;
import org.frameworkset.util.FileCopyUtils;
import org.frameworkset.util.I18NUtil;
import org.frameworkset.util.annotations.AssertDToken;
import org.frameworkset.util.annotations.AssertTicket;
import org.frameworkset.web.servlet.ModelMap;
import org.frameworkset.web.servlet.support.RequestContextUtils;

/* loaded from: input_file:com/frameworkset/platform/admin/action/SSOControler.class */
public class SSOControler {
    private static Logger log = Logger.getLogger(SSOControler.class);
    private boolean enableuseraccountsso = false;
    private Font mFont = new Font("Times New Roman", 0, 17);

    public String sso(ModelMap modelMap) {
        modelMap.addAttribute("enableuseraccountsso", new Boolean(this.enableuseraccountsso));
        return this.enableuseraccountsso ? "path:sso" : "path:ssofailed";
    }

    public void generateVerifyCode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        createVerifyCode(httpServletRequest, httpServletResponse, httpServletRequest.getSession());
    }

    private void createVerifyCode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HttpSession httpSession) throws ServletException, IOException {
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        httpServletResponse.setContentType("image/jpeg");
        BufferedImage bufferedImage = new BufferedImage(100, 18, 1);
        Graphics graphics = bufferedImage.getGraphics();
        Random random = new Random();
        graphics.setColor(getRandColor(200, 250));
        graphics.fillRect(1, 1, 100 - 1, 18 - 1);
        graphics.setColor(new Color(102, 102, 102));
        graphics.drawRect(0, 0, 100 - 1, 18 - 1);
        graphics.setFont(this.mFont);
        graphics.setColor(getRandColor(160, 200));
        for (int i = 0; i < 155; i++) {
            int nextInt = random.nextInt(100 - 1);
            int nextInt2 = random.nextInt(18 - 1);
            graphics.drawLine(nextInt, nextInt2, nextInt + random.nextInt(6) + 1, nextInt2 + random.nextInt(12) + 1);
        }
        for (int i2 = 0; i2 < 70; i2++) {
            int nextInt3 = random.nextInt(100 - 1);
            int nextInt4 = random.nextInt(18 - 1);
            graphics.drawLine(nextInt3, nextInt4, nextInt3 - (random.nextInt(12) + 1), nextInt4 - (random.nextInt(6) + 1));
        }
        String str = "";
        for (int i3 = 0; i3 < 6; i3++) {
            char nextInt5 = (char) (random.nextInt(26) + 65);
            str = str + String.valueOf(nextInt5);
            graphics.setColor(new Color(20 + random.nextInt(110), 20 + random.nextInt(110), 20 + random.nextInt(110)));
            graphics.drawString(String.valueOf(nextInt5), (15 * i3) + 10, 16);
        }
        httpSession.setAttribute("verifyCode", str);
        graphics.dispose();
        ImageIO.write(bufferedImage, "JPEG", httpServletResponse.getOutputStream());
    }

    public String cookieLocale(String str, HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        try {
            I18NUtil.setLocale(httpServletRequest, httpServletResponse, str);
        } catch (Exception e) {
            log.error("", e);
        }
        return AccessControl.redirectpathloginPage;
    }

    private String getSuccessRedirect(String str, String str2) {
        StringBuilder sb = new StringBuilder();
        if (StringUtil.isEmpty(str2)) {
            str2 = AccessControl.getDefaultSUBSystemID();
        }
        if (StringUtil.isEmpty(str2)) {
            if (str == null || str.equals("5") || str.equals("6")) {
                sb.append("sanydesktop/indexcommon.page");
            } else if (str.equals("1")) {
                sb.append("index.jsp?subsystem_id=").append(str2);
            } else if (str.equals("3")) {
                sb.append("sanydesktop/index.page");
            } else if (str.equals("2")) {
                sb.append("desktop/desktop1.page");
            } else if (str.equals("4")) {
                sb.append("sanydesktop/webindex.page");
            } else {
                sb.append("sanydesktop/indexcommon.page");
            }
        } else {
            if (str2.equals("cms")) {
                sb.append("index.jsp?subsystem_id=").append(str2);
                return sb.toString();
            }
            SubSystem subSystem = Framework.getSubSystem(str2);
            if (subSystem != null && !StringUtil.isEmpty(subSystem.getSuccessRedirect())) {
                sb.append(subSystem.getSuccessRedirect());
            } else if (str == null || str.equals("5") || str.equals("6")) {
                sb.append("sanydesktop/indexcommon.page");
            } else if (str.equals("1")) {
                sb.append("index.jsp?subsystem_id=").append(str2);
            } else if (str.equals("3")) {
                sb.append("sanydesktop/index.page");
            } else if (str.equals("2")) {
                sb.append("desktop/desktop1.page");
            } else if (str.equals("4")) {
                sb.append("sanydesktop/webindex.page");
            } else {
                sb.append("sanydesktop/indexcommon.page");
            }
        }
        return sb.toString();
    }

    public String login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ModelMap modelMap) throws Exception, Exception {
        HttpSession session = httpServletRequest.getSession(false);
        boolean z = false;
        String parameter = httpServletRequest.getParameter("accesscontrol_check_referpath");
        if (parameter != null) {
            if (parameter.equals(httpServletRequest.getContextPath()) || parameter.equals(httpServletRequest.getContextPath() + "/jsp") || parameter.equals("login.jsp") || parameter.equals("login.page")) {
                parameter = null;
            } else {
                z = true;
                modelMap.addAttribute("successRedirect", parameter);
            }
        }
        String parameter2 = httpServletRequest.getParameter("language");
        PermissionModule permissionModule = ConfigManager.getInstance().getPermissionModule();
        boolean configBooleanValue = ConfigManager.getInstance().getConfigBooleanValue("enable_login_validatecode", true);
        modelMap.addAttribute("enable_login_validatecode", Boolean.valueOf(configBooleanValue));
        String str = null;
        String parameter3 = httpServletRequest.getParameter("userName");
        int userPasswordDualTimeByUserAccount = parameter3 != null ? permissionModule.getUserPasswordDualTimeByUserAccount(parameter3) : 0;
        Date passwordExpiredTimeByUserAccount = (userPasswordDualTimeByUserAccount <= 0 || parameter3 == null) ? null : permissionModule.getPasswordExpiredTimeByUserAccount(parameter3);
        if (passwordExpiredTimeByUserAccount != null) {
            modelMap.addAttribute("expriedtime_", new SimpleDateFormat("yyyy-MM-dd").format(passwordExpiredTimeByUserAccount));
            modelMap.addAttribute("userName", parameter3);
            modelMap.addAttribute("expiredays", Integer.valueOf(userPasswordDualTimeByUserAccount));
        }
        if (parameter2 == null) {
            parameter2 = RequestContextUtils.getLocaleResolver(httpServletRequest).resolveLocaleCode(httpServletRequest);
        } else {
            RequestContextUtils.getLocaleResolver(httpServletRequest).setLocale(httpServletRequest, httpServletResponse, parameter2);
        }
        modelMap.addAttribute("language", parameter2);
        String parameter4 = httpServletRequest.getParameter("loginPath");
        String parameter5 = httpServletRequest.getParameter("subsystem_id");
        String cookieValue = StringUtil.getCookieValue(httpServletRequest, "loginStyle");
        String cookieValue2 = StringUtil.getCookieValue(httpServletRequest, "subsystem_id");
        if (parameter4 != null) {
            StringUtil.addCookieValue(httpServletRequest, httpServletResponse, "loginStyle", parameter4);
            cookieValue = parameter4;
        }
        if (cookieValue == null) {
            cookieValue = "5";
        }
        if (parameter5 != null) {
            StringUtil.addCookieValue(httpServletRequest, httpServletResponse, "subsystem_id", parameter5);
        }
        modelMap.addAttribute("system_id", cookieValue2);
        modelMap.addAttribute("loginStyle", cookieValue);
        modelMap.addAttribute("defaultmodulename", Framework.getSystemName("module", httpServletRequest));
        String clientIP = StringUtil.getClientIP(httpServletRequest);
        String isSpesialUser = permissionModule.isSpesialUser(clientIP);
        if (isSpesialUser != null && parameter3 == null) {
            String parameter6 = httpServletRequest.getParameter("subsystem_id");
            try {
                AccessControl accessControl = AccessControl.getInstance();
                accessControl.checkAccess(httpServletRequest, httpServletResponse, false);
                String userAccount = accessControl.getUserAccount();
                httpServletRequest.setAttribute("fromsso", "true");
                if (userAccount != null && !"".equals(userAccount) && isSpesialUser.equals(userAccount)) {
                    if (parameter6 == null) {
                        parameter6 = AccessControl.getDefaultSUBSystemID();
                    }
                    if (parameter == null) {
                        parameter = getSuccessRedirect(parameter4, parameter6);
                    }
                    if (!z) {
                        AccessControl.recordIndexPage(httpServletRequest, parameter);
                        AccessControl.recordeSystemLoginPage(httpServletRequest, httpServletResponse);
                    }
                    httpServletResponse.sendRedirect(parameter);
                    return null;
                }
                try {
                    if (!isSpesialUser.equals(userAccount)) {
                        AccessControl.resetSession(session);
                    }
                    AccessControl.getInstance().login(httpServletRequest, httpServletResponse, isSpesialUser, permissionModule.getUserPassword(isSpesialUser));
                    if (parameter6 == null) {
                        parameter6 = AccessControl.getDefaultSUBSystemID();
                    }
                    if (parameter == null) {
                        parameter = getSuccessRedirect(parameter4, parameter6);
                    }
                    if (!z) {
                        AccessControl.recordIndexPage(httpServletRequest, parameter);
                        AccessControl.recordeSystemLoginPage(httpServletRequest, httpServletResponse);
                    }
                    httpServletResponse.sendRedirect(parameter);
                    return null;
                } catch (Exception e) {
                    httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/jsp/common/ssofail.jsp?userName=" + isSpesialUser + "&ip=" + clientIP);
                    return null;
                }
            } catch (Exception e2) {
            }
        } else if (httpServletRequest.getParameter("flag") != null) {
            String parameter7 = httpServletRequest.getParameter("password");
            if (parameter3 != null) {
                if (configBooleanValue) {
                    try {
                        permissionModule.validatecode(httpServletRequest);
                    } catch (Exception e3) {
                        str = e3.getMessage();
                        if (str == null) {
                            str = RequestContextUtils.getI18nMessage("sany.pdp.login.failed", httpServletRequest);
                        }
                    } catch (AccessException e4) {
                        str = e4.getMessage();
                        if (str == null) {
                            str = RequestContextUtils.getI18nMessage("sany.pdp.login.failed", httpServletRequest);
                        }
                    }
                }
                AccessControl.getInstance().login(httpServletRequest, httpServletResponse, parameter3, parameter7);
                String parameter8 = httpServletRequest.getParameter("subsystem_id");
                if (parameter8 == null) {
                    parameter8 = AccessControl.getDefaultSUBSystemID();
                }
                if (parameter == null) {
                    parameter = getSuccessRedirect(parameter4, parameter8);
                }
                if (!z) {
                    AccessControl.recordIndexPage(httpServletRequest, parameter);
                    AccessControl.recordeSystemLoginPage(httpServletRequest, httpServletResponse);
                }
                httpServletResponse.sendRedirect(parameter);
                return null;
            }
        }
        if (str != null) {
            modelMap.addAttribute("errorMessage", str);
        }
        List<SubSystem> subsystemList = Framework.getInstance().getSubsystemList();
        ArrayList arrayList = new ArrayList();
        SysInfo sysInfo = new SysInfo();
        sysInfo.setName(Framework.getSystemName("module", httpServletRequest));
        sysInfo.setSysid("module");
        arrayList.add(sysInfo);
        if (subsystemList != null && subsystemList.size() > 0) {
            for (SubSystem subSystem : subsystemList) {
                SysInfo sysInfo2 = new SysInfo();
                sysInfo2.setName(Framework.getSystemName(subSystem.getId(), httpServletRequest));
                sysInfo2.setSysid(subSystem.getId());
                if (cookieValue2 != null && cookieValue2.equals(sysInfo2.getSysid())) {
                    sysInfo2.setSelected(true);
                }
                arrayList.add(sysInfo2);
            }
        }
        modelMap.addAttribute("systemList", arrayList);
        return "path:login";
    }

    @AssertTicket
    public void ssowithticket(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        _ssowithtoken(httpServletRequest, httpServletResponse);
    }

    @AssertDToken
    public void ssowithtoken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        _ssowithtoken(httpServletRequest, httpServletResponse);
    }

    public void _ssowithtoken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str;
        String decode;
        String decode2;
        String parameter = httpServletRequest.getParameter("successRedirect");
        if (!StringUtil.isEmpty(parameter)) {
            parameter = StringUtil.getRealPath(httpServletRequest, parameter, true);
        }
        String str2 = (String) httpServletRequest.getAttribute("token_request_account_key");
        String str3 = (String) httpServletRequest.getAttribute("token_request_worknumber_key");
        String str4 = "1";
        if (StringUtil.isEmpty(str2)) {
            str2 = str3;
            str4 = "2";
        }
        PermissionModule permissionModule = ConfigManager.getInstance().getPermissionModule();
        String parameter2 = httpServletRequest.getParameter("loginMenu");
        String contextPath = httpServletRequest.getContextPath();
        String str5 = parameter2 != null ? parameter2 : "newGetDoc";
        HttpSession session = httpServletRequest.getSession();
        try {
            AccessControl accessControl = AccessControl.getInstance();
            accessControl.checkAccess(httpServletRequest, httpServletResponse, false);
            String userAccount = accessControl.getUserAccount();
            String userAttribute = accessControl.getUserAttribute("userWorknumber");
            boolean z = false;
            if (str4.equals("2")) {
                if (userAttribute != null && !userAttribute.equals("")) {
                    z = str2.equals(userAttribute);
                }
            } else if (userAccount != null && !userAccount.equals("")) {
                z = str2.equals(userAccount);
            }
            if (userAccount != null && !"".equals(userAccount) && z) {
                accessControl.resetUserAttributes();
                if (StringUtil.isEmpty(parameter)) {
                    Item menuByID = Framework.getInstance(accessControl.getCurrentSystemID()).getMenuByID(str5);
                    if (menuByID instanceof Item) {
                        Item item = menuByID;
                        decode2 = MenuHelper.getRealUrl(contextPath, Framework.getWorkspaceContent(item, accessControl), new String[]{"menupath_menuid", item.getId()});
                    } else {
                        Module module = (Module) menuByID;
                        StringBuilder sb = new StringBuilder();
                        sb.append(contextPath).append("/sanydesktop/singleframe.page?").append("pdp_menupath").append("=").append(module.getPath());
                        decode2 = sb.toString();
                    }
                    AccessControl.recordIndexPage(httpServletRequest, decode2);
                } else {
                    decode2 = URLDecoder.decode(parameter);
                }
                httpServletResponse.sendRedirect(decode2);
                return;
            }
            if (!z) {
                AccessControl.resetSession(session);
            }
            try {
                if (str4.equals("1")) {
                    str = permissionModule.getUserPassword(str2);
                    if (str == null) {
                        throw new AccessException("用户" + str2 + "不存在。");
                    }
                } else {
                    Map userNameAndPasswordByWorknumber = permissionModule.getUserNameAndPasswordByWorknumber(str2);
                    if (userNameAndPasswordByWorknumber == null) {
                        throw new AccessException("工号为" + str2 + "的用户不存在。");
                    }
                    str2 = (String) userNameAndPasswordByWorknumber.get("USER_NAME");
                    str = (String) userNameAndPasswordByWorknumber.get("USER_PASSWORD");
                }
                AccessControl accessControl2 = AccessControl.getInstance();
                httpServletRequest.setAttribute("fromsso", "true");
                accessControl2.login(httpServletRequest, httpServletResponse, str2, str);
                if (StringUtil.isEmpty(parameter)) {
                    Item menuByID2 = Framework.getInstance(accessControl2.getCurrentSystemID()).getMenuByID(str5);
                    if (menuByID2 instanceof Item) {
                        Item item2 = menuByID2;
                        decode = MenuHelper.getRealUrl(contextPath, Framework.getWorkspaceContent(item2, accessControl2), new String[]{"menupath_menuid", item2.getId()});
                    } else {
                        Module module2 = (Module) menuByID2;
                        StringBuilder sb2 = new StringBuilder();
                        sb2.append(contextPath).append("/sanydesktop/singleframe.page?").append("pdp_menupath").append("=").append(module2.getPath());
                        decode = sb2.toString();
                    }
                    AccessControl.recordIndexPage(httpServletRequest, decode);
                } else {
                    decode = URLDecoder.decode(parameter);
                }
                httpServletResponse.sendRedirect(decode);
            } catch (Exception e) {
                log.info("", e);
                String message = e.getMessage();
                if (message == null) {
                    message = "";
                }
                StringBuilder sb3 = new StringBuilder();
                sb3.append(contextPath).append("/webseal/websealloginfail.jsp?userName=").append(str2).append("&ip=").append(StringUtil.getClientIP(httpServletRequest)).append("&errormsg=").append(URLEncoder.encode(URLEncoder.encode(message, "UTF-8"), "UTF-8"));
                httpServletResponse.sendRedirect(sb3.toString());
            }
        } catch (Throwable th) {
            log.info("", th);
            String message2 = th.getMessage();
            if (message2 == null) {
                message2 = "";
            }
            try {
                FileCopyUtils.copy(message2 + "," + str2 + "登陆失败，请确保输入的用户名和口令是否正确！", new OutputStreamWriter((OutputStream) httpServletResponse.getOutputStream(), "UTF-8"));
            } catch (IOException e2) {
                log.info("", e2);
            }
        }
    }

    private Color getRandColor(int i, int i2) {
        Random random = new Random();
        if (i > 255) {
            i = 255;
        }
        if (i2 > 255) {
            i2 = 255;
        }
        return new Color(i + random.nextInt(i2 - i), i + random.nextInt(i2 - i), i + random.nextInt(i2 - i));
    }

    public String switchSystem(HttpServletRequest httpServletRequest, ModelMap modelMap) {
        MenuHelper.getMenuHelper(httpServletRequest, true);
        String indexPage = AccessControl.getIndexPage(httpServletRequest);
        if (!indexPage.startsWith("/")) {
            indexPage = "/" + indexPage;
        }
        modelMap.addAttribute("selected", AccessControl.getAccessControl().getCurrentSystemID());
        return indexPage;
    }
}
