package com.vortex.jiangshan.basicinfo.application.security.provider;

import cn.hutool.crypto.Mode;
import cn.hutool.crypto.Padding;
import cn.hutool.crypto.symmetric.AES;
import com.vortex.jiangshan.basicinfo.api.dto.response.staff.StaffInfoDTO;
import com.vortex.jiangshan.basicinfo.api.dto.response.staff.StaffLoginDTO;
import com.vortex.jiangshan.basicinfo.api.enums.UserStatusEnum;
import com.vortex.jiangshan.basicinfo.application.helper.StaffHelper;
import com.vortex.jiangshan.basicinfo.application.security.authentication.LocalUsernamePasswordAuthToken;
import com.vortex.jiangshan.basicinfo.application.service.OrgStaffService;
import com.vortex.jiangshan.common.enums.ExceptionEnum;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.CollectionUtils;

/* loaded from: input_file:com/vortex/jiangshan/basicinfo/application/security/provider/LocalUserProvider.class */
public class LocalUserProvider implements AuthenticationProvider {
    private static final Logger log = LoggerFactory.getLogger(LocalUserProvider.class);
    private OrgStaffService orgStaffService;
    private PasswordEncoder passwordEncoder;

    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String name = authentication.getName();
        String str = (String) authentication.getCredentials();
        StaffLoginDTO loginInfo = this.orgStaffService.loginInfo(name);
        if (Objects.nonNull(loginInfo.getLockTime()) && Math.abs(Duration.between(loginInfo.getLockTime(), LocalDateTime.now()).toMinutes()) > 1) {
            loginInfo.setStatus(Integer.valueOf(UserStatusEnum.NORMAL.getType()));
            this.orgStaffService.unlock(loginInfo);
        }
        if (Objects.nonNull(loginInfo.getStatus()) && UserStatusEnum.LOCK.getType() == loginInfo.getStatus().intValue()) {
            throw new BadCredentialsException("用户已被锁定");
        }
        if (null == loginInfo) {
            throw new BadCredentialsException(ExceptionEnum.user_not_exist.getMessage());
        }
        String str2 = null;
        try {
            str2 = new AES(Mode.ECB, Padding.PKCS5Padding, StaffHelper.ASE_KEY.getBytes()).decryptStr(str);
        } catch (Exception e) {
        }
        if (str2 == null) {
            log.debug("认证失败！");
            throw new BadCredentialsException("认证失败！");
        }
        if (!this.passwordEncoder.matches(str2, loginInfo.getPassword())) {
            this.orgStaffService.addLoginFailureCount(loginInfo);
            throw new BadCredentialsException("用户名或密码错误");
        }
        StaffInfoDTO info = this.orgStaffService.info(loginInfo.getId());
        ArrayList arrayList = new ArrayList();
        if (!CollectionUtils.isEmpty(info.getRoles())) {
            info.getRoles().forEach(roleDTO -> {
                arrayList.add(new SimpleGrantedAuthority(roleDTO.getType() + "-" + roleDTO.getName()));
            });
        }
        return new LocalUsernamePasswordAuthToken(info, str, arrayList);
    }

    public boolean supports(Class<?> cls) {
        return LocalUsernamePasswordAuthToken.class.isAssignableFrom(cls);
    }

    public OrgStaffService getCommonUserDetailsService() {
        return this.orgStaffService;
    }

    public void setCommonUserDetailsService(OrgStaffService orgStaffService) {
        this.orgStaffService = orgStaffService;
    }

    public PasswordEncoder getPasswordEncoder() {
        return this.passwordEncoder;
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }
}
