package cn.hangar.agp.module.security;

import cn.hangar.agp.module.mobile.wechat.WxAccessArg;
import cn.hangar.agp.module.mobile.wechat.WxConfig;
import cn.hangar.agp.module.mobile.wechat.service.WeixinService;
import cn.hangar.agp.platform.core.app.AppContext;
import cn.hangar.agp.platform.core.config.ConfigManager;
import cn.hangar.agp.platform.core.ioc.ContextManager;
import cn.hangar.agp.platform.core.rest.WebHelper;
import cn.hangar.agp.platform.utils.HttpUtil;
import cn.hangar.agp.platform.utils.StringUtils;
import cn.hangar.agp.service.model.IgnoreAuthen;
import cn.hangar.agp.service.model.sys.SysUserAuthenArgument;
import cn.hangar.agp.service.model.sys.VerifyArgument;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.aliyun.dingtalkcontact_1_0.models.GetUserHeaders;
import com.aliyun.dingtalkcontact_1_0.models.GetUserResponseBody;
import com.aliyun.dingtalkoauth2_1_0.Client;
import com.aliyun.dingtalkoauth2_1_0.models.GetUserTokenRequest;
import com.aliyun.teaopenapi.models.Config;
import com.aliyun.teautil.models.RuntimeOptions;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.context.request.WebRequest;

@RequestMapping({"/api/securityservice"})
@Controller
/* loaded from: input_file:cn/hangar/agp/module/security/HttpSecurityServiceCtrl.class */
public class HttpSecurityServiceCtrl {

    @Autowired
    HttpSecurityServiceImpl securityService;

    @RequestMapping({"getCurrentUser"})
    @ResponseBody
    public Object getCurrentUser() {
        return this.securityService.getCurrentUser();
    }

    @RequestMapping({"checkLogin"})
    @ResponseBody
    public Object checkLogin() {
        return Boolean.valueOf(this.securityService.checkLogin());
    }

    @RequestMapping({"refreshAuthorizeUser"})
    @ResponseBody
    public Object refreshAuthorizeUser(String str, String str2, String str3) {
        return this.securityService.refreshAuthorizeUser(str, str2, Boolean.valueOf("true".equalsIgnoreCase(str3)));
    }

    @RequestMapping({"authorizeUser"})
    @IgnoreAuthen
    @ResponseBody
    public Object authorizeUser(@RequestBody SysUserAuthenArgument sysUserAuthenArgument) {
        return this.securityService.authorizeUser(sysUserAuthenArgument);
    }

    @RequestMapping({"changeUserPassword"})
    @IgnoreAuthen
    @ResponseBody
    public Object changeUserPassword(@RequestBody SysUserAuthenArgument sysUserAuthenArgument) {
        return this.securityService.changeUserPassword(sysUserAuthenArgument);
    }

    @RequestMapping({"quitAuthenticateByToken"})
    @ResponseBody
    public Object quitAuthenticateByToken(String str) {
        return this.securityService.quitAuthenticate(str);
    }

    @RequestMapping({"quitAuthenticate"})
    @ResponseBody
    public Object quitAuthenticate() {
        return this.securityService.quitAuthenticate();
    }

    @RequestMapping({"resumeLogin"})
    @IgnoreAuthen
    @ResponseBody
    public Object resumeLogin() {
        return this.securityService.resumeLogin();
    }

    @RequestMapping({"fetchVerifyCode"})
    @IgnoreAuthen
    public ResponseEntity<?> fetchVerifyCode(HttpServletRequest httpServletRequest) {
        return new ResponseEntity<>(this.securityService.fetchVerifyCode(WebHelper.requestToMap(httpServletRequest)), HttpStatus.OK);
    }

    @RequestMapping({"verifyAuthenticate"})
    @IgnoreAuthen
    public Boolean verifyAuthenticate(VerifyArgument verifyArgument) {
        return this.securityService.verifyAuthenticate(verifyArgument);
    }

    @RequestMapping({"/threepartlogin"})
    @IgnoreAuthen
    public String wxlogin(HttpServletRequest httpServletRequest, String str, String str2, String str3, String str4) throws Exception {
        String redirectURL = ConfigManager.getProperty("threeLogin.redirecturl") == null ? getRedirectURL(httpServletRequest) : ConfigManager.getProperty("threeLogin.redirecturl");
        if ("wechat".equals(str)) {
            return "redirect:https://open.weixin.qq.com/connect/qrconnect?appid=" + ConfigManager.getProperty("wxauth.appid") + "&redirect_uri=" + redirectURL + "&response_type=code&scope=snsapi_login&state=wechat." + str3 + "." + str4 + "." + str2 + "#wechat_redirect";
        }
        if ("qq".equals(str)) {
            return "redirect:https://graph.qq.com/oauth2.0/authorize?display=pc&response_type=code&client_id=" + ConfigManager.getProperty("qqauth.appid") + "&redirect_uri=" + redirectURL + "&state=qq." + str3 + "." + str4 + "." + str2;
        }
        if ("dingding".equals(str)) {
            return "redirect:https://login.dingtalk.com/oauth2/auth?redirect_uri=" + redirectURL + "&response_type=code&client_id=" + ConfigManager.getProperty("ddauth.appid") + "&scope=openid&prompt=consent&state=dingding." + str3 + "." + str4 + "." + str2;
        }
        return "redirect:https://api.weibo.com/oauth2/authorize?client_id=" + ConfigManager.getProperty("sinaauth.appid") + "&response_type=code&redirect_uri=" + redirectURL + "&state=sina." + str3 + "." + str4 + "." + str2;
    }

    @RequestMapping({"/logincallback"})
    @IgnoreAuthen
    public String logincallback(HttpServletRequest httpServletRequest, WebRequest webRequest) throws Exception {
        String parameter = httpServletRequest.getParameter("code");
        if (StringUtils.isBlank(parameter)) {
            parameter = httpServletRequest.getParameter("authCode");
        }
        String parameter2 = httpServletRequest.getParameter("state");
        String str = "";
        String str2 = parameter2.split("\\.")[0];
        String str3 = parameter2.split("\\.")[1];
        String str4 = parameter2.split("\\.")[2];
        String str5 = parameter2.split("\\.")[3];
        if (str5.contains("_BRH")) {
            str = str5.split("_BRH")[1];
            str5 = str5.split("_BRH")[0];
        }
        AppContext.setCurrentAppId(str5, str);
        if ("wechat".equals(str2)) {
            wechatLogin(httpServletRequest, parameter);
        } else if ("qq".equals(str2)) {
            qqLogin(parameter, str5);
        } else if ("dingding".equals(str2)) {
            dingdingLogin(parameter, str5);
        } else {
            sinaLogin(parameter, str5);
        }
        return "redirect:" + (!ConfigManager.isRelease() ? String.format("/preview.html?cfgid=%s&acpmemberid=%s&appid=%s&brhno=%s&plt=weixin&actinsid=%s", str3, str4, str5, str, "MainUI_" + str5) : "/?appid=" + str5);
    }

    public void sinaLogin(String str, String str2) {
        WxAccessArg.WxCorp wxCorp = new WxAccessArg.WxCorp();
        wxCorp.setCorpId(ConfigManager.getProperty("sinaauth.appid"));
        wxCorp.setAppId(AppContext.getCurrentAppId());
        wxCorp.setCorpSecret(ConfigManager.getProperty("sinaauth.appsec"));
        JSONObject jSONObject = getweiboaccesstoken(str);
        String str3 = (String) jSONObject.get("access_token");
        String str4 = (String) jSONObject.get("uid");
        JSONObject jSONObject2 = getweibouserinfo(str3, str4);
        System.out.println(jSONObject2);
        WxAccessArg.WxUserInfo wxUserInfo = new WxAccessArg.WxUserInfo();
        wxUserInfo.setOpenId(str4);
        wxUserInfo.setHeadImgUrl(jSONObject2.getString("avatar_hd"));
        wxUserInfo.setNickName(jSONObject2.getString("name"));
        ((WeixinService) ContextManager.findService(WeixinService.class)).authByOpenId(str4, WxConfig.WeixinType.SINA, wxUserInfo, str2);
    }

    public static Client authClient() throws Exception {
        Config config = new Config();
        config.protocol = "https";
        config.regionId = "central";
        return new Client(config);
    }

    public static com.aliyun.dingtalkcontact_1_0.Client contactClient() throws Exception {
        Config config = new Config();
        config.protocol = "https";
        config.regionId = "central";
        return new com.aliyun.dingtalkcontact_1_0.Client(config);
    }

    public void dingdingLogin(String str, String str2) throws Exception {
        String accessToken = authClient().getUserToken(new GetUserTokenRequest().setClientId(ConfigManager.getProperty("ddauth.appid")).setClientSecret(ConfigManager.getProperty("ddauth.appsec")).setCode(str).setGrantType("authorization_code")).getBody().getAccessToken();
        com.aliyun.dingtalkcontact_1_0.Client contactClient = contactClient();
        GetUserHeaders getUserHeaders = new GetUserHeaders();
        getUserHeaders.xAcsDingtalkAccessToken = accessToken;
        GetUserResponseBody body = contactClient.getUserWithOptions("me", getUserHeaders, new RuntimeOptions()).getBody();
        WxAccessArg.WxUserInfo wxUserInfo = new WxAccessArg.WxUserInfo();
        wxUserInfo.setOpenId(body.getOpenId());
        wxUserInfo.setHeadImgUrl(body.getAvatarUrl());
        wxUserInfo.setNickName(body.getNick());
        ((WeixinService) ContextManager.findService(WeixinService.class)).authByOpenId(body.getOpenId(), WxConfig.WeixinType.DD, wxUserInfo, str2);
    }

    public void qqLogin(String str, String str2) {
        WxAccessArg.WxCorp wxCorp = new WxAccessArg.WxCorp();
        wxCorp.setCorpId(ConfigManager.getProperty("qqauth.appid"));
        wxCorp.setAppId(AppContext.getCurrentAppId());
        wxCorp.setCorpSecret(ConfigManager.getProperty("qqauth.appsec"));
        String str3 = getqqaccesstoken(str);
        String str4 = getqqopenid(str3);
        JSONObject jSONObject = getqquserinfo(str3, str4);
        System.out.println(jSONObject);
        WxAccessArg.WxUserInfo wxUserInfo = new WxAccessArg.WxUserInfo();
        wxUserInfo.setOpenId(str4);
        wxUserInfo.setHeadImgUrl(jSONObject.getString("figureurl_qq_1"));
        wxUserInfo.setNickName(jSONObject.getString("nickname"));
        ((WeixinService) ContextManager.findService(WeixinService.class)).authByOpenId(str4, WxConfig.WeixinType.QQ, wxUserInfo, str2);
    }

    public void wechatLogin(HttpServletRequest httpServletRequest, String str) {
        WxAccessArg.WxCorp wxCorp = new WxAccessArg.WxCorp();
        wxCorp.setCorpId(ConfigManager.getProperty("wxauth.appid"));
        wxCorp.setAppId(AppContext.getCurrentAppId());
        wxCorp.setCorpSecret(ConfigManager.getProperty("wxauth.appsec"));
        ((WeixinService) ContextManager.findService(WeixinService.class)).getOpenUser(WxConfig.WeixinType.WX, str, httpServletRequest, wxCorp);
    }

    public String getRedirectURL(HttpServletRequest httpServletRequest) throws UnsupportedEncodingException {
        return URLEncoder.encode(httpServletRequest.getRequestURL().toString().replace(httpServletRequest.getLocalAddr() + ":" + httpServletRequest.getLocalPort(), httpServletRequest.getServerName()).replace("/api/securityservice/threepartlogin", "/api/securityservice/logincallback"), "UTF-8");
    }

    public JSONObject getweiboaccesstoken(String str) {
        return JSON.parseObject(HttpUtil.post("https://api.weibo.com/oauth2/access_token?client_id=" + ConfigManager.getProperty("sinaauth.appid") + "&client_secret=" + ConfigManager.getProperty("sinaauth.appsec") + "&grant_type=authorization_code&redirect_uri=http%3a%2f%2fauth.hangar.cn%2fapi%2fsecurityservice%2flogincallback&code=" + str, new HashMap()));
    }

    public String getqqaccesstoken(String str) {
        return HttpUtil.get("https://graph.qq.com/oauth2.0/token?client_id=" + ConfigManager.getProperty("qqauth.appid") + "&client_secret=" + ConfigManager.getProperty("qqauth.appsec") + "&grant_type=authorization_code&redirect_uri=http%3a%2f%2fauth.hangar.cn%2fapi%2fsecurityservice%2flogincallback&code=" + str).split("&")[0].split("=")[1];
    }

    public String getqqopenid(String str) {
        String str2 = HttpUtil.get("https://graph.qq.com/oauth2.0/me?access_token=" + str);
        return JSON.parseObject(str2.substring(str2.indexOf("(") + 1, str2.indexOf(")"))).getString("openid");
    }

    public JSONObject getweibouserinfo(String str, String str2) {
        return JSON.parseObject(HttpUtil.get("https://api.weibo.com/2/users/show.json?uid=" + str2, str));
    }

    public JSONObject getqquserinfo(String str, String str2) {
        return JSON.parseObject(HttpUtil.get("https://graph.qq.com/user/get_user_info?openid=" + str2 + "&access_token=" + str + "&oauth_consumer_key=" + ConfigManager.getProperty("qqauth.appid"), str));
    }
}
