package com.apache.passport.controller;

import com.apache.api.vo.ResultEntity;
import com.apache.api.vo.ResultMsg;
import com.apache.cache.service.impl.LoadCacheFactory;
import com.apache.cache.service.impl.redis.JedisUtil;
import com.apache.cache.service.impl.redis.RedisCoreFactory;
import com.apache.client.common.SmsUtil;
import com.apache.database.model.Page;
import com.apache.rpc.common.LoadRpcService;
import com.apache.tools.ConfigUtil;
import com.apache.tools.DataMap;
import com.apache.tools.MD5Utils;
import com.apache.tools.RequestTools;
import com.apache.tools.StrUtil;
import com.apache.tools.UUIDUtil;
import com.apache.uct.common.ToolsUtil;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONArray;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"/api/"})
@Controller
/* loaded from: input_file:com/apache/passport/controller/SsoApiAction.class */
public class SsoApiAction {
    private JedisUtil jedisUtil;
    private final String mobile_key = "ius_mobile_obj_";

    private JedisUtil getJedisUtil() {
        if (this.jedisUtil == null) {
            this.jedisUtil = JedisUtil.getInstance();
            this.jedisUtil.setJedisPool(RedisCoreFactory.getInstance().getJedisPool());
        }
        return this.jedisUtil;
    }

    @RequestMapping(value = {"/submit", "/setPwd"}, method = {RequestMethod.POST}, consumes = {"application/json"})
    @ResponseBody
    public Object editUserPass(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, @RequestBody Map<String, String> map) {
        String doNull = StrUtil.doNull(httpServletRequest.getParameter("pageName"), map.get("pageName"));
        Map<String, Object> hashMap = new HashMap();
        hashMap.put("flag", "F");
        if (StrUtil.isNull(doNull) || !"sso-user".equals(doNull)) {
            hashMap.put("msg", "请求的Action地址未定义");
        } else {
            String doNull2 = StrUtil.doNull(httpServletRequest.getParameter("formName"), map.get("formName"));
            if (interfaceChecking(httpServletRequest, doNull, doNull2) && "editPassForm".equalsIgnoreCase(doNull2)) {
                String str = map.get("uctUser.w_userEname");
                String str2 = map.get("userReqKey");
                String str3 = map.get("uctUser.w_mobile");
                String str4 = map.get("code");
                if (StrUtil.isNull(str) || StrUtil.isNull(str2) || StrUtil.isNull(str4)) {
                    hashMap.put("msg", "缺少参数，请核实数据");
                    return hashMap;
                }
                String str5 = map.get("uctUser.userEname");
                if (StrUtil.isNotNull(str5) && !str.equals(str5)) {
                    hashMap.put("msg", "系统检测到数据被篡改");
                    return hashMap;
                }
                getJedisUtil();
                if (!str4.equals(JedisUtil.getInstance().getCacheInfo("ius_mobile_obj_" + str3, 4))) {
                    hashMap.put("msg", "手机验证码验证失败");
                    return hashMap;
                }
                if (!MD5Utils.MD5(str + str3).equals(str2)) {
                    hashMap.put("msg", "系统检测到数据被篡改");
                    return hashMap;
                }
                if (str.endsWith("_admin") && !str.equals(str3)) {
                    map.put("uctUser.userEname", str);
                }
                map.put("resultType", "processSql");
                map.put("modelTypes", "u_uctUser");
                map.put("datasource", "plateform");
                map.put("beforMethodKey", "uniqueCheck");
                map.put("checkColumn", "[{\"key\":\"uctUser.userEname\",\"msg\":\"登录账号\",\"type\":\"or\"},{\"key\":\"uctUser.mobile\",\"msg\":\"或手机号\"},{\"key\":\"uctUser.w_userEname\",\"msg\":\"\",\"check\":\"T\"},{\"key\":\"uctUser.w_mobile\",\"msg\":\"\",\"check\":\"T\"}]");
                map.put("Client-IP", RequestTools.getIp(httpServletRequest));
                map.put("sysPass", ConfigUtil.getInstance().interfacePass());
                hashMap = getResultEntityData(LoadRpcService.service().doService("iusService", "dymicSql", "xml", map, (Class) null));
                if (!ToolsUtil.isEmpty(hashMap) && "T".equals(hashMap.get("flag"))) {
                    getJedisUtil();
                    JedisUtil.getInstance().delObjCache("ius_mobile_obj_" + str3, 4);
                }
            } else {
                hashMap.put("msg", "请求身份验证失败");
            }
        }
        return hashMap;
    }

    @RequestMapping(value = {"/info"}, method = {RequestMethod.GET, RequestMethod.POST})
    @ResponseBody
    public Object selectInfo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str;
        String parameter = httpServletRequest.getParameter("pageName");
        Map<String, Object> hashMap = new HashMap();
        hashMap.put("flag", "F");
        if (StrUtil.isNull(parameter) || !"sso-user".equals(parameter)) {
            hashMap.put("msg", "请求的Action地址未定义");
            return hashMap;
        }
        String parameter2 = httpServletRequest.getParameter("formName");
        if (!interfaceChecking(httpServletRequest, parameter, parameter2)) {
            hashMap.put("msg", "请求身份验证失败");
            return hashMap;
        }
        if ("validatorForm".equalsIgnoreCase(parameter2)) {
            HashMap hashMap2 = new HashMap();
            if (StrUtil.isNotNull(httpServletRequest.getParameter("uctUser.w_userEname"))) {
                hashMap2.put("uctUser.w_userEname", httpServletRequest.getParameter("uctUser.w_userEname"));
            }
            if (StrUtil.isNotNull(httpServletRequest.getParameter("uctUser.w_mobile"))) {
                hashMap2.put("uctUser.w_mobile", httpServletRequest.getParameter("uctUser.w_mobile"));
            }
            if (hashMap2.isEmpty()) {
                hashMap.put("msg", "缺少请求参数");
                return hashMap;
            }
            if (StrUtil.isNotNull(httpServletRequest.getParameter("uctUser.w_sysEname"))) {
                hashMap2.put("uctUser.w_sysEname", httpServletRequest.getParameter("uctUser.w_sysEname"));
            }
            hashMap2.put("resultType", "objInfo");
            hashMap2.put("resultObjType", "obj");
            hashMap2.put("modelTypes", "s_uctUser");
            hashMap2.put("datasource", "plateform");
            hashMap2.put("Client-IP", RequestTools.getIp(httpServletRequest));
            hashMap2.put("sysPass", ConfigUtil.getInstance().interfacePass());
            hashMap2.put("_resultType", "T");
            hashMap2.put("rows", "1");
            hashMap2.put("result_column", "uctUser.userId,uctUser.userEname");
            hashMap = getResultEntityData(LoadRpcService.service().doService("iusService", "dymicSql", "xml", hashMap2, (Class) null));
        } else {
            if ("smsCodeForm".equalsIgnoreCase(parameter2)) {
                String parameter3 = httpServletRequest.getParameter("mobile");
                if (StrUtil.isNull(parameter3)) {
                    return new ResultMsg("F", "手机号码不能为空");
                }
                String randomStr = UUIDUtil.getRandomStr("1", 6, 97);
                Map<String, String> sendSmsByCache = sendSmsByCache(parameter3, randomStr, httpServletRequest.getParameter("sysEname"));
                String str2 = sendSmsByCache.get("code");
                if (!"OK".equals(str2)) {
                    return "isv.DAY_LIMIT_CONTROL".equals(str2) ? new ResultMsg("F", "获取验证码频繁，请24小时后重试") : new ResultMsg("F", sendSmsByCache.get("message"));
                }
                str = "验证码已发送至您的手机上";
                str = "F".equals(sendSmsByCache.get("sms_code_start")) ? str + "[" + randomStr + "]" : "验证码已发送至您的手机上";
                getJedisUtil();
                JedisUtil.getInstance().createObjCache("ius_mobile_obj_" + parameter3, randomStr, 300, 4);
                return new ResultMsg("T", str);
            }
            hashMap.put("msg", "请求身份验证失败");
        }
        return hashMap;
    }

    private Map<String, String> sendSmsByCache(String str, String str2, String str3) {
        Map map;
        Map map2 = null;
        Object cacheObjectByKey = LoadCacheFactory.getInstance().getCacheManager(StrUtil.doNull(str3, "plateform") + "_app_config").getCacheObjectByKey("app_config");
        if (cacheObjectByKey != null && (map = (Map) cacheObjectByKey) != null && map.containsKey("sms_aliyun")) {
            map2 = (Map) map.get("sms_aliyun");
        }
        HashMap hashMap = new HashMap();
        hashMap.put("requestId", "");
        hashMap.put("bizId", "");
        hashMap.put("code", "fail");
        hashMap.put("message", "服务端未找到短信服务商配置信息，请联系平台管理员！");
        if (map2 == null) {
            return hashMap;
        }
        String doNull = StrUtil.doNull(String.valueOf(((Map) map2.get("sms_code_start")).get("appValue")), "F");
        String valueOf = String.valueOf(((Map) map2.get("sms_aliyun_accessKeyId")).get("appValue"));
        String valueOf2 = String.valueOf(((Map) map2.get("sms_aliyun_accessKeySecret")).get("appValue"));
        String valueOf3 = String.valueOf(((Map) map2.get("sms_aliyun_signName")).get("appValue"));
        String valueOf4 = String.valueOf(((Map) map2.get("sms_aliyun_templateCode")).get("appValue"));
        if (!StrUtil.isNull(valueOf) && !StrUtil.isNull(valueOf2) && !StrUtil.isNull(valueOf3) && !StrUtil.isNull(valueOf4)) {
            HashMap hashMap2 = new HashMap();
            hashMap2.put("sms_code_start", doNull);
            hashMap2.put("sms_aliyun_accessKeyId", valueOf);
            hashMap2.put("sms_aliyun_accessKeySecret", valueOf2);
            hashMap2.put("sms_aliyun_signName", valueOf3);
            hashMap2.put("sms_aliyun_templateCode", valueOf4.split(",")[0]);
            hashMap2.put("mobile", str);
            hashMap2.put("codeNo", str2);
            Map<String, String> sendSms = SmsUtil.sendSms(hashMap2);
            sendSms.put("sms_code_start", doNull);
            return sendSms;
        }
        return hashMap;
    }

    private boolean interfaceChecking(HttpServletRequest httpServletRequest, String str, String str2) {
        String doNull = StrUtil.doNull(ConfigUtil.getInstance().findValueByKey("api_security_enable"), "T");
        String doNull2 = StrUtil.doNull(httpServletRequest.getHeader("source_web"), "");
        String doNull3 = StrUtil.doNull(ConfigUtil.getInstance().findValueByKey("request_header_key"), "taste-king");
        if (!"T".equals(doNull) || doNull3.equals(doNull2)) {
            return true;
        }
        String header = httpServletRequest.getHeader("user-string");
        return MD5Utils.MD5(new StringBuilder().append(str).append(str2).append(StrUtil.doNull(httpServletRequest.getHeader("user-timestamp"), "")).append(StrUtil.doNull(StrUtil.doNull(ConfigUtil.getInstance().getValueByKey("api-sign.properties", httpServletRequest.getHeader("user-appid")), ""), "09a544a82227072f07cd3f0c5b1251a5")).toString()).equals(header);
    }

    protected Map<String, Object> getResultEntityData(ResultEntity resultEntity) {
        HashMap hashMap = new HashMap();
        if (resultEntity == null) {
            hashMap.put("flag", "F");
            hashMap.put("msg", "操作失败");
        } else {
            if ("查询成功".equals(resultEntity.getResult()) || (("true".equals(resultEntity.getResult()) && !"F".equals(String.valueOf(resultEntity.getEntity()))) || "T".equals(resultEntity.getResult()))) {
                hashMap.put("flag", "T");
            } else {
                hashMap.put("flag", "F");
            }
            hashMap.put("msg", StrUtil.doNull(StrUtil.isNull(resultEntity.getMessage()) ? "" : resultEntity.getMessage(), resultEntity.getResult()));
            if (resultEntity.getEntity() instanceof Page) {
                hashMap.put("flag", "T");
                Page page = (Page) resultEntity.getEntity();
                hashMap.put("total", Integer.valueOf(page.getCount()));
                hashMap.put("rows", page.getPageObjects());
            } else if (resultEntity.getEntity() instanceof List) {
                List list = (List) resultEntity.getEntity();
                hashMap.put("flag", "T");
                hashMap.put("total", Integer.valueOf(list.size()));
                hashMap.put("rows", list);
            } else if (resultEntity.getEntity() instanceof JSONArray) {
                JSONArray jSONArray = (JSONArray) resultEntity.getEntity();
                hashMap.put("total", Integer.valueOf(jSONArray.size()));
                hashMap.put("rows", jSONArray);
                hashMap.put("msg", StrUtil.doNull(resultEntity.getMessage(), resultEntity.getResult()));
            } else if (resultEntity.getEntity() instanceof DataMap) {
                hashMap.put("flag", "T");
                hashMap.put("result", resultEntity.getEntity());
            } else if (resultEntity.getEntity() instanceof HashMap) {
                hashMap.put("flag", "T");
                hashMap.put("ids", resultEntity.getEntity());
                hashMap.put("result", resultEntity.getEntity());
            } else if (resultEntity.getEntity() instanceof ResultEntity) {
                ResultEntity resultEntity2 = (ResultEntity) resultEntity.getEntity();
                hashMap.put("flag", "T");
                if (resultEntity2.getEntity() != null) {
                    hashMap.put("total", "1");
                } else {
                    hashMap.put("total", "0");
                }
                hashMap.put("result", resultEntity2.getEntity());
            } else {
                if (resultEntity.getEntity() != null) {
                    hashMap.put("total", "1");
                } else {
                    hashMap.put("total", "0");
                }
                hashMap.put("result", resultEntity.getEntity());
            }
        }
        return hashMap;
    }
}
