package com.xdja.pams.iam;

import com.alibaba.fastjson.JSON;
import com.xdja.agreement.config.SystemConfig;
import com.xdja.pams.bims.dao.MobileDao;
import com.xdja.pams.bims.entity.Mobile;
import com.xdja.pams.bims.entity.Person;
import com.xdja.pams.bims.service.UserManageService;
import com.xdja.pams.common.commonconst.PamsConst;
import com.xdja.pams.common.util.Util;
import com.xdja.pams.iam.bean.IdpAuthResult;
import com.xdja.pams.iam.bean.IdpException;
import com.xdja.pams.iam.bean.IdpParam;
import com.xdja.pams.iam.bean.IdpResult;
import com.xdja.pams.iam.helper.ParamCheckHelper;
import com.xdja.pams.iam.manager.SafeCardIdpAuthManager;
import com.xdja.pams.iam.manager.UserPwdIdpAuthManager;
import com.xdja.pams.scms.entity.Device;
import com.xdja.pams.scms.service.DeviceService;
import java.util.List;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;

@RequestMapping({"/iam"})
@Controller
/* loaded from: input_file:com/xdja/pams/iam/IamIdpController.class */
public class IamIdpController {
    private static final Logger LOGGER = LoggerFactory.getLogger(IamIdpController.class);

    @Autowired
    private UserManageService userManageService;

    @Autowired
    private DeviceService deviceService;

    @Autowired
    private MobileDao mobileDao;
    private SystemConfig systemConfig = SystemConfig.getInstance();

    @RequestMapping({"/idp/auth.do"})
    public void doIDPAuth(@RequestBody String str, HttpServletResponse httpServletResponse) {
        ParamCheckHelper paramCheckHelper = new ParamCheckHelper(str);
        paramCheckHelper.setSecret(this.systemConfig.getString("iam.idp.secret"));
        paramCheckHelper.checkParam();
        IdpParam idpParam = (IdpParam) JSON.parseObject(str, IdpParam.class);
        String[] split = idpParam.getAuthMode().split(PamsConst.COMMA);
        try {
            IdpAuthResult idpAuthResult = new IdpAuthResult();
            for (String str2 : split) {
                if (!Util.varCheckEmp(str2)) {
                    if ("1".equals(str2.trim())) {
                        new SafeCardIdpAuthManager(idpParam, this.deviceService).auth(idpAuthResult);
                    }
                    if ("2".equals(str2.trim())) {
                        new UserPwdIdpAuthManager(idpParam, this.userManageService).auth(idpAuthResult);
                    }
                }
            }
            checkPersonDevice(idpAuthResult);
            Util.writeUtf8JSON(httpServletResponse, Util.toJsonStr(IdpResult.success(idpAuthResult)));
        } catch (IdpException e) {
            IdpResult.ErrorCode errorCode = e.getErrorCode();
            LOGGER.error(errorCode.getDesc(), e);
            Util.writeUtf8JSON(httpServletResponse, Util.toJsonStr(IdpResult.error(errorCode)));
        } catch (Exception e2) {
            LOGGER.error(e2.getMessage(), e2);
            Util.writeUtf8JSON(httpServletResponse, Util.toJsonStr(IdpResult.error(IdpResult.ErrorCode.SERVER_INTERNAL_EXCEPTION)));
        }
    }

    private void checkPersonDevice(IdpAuthResult idpAuthResult) {
        Person person = idpAuthResult.getPerson();
        Device device = idpAuthResult.getDevice();
        if (person == null || device == null) {
            if (person == null && device == null) {
                throw new IdpException(IdpResult.ErrorCode.UNKNOWN_USER);
            }
            if (person == null) {
                person = this.userManageService.getPersonByPersonId(device.getPersonId());
                idpAuthResult.setPerson(person);
            }
        } else if (!person.getId().equals(device.getPersonId())) {
            LOGGER.error("安全卡和人员不匹配");
            throw new IdpException(IdpResult.ErrorCode.PERSON_CARD_NOT_MATCH);
        }
        List<Mobile> mobiledList = person.getMobiledList();
        if (mobiledList == null || mobiledList.isEmpty()) {
            mobiledList = this.mobileDao.queryMobileByPersonId(person.getId());
        }
        idpAuthResult.setMobiles(mobiledList);
    }
}
