package koal.usap.client.author;

import com.google.gson.GsonBuilder;
import com.koal.security.pki.x509.Certificate;
import com.koal.security.pki.x509.Name;
import java.math.BigInteger;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import koal.pki.attr.KlAcComp;
import koal.usap.client.bean.AuthorBean;
import koal.usap.client.bean.ReturnDataBean;
import koal.usap.client.constant.PoliceType;
import koal.usap.client.exception.CertExceptionType;
import koal.usap.client.exception.VerifyFalseException;
import koal.usap.client.pep.PkiCertMgr;
import koal.usap.client.pep.bean.AuditBean;
import koal.usap.client.pep.bean.CertVerifyBean;
import koal.usap.client.pep.ldap.ClientLdapConfig;
import koal.usap.client.pep.ldap.biz.author.LdapForAuthorImpl;
import koal.usap.client.pep.ldap.biz.pki.IPkiLdapForCert;
import koal.usap.client.pep.util.FileUtil;
import koal.usap.client.ws.base.ClientForData;
import koal.usap.client.ws.util.CertUtil;
import koal.usap.client.ws.util.GetDataHelper;
import koal.usap.client.ws.util.XmlHelper;
import koal.usap.client.ws.xml.XmlUtil;
import org.dom4j.tree.DefaultElement;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:koal/usap/client/author/ClientForAuthor.class */
public class ClientForAuthor extends ClientForData implements IClientForAuthor {
    public static final String BEAN_KEY = "AUTHOR";
    private static final Logger logger = LoggerFactory.getLogger(ClientForAuthor.class);
    public static IPkiLdapForCert pkiLdapForCert = null;
    public static PkiCertMgr pkiCertMgr = null;
    public static Set<String> isSuerCnSet = null;
    private static boolean isStartedUpdateCrl = false;

    private ReturnDataBean<List<Map<String, Object>>> getReqData(Map<String, Object> map, String str) throws Exception {
        if (this.needSvs) {
            map.put("NEED_SVS", "");
        }
        return GetDataHelper.getDataToList(getDataList(this.wsBiz.request(str, XmlHelper.getConditionXml(map, "author")), "authors", "author"));
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getGroupByAppCode(int i) throws Exception {
        HashMap hashMap = new HashMap();
        if (this.pageSize != null && this.pageSize.intValue() > 0) {
            hashMap.put(GetDataHelper.TAG_PAGE_SIZE, String.valueOf(this.pageSize));
        }
        hashMap.put("Page", Integer.valueOf(i));
        return getReqData(hashMap, "GetGroup");
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getAuthorByUserCode(String str) throws Exception {
        String upperCase = str.toUpperCase();
        HashMap hashMap = new HashMap();
        hashMap.put("USER_CODE", upperCase);
        return getReqData(hashMap, "GetAuthorByUser");
    }

    private void verifyCert(byte[] bArr) throws Exception {
        if (null == pkiLdapForCert) {
            throw new VerifyFalseException("证书身份校验实体类未创建，请先调用createPkiLadpForCert方法创建");
        }
        pkiLdapForCert.verifyCert(bArr);
    }

    public void verifyCert(X509Certificate x509Certificate) throws Exception {
        if (null == pkiLdapForCert) {
            throw new VerifyFalseException("证书身份校验实体类未创建，请先调用createPkiLadpForCert方法创建");
        }
        pkiLdapForCert.verifyCert(x509Certificate);
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public AuthorBean getAuthorFromLdapByCert(String str, AuditBean auditBean) throws Exception {
        if (null == str || str.trim().length() == 0) {
            throw new VerifyFalseException(CertExceptionType.CERT_ISNULL_ERROR);
        }
        byte[] certBytes = CertUtil.getCertBytes(str);
        verifyCert(certBytes);
        return getAuthorFromLdapByCode(CertUtil.getGACN(CertUtil.getCert(certBytes))[1], auditBean);
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public AuthorBean getAuthorFromLdapByCode(String str, AuditBean auditBean) throws Exception {
        return new LdapForAuthorImpl(pkiCertMgr.getLdapConfig().getPoolName()).getAuthor(str, this.appCode, null);
    }

    private void sendAuthorAudit(AuthorBean authorBean, AuditBean auditBean) {
        byte[] bytes = new GsonBuilder().create().toJson(authorBean).getBytes();
        DatagramSocket datagramSocket = null;
        try {
            try {
                logger.debug("日志内容：" + new String(bytes));
                logger.debug("日志发送地址：" + auditBean.getSendAuditIp());
                logger.debug("日志发送端口：" + auditBean.getSendAuditPort());
                DatagramPacket datagramPacket = new DatagramPacket(bytes, bytes.length, InetAddress.getByName(auditBean.getSendAuditIp()), auditBean.getSendAuditPort());
                datagramSocket = new DatagramSocket();
                datagramSocket.send(datagramPacket);
                logger.debug("日志发送结束");
                if (null != datagramSocket) {
                    datagramSocket.close();
                }
            } catch (Exception e) {
                logger.error("发送日志失败：", e);
                if (null != datagramSocket) {
                    datagramSocket.close();
                }
            }
        } catch (Throwable th) {
            if (null != datagramSocket) {
                datagramSocket.close();
            }
            throw th;
        }
    }

    public void sendLogToSA(String str) throws Exception {
        sendLogToSA(str, "");
    }

    public void sendLogToSA(String str, String str2) throws Exception {
        Properties readFile = FileUtil.readFile();
        sendLogToSA(str, str2, readFile.getProperty("SAIP"), Integer.parseInt(readFile.get("SAPORT") + ""), readFile.getProperty("appCodeOrUrl"));
    }

    public void sendLogToSA(String str, String str2, String str3, int i, String str4) throws Exception {
        Certificate cert = CertUtil.getCert(CertUtil.getCertBytes(str));
        Name subject = cert.getSubject();
        int componentCount = subject.getComponentCount();
        HashMap hashMap = new HashMap();
        String str5 = "";
        for (int i2 = 0; i2 < componentCount; i2++) {
            String obj = subject.getComponent(i2).toString();
            if (obj != null && obj.contains("=")) {
                String[] split = obj.split("=");
                hashMap.put(split[0], split[1]);
                if (i2 > 0 && i2 < componentCount - 1) {
                    str5 = str5 + split[1];
                }
            }
        }
        String format = new SimpleDateFormat("yyyy-MM-dd hh:mm:ss").format(new Date());
        String str6 = (String) hashMap.get("CN");
        String str7 = CertUtil.getGACN(cert)[0];
        String str8 = (String) hashMap.get("O");
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append("<14>Sep 28 15:47:18 KSSL-MAIN SSL-HRP[0001]: DATE=\"").append(format).append("\" CN=\"").append(str6).append("\" GN=\"").append(str7).append("\" O=\"").append(str8).append("\" ST=\"").append(str5).append("\" ip=\"").append(str2).append("\" url=\"").append("https://fj.pki.sa/" + str4).append("\" result=\"").append("成功").append("\"");
        String stringBuffer2 = stringBuffer.toString();
        byte[] bytes = stringBuffer2.getBytes();
        DatagramSocket datagramSocket = null;
        logger.debug("发送日志内容:" + stringBuffer2);
        logger.debug("日志接口服务IP:" + str3);
        logger.debug("日志接口服务端口:" + i);
        try {
            try {
                DatagramPacket datagramPacket = new DatagramPacket(bytes, bytes.length, InetAddress.getByName(str3), i);
                datagramSocket = new DatagramSocket();
                datagramSocket.send(datagramPacket);
                if (null != datagramSocket) {
                    datagramSocket.close();
                }
            } catch (Exception e) {
                logger.error("", e);
                if (null != datagramSocket) {
                    datagramSocket.close();
                }
            }
        } catch (Throwable th) {
            if (null != datagramSocket) {
                datagramSocket.close();
            }
            throw th;
        }
    }

    public static IPkiLdapForCert createPkiLadpForCert(String str, int i, String str2, String str3, String str4) throws Exception {
        return createPkiLadpForCert(str, i, str2, null, 0, null, str3, str4);
    }

    public static IPkiLdapForCert createPkiLadpForCert(String str, int i, String str2, String str3, int i2, String str4, String str5, String str6) throws Exception {
        if (pkiLdapForCert == null) {
            ClientLdapConfig clientLdapConfig = null;
            if (str != null) {
                try {
                    clientLdapConfig = new ClientLdapConfig(str, i, str2);
                } catch (Exception e) {
                    logger.error("", e);
                }
            }
            ClientLdapConfig clientLdapConfig2 = null;
            if (str3 != null) {
                try {
                    clientLdapConfig2 = new ClientLdapConfig(str3, i2, str4);
                } catch (Exception e2) {
                    logger.error("", e2);
                }
            }
            CertVerifyBean certVerifyBean = new CertVerifyBean(true, true, str6, str5);
            logger.debug("证书链存放目录：" + str6);
            logger.debug("黑名单存放目录：" + str5);
            pkiCertMgr = new PkiCertMgr(clientLdapConfig, clientLdapConfig2, certVerifyBean);
            pkiLdapForCert = pkiCertMgr.getJitPkiLdapCert();
        }
        return pkiLdapForCert;
    }

    public static IPkiLdapForCert createPkiLadpForCert(ClientLdapConfig clientLdapConfig, ClientLdapConfig clientLdapConfig2, CertVerifyBean certVerifyBean) throws Exception {
        if (pkiLdapForCert == null) {
            pkiCertMgr = new PkiCertMgr(clientLdapConfig, clientLdapConfig2, certVerifyBean);
            pkiLdapForCert = pkiCertMgr.getJitPkiLdapCert();
        }
        return pkiLdapForCert;
    }

    public X509Certificate policeCert(String str) throws Exception {
        if (null == str || str.trim().length() == 0) {
            throw new VerifyFalseException(CertExceptionType.CERT_ISNULL_ERROR);
        }
        Certificate certFromBase64 = CertUtil.getCertFromBase64(str);
        if (getIsSuerCnSet().contains(certFromBase64.getIssuerCommonName())) {
            return certFromBase64.certKoal2Java();
        }
        return null;
    }

    public synchronized Set<String> getIsSuerCnSet() throws Exception {
        if (isSuerCnSet == null) {
            isSuerCnSet = new HashSet();
            String str = (String) FileUtil.readFile().get("policeCert");
            if (str != null) {
                for (String str2 : str.split(",")) {
                    if (str2 != null && str2.trim().length() > 0) {
                        isSuerCnSet.add(str2.trim());
                    }
                }
            }
        }
        return isSuerCnSet;
    }

    public String getAuthorByCert(X509Certificate x509Certificate, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, long j, long j2, int i) throws Exception {
        String str10 = null;
        switch (i) {
            case 1:
                switch (getPoliceTypeByCertStr(x509Certificate)) {
                    case POLICE:
                        str10 = getPMIAuthorByCert(x509Certificate, str, str2, str3, str4, str5, str6, str7, str8, str9, j, j2);
                        new AuthorBean(CertUtil.getGACN(CertUtil.getCert(x509Certificate))[1], this.appCode).setAppName(str10);
                        break;
                    case AUXILIARY_POLICE:
                        str10 = getUsapAutherByCert(x509Certificate).toRoleOrResoure();
                        break;
                    default:
                        System.out.println("既不是警员证书，也不是警辅证书");
                        break;
                }
            case 2:
                str10 = getUsapAutherByCert(x509Certificate).toRoleOrResoure();
                break;
            case 3:
                str10 = getPMIAuthorByCert(x509Certificate, str, str2, str3, str4, str5, str6, str7, str8, str9, j, j2);
                new AuthorBean(CertUtil.getGACN(CertUtil.getCert(x509Certificate))[1], this.appCode).setAppName(str10);
                break;
            default:
                System.out.println("授权来源设置有错");
                break;
        }
        sendLogToSA(CertUtil.getCertBase64(x509Certificate), str9, str7, Integer.valueOf(str8).intValue(), str5 + str4);
        return str10;
    }

    public String getPMIAuthorByCert(X509Certificate x509Certificate, String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, long j, long j2) throws Exception {
        KlAcComp klAcComp = new KlAcComp();
        klAcComp.setBaseDN(str2);
        if (str6 != null) {
            klAcComp.setAuditMethod(str6);
        }
        if (str7 != null && str7.trim().length() > 0 && str8 != null && str8.trim().length() > 0) {
            klAcComp.setAuditParameter(str7, str8);
        }
        klAcComp.setClientIP(str9);
        klAcComp.setdefualtTime(j);
        klAcComp.setDownLoadInterval(j2);
        klAcComp.setParameter(str, str3);
        klAcComp.setPKICertificate(x509Certificate);
        return klAcComp.getPrivilegeList(str, str3, str4, str5);
    }

    public PoliceType getPoliceTypeByCertStr(X509Certificate x509Certificate) throws Exception {
        return getPoliceTypeByCertStr(CertUtil.getCert(x509Certificate));
    }

    public PoliceType getPoliceTypeByCertStr(String str) throws Exception {
        return getPoliceTypeByCertStr(CertUtil.getCertFromBase64(str));
    }

    public PoliceType getPoliceTypeByCertStr(Certificate certificate) throws Exception {
        String certType = CertUtil.getCertType(certificate);
        if (certType != null && certType.contains("1102")) {
            return PoliceType.AUXILIARY_POLICE;
        }
        if (certType == null || !certType.contains("1101")) {
            return null;
        }
        return PoliceType.POLICE;
    }

    public AuthorBean getUsapAutherByCert(X509Certificate x509Certificate) throws Exception {
        return getUsapAutherByCert(CertUtil.getCertBase64(x509Certificate));
    }

    public AuthorBean getUsapAutherByCert(String str) throws Exception {
        List<Map<String, Object>> data = getAuthorByUserCert(str, false).getData();
        if (null == data || data.size() <= 0) {
            return null;
        }
        return (AuthorBean) new GsonBuilder().create().fromJson(data.get(0).get(BEAN_KEY).toString(), AuthorBean.class);
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getAuthorByUserCert(String str, boolean z) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("CERTIFICATE", str);
        hashMap.put("VERIFY_CERT", String.valueOf(z));
        if (this.needSvs) {
            hashMap.put("NEED_SVS", "");
        }
        return getReqData(hashMap, "GetAuthorByUser");
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getUserByAppCode(int i) throws Exception {
        HashMap hashMap = new HashMap();
        if (this.pageSize != null && this.pageSize.intValue() > 0) {
            hashMap.put(GetDataHelper.TAG_PAGE_SIZE, String.valueOf(this.pageSize));
        }
        hashMap.put("Page", Integer.valueOf(i));
        return getReqData(hashMap, "GetUserByApp");
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getAuthorByOrgCode(String str, int i) throws Exception {
        HashMap hashMap = new HashMap();
        if (this.pageSize != null && this.pageSize.intValue() > 0) {
            hashMap.put(GetDataHelper.TAG_PAGE_SIZE, String.valueOf(this.pageSize));
        }
        hashMap.put("ORG_CODE", str);
        hashMap.put("Page", Integer.valueOf(i));
        return getReqData(hashMap, "GetAuthorByOrg");
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getRoleByAppCode(int i) throws Exception {
        HashMap hashMap = new HashMap();
        if (this.pageSize != null && this.pageSize.intValue() > 0) {
            hashMap.put(GetDataHelper.TAG_PAGE_SIZE, String.valueOf(this.pageSize));
        }
        hashMap.put("Page", Integer.valueOf(i));
        return getReqData(hashMap, "GetRoleByApp");
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getResourceByAppCode(int i) throws Exception {
        HashMap hashMap = new HashMap();
        if (this.pageSize != null && this.pageSize.intValue() > 0) {
            hashMap.put(GetDataHelper.TAG_PAGE_SIZE, String.valueOf(this.pageSize));
        }
        hashMap.put("Page", Integer.valueOf(i));
        return getReqData(hashMap, "GetResourceByApp");
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public boolean mgrResourceByAppCode(Map<String, Object> map) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.putAll(map);
        return XmlUtil.reqIsSuccess(this.wsBiz.request("AppResourceMgr", XmlHelper.getConditionXml(hashMap, "author")));
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public boolean mgrRoleByAppCode(Map<String, Object> map) throws Exception {
        String conditionXml;
        HashMap hashMap = new HashMap();
        hashMap.putAll(map);
        HashMap hashMap2 = new HashMap();
        if (hashMap.containsKey("RESOURCE_LIST")) {
            List list = (List) hashMap.remove("RESOURCE_LIST");
            StringBuffer stringBuffer = new StringBuffer();
            Object[] array = list.toArray();
            for (int i = 0; i < array.length; i++) {
                stringBuffer.append(array[i]);
                if (i != array.length - 1) {
                    stringBuffer.append(",");
                }
            }
            hashMap2.put("RESOURCE_LIST", stringBuffer);
            DefaultElement defaultElement = new DefaultElement(XmlUtil.TAG_REQ);
            DefaultElement defaultElement2 = new DefaultElement("author");
            XmlUtil.getXML(hashMap, defaultElement2);
            defaultElement.add(defaultElement2);
            DefaultElement defaultElement3 = new DefaultElement("resource");
            XmlUtil.getXML(hashMap2, defaultElement3);
            defaultElement.add(defaultElement3);
            conditionXml = defaultElement.asXML();
        } else {
            conditionXml = XmlHelper.getConditionXml(hashMap, "author");
        }
        return XmlUtil.reqIsSuccess(this.wsBiz.request("AppRoleMgr", conditionXml));
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public ReturnDataBean<List<Map<String, Object>>> getAuthorsByUpdateTime(Date date) throws Exception {
        HashMap hashMap = new HashMap();
        if (this.pageSize != null && this.pageSize.intValue() > 0) {
            hashMap.put(GetDataHelper.TAG_PAGE_SIZE, String.valueOf(this.pageSize));
        }
        hashMap.put("UPDATE_DATE", date);
        return getReqData(hashMap, "GetAuthorsByIndate");
    }

    public synchronized void scheduledSaveCrl(int i) throws Exception {
        if (isStartedUpdateCrl) {
            return;
        }
        if (pkiLdapForCert == null) {
            throw new VerifyFalseException("证书身份校验实体类未创建，请先调用createPkiLadpForCert方法创建");
        }
        Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate(new Runnable() { // from class: koal.usap.client.author.ClientForAuthor.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    ClientForAuthor.pkiLdapForCert.resetCrl();
                } catch (Exception e) {
                    ClientForAuthor.logger.error("", e);
                }
            }
        }, 0L, i, TimeUnit.HOURS);
        isStartedUpdateCrl = true;
    }

    public static void main(String[] strArr) throws Exception {
        ClientForAuthor clientForAuthor = new ClientForAuthor();
        clientForAuthor.initHttp(1, "usap", "name", "pwd", "http://127.0.0.1:9000/");
        createPkiLadpForCert("127.0.0.1", 389, "dc=usap", "127.0.0.1", 389, "dc=usap", null, null);
        System.out.println(clientForAuthor.getAuthorFromLdapByCode("130205194012236425", new AuditBean(true, "127.0.0.1", 10000)).getUserCode());
    }

    public BigInteger getBigIntegerCertSN(X509Certificate x509Certificate) {
        return x509Certificate.getSerialNumber();
    }

    public String getCertCN(X509Certificate x509Certificate) {
        return splt(x509Certificate.getSubjectX500Principal().toString(), "CN");
    }

    public static String splt(String str, String str2) {
        String str3 = null;
        String[] split = str.split(",");
        int i = 0;
        while (i < split.length) {
            if (split[i].trim().substring(0, str2.length()).equals(str2)) {
                str3 = i == 0 ? split[i] : split[i].substring(1, split[i].length());
            }
            i++;
        }
        return str3 == null ? "" : str3.substring(str2.length() + 1, str3.length()).trim();
    }

    public static String trimNotNull(String str) {
        return str == null ? "" : str.trim();
    }

    @Override // koal.usap.client.author.IClientForAuthor
    public Map<String, Object> updateUserAuthorByCode(String str, String str2) throws Exception {
        String upperCase = str.toUpperCase();
        HashMap hashMap = new HashMap();
        hashMap.put("USER_CODE", upperCase);
        List<Map<String, Object>> readXmlToDataList = XmlHelper.readXmlToDataList(this.wsBiz.request("UpdateUserAuthor", getConditionXml(hashMap, str2.split("\\|"), "USER_CODE", "roles")), "author", "");
        HashMap hashMap2 = new HashMap();
        hashMap2.put("result", 1);
        hashMap2.put("msg", "");
        if (readXmlToDataList != null && readXmlToDataList.size() > 0) {
            new HashMap();
            for (int i = 0; i < readXmlToDataList.size(); i++) {
                Map<String, Object> map = readXmlToDataList.get(i);
                if (map != null) {
                    Iterator<String> it = map.keySet().iterator();
                    while (true) {
                        if (it.hasNext()) {
                            String next = it.next();
                            if (next.equals(XmlUtil.TAG_ERROR)) {
                                hashMap2.put("msg", map.get(next));
                                hashMap2.put("result", 0);
                                break;
                            }
                        }
                    }
                }
            }
        }
        return hashMap2;
    }

    public static String getConditionXml(Map<String, Object> map, String[] strArr, String str, String str2) {
        DefaultElement defaultElement = new DefaultElement(XmlUtil.TAG_REQ);
        DefaultElement defaultElement2 = new DefaultElement("author");
        DefaultElement defaultElement3 = new DefaultElement(str);
        defaultElement3.setText((String) map.get(str));
        defaultElement2.add(defaultElement3);
        DefaultElement defaultElement4 = new DefaultElement(str2);
        if (strArr != null && strArr.length > 0) {
            for (String str3 : strArr) {
                DefaultElement defaultElement5 = new DefaultElement("ROLE_CODE");
                defaultElement5.setText(str3);
                defaultElement4.add(defaultElement5);
            }
        }
        map.clear();
        defaultElement2.add(defaultElement4);
        defaultElement.add(defaultElement2);
        return defaultElement.asXML();
    }
}
