package com.supermap.services.rest.resources.impl;

import com.supermap.services.rest.HttpException;
import com.supermap.services.rest.resources.JaxrsResourceBase;
import com.supermap.services.security.BuiltInToken;
import com.supermap.services.security.SecurityUtility;
import com.supermap.services.security.ShiroUtil;
import java.io.IOException;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.POST;
import javax.ws.rs.core.Context;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.restlet.data.Status;

/* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/rest/resources/impl/BindOAuth2UserResource.class */
public class BindOAuth2UserResource extends JaxrsResourceBase {

    /* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/rest/resources/impl/BindOAuth2UserResource$BindParameter.class */
    public static class BindParameter {
        public String openID;
        public String loginType;
        public String username;
        public String password;
    }

    /* loaded from: input_file:BOOT-INF/lib/iserver-all-10.0.1-18030-10.0.1-SNAPSHOT.jar:com/supermap/services/rest/resources/impl/BindOAuth2UserResource$BindResult.class */
    public enum BindResult {
        OK,
        INCORRECT_USERNAME_PASSWORD
    }

    @POST
    public BindResult bind(@Context HttpServletRequest httpServletRequest, @Context HttpServletResponse httpServletResponse, @Context ServletContext servletContext, BindParameter bindParameter) throws IOException {
        if (bindParameter == null || StringUtils.isBlank(bindParameter.loginType) || StringUtils.isBlank(bindParameter.openID)) {
            throw new HttpException(Status.CLIENT_ERROR_BAD_REQUEST, "request is invalid!");
        }
        if (StringUtils.isBlank(bindParameter.username) || StringUtils.isBlank(bindParameter.password)) {
            throw new HttpException(Status.CLIENT_ERROR_BAD_REQUEST, "username or password is null!");
        }
        if (ShiroUtil.authenticateToken(new UsernamePasswordToken(bindParameter.username, bindParameter.password)) == null) {
            return BindResult.INCORRECT_USERNAME_PASSWORD;
        }
        SecurityUtility.getOAuth2UserDAO(servletContext).bindOAuthUser(bindParameter.openID, bindParameter.loginType.toUpperCase(), bindParameter.username);
        ShiroUtil.login(httpServletRequest, httpServletResponse, new BuiltInToken(bindParameter.username).lookupRole(true).lookupPermission(true).save(true));
        return BindResult.OK;
    }
}
