package com.baijia.tianxiao.biz.www.authentication.handler;

import com.baijia.tianxiao.biz.www.LoginAccountDtoHelper;
import com.baijia.tianxiao.biz.www.Util.InitPageUtils;
import com.baijia.tianxiao.biz.www.Util.LoginAppInfoContext;
import com.baijia.tianxiao.biz.www.Util.PermissionTransformUtil;
import com.baijia.tianxiao.biz.www.authentication.AbstractAuthenticateHandler;
import com.baijia.tianxiao.biz.www.authentication.Credential;
import com.baijia.tianxiao.biz.www.authentication.dto.RoleDto;
import com.baijia.tianxiao.biz.www.authentication.dto.TXLoginAccountDto;
import com.baijia.tianxiao.biz.www.constant.BizConstant;
import com.baijia.tianxiao.constant.Flag;
import com.baijia.tianxiao.dal.org.constant.OrgSubAccountStatus;
import com.baijia.tianxiao.dal.org.constant.TXAccountType;
import com.baijia.tianxiao.dal.org.dao.TXCascadeAccountDao;
import com.baijia.tianxiao.dal.org.dao.TXCascadeCredentialDao;
import com.baijia.tianxiao.dal.org.po.OrgAccount;
import com.baijia.tianxiao.dal.org.po.OrgInfo;
import com.baijia.tianxiao.dal.org.po.OrgSubAccount;
import com.baijia.tianxiao.dal.org.po.TXAccount;
import com.baijia.tianxiao.dal.org.po.TXCascadeAccount;
import com.baijia.tianxiao.dal.org.po.TXCascadeCredential;
import com.baijia.tianxiao.exception.BussinessException;
import com.baijia.tianxiao.sal.organization.api.OrgAccountService;
import com.baijia.tianxiao.sal.organization.constant.CascadeType;
import com.baijia.tianxiao.sal.organization.org.service.OrgInfoService;
import com.baijia.tianxiao.sal.organization.org.service.OrgSubAccountService;
import com.baijia.tianxiao.sal.organization.org.service.TXAccountService;
import com.baijia.tianxiao.sal.organization.org.service.TxAccountPermissionService;
import com.baijia.tianxiao.util.GenericsUtils;
import com.baijia.tianxiao.util.encrypt.EncryptUtils;
import com.baijia.tianxiao.util.encrypt.PasswordUtil;
import com.baijia.tianxiao.util.memcached.MemcachedUtil;
import com.baijia.yunying.hag.service.HagService;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeoutException;
import net.rubyeye.xmemcached.exception.MemcachedException;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/baijia/tianxiao/biz/www/authentication/handler/TxCascadeAccountAuthenticateHandler.class */
public class TxCascadeAccountAuthenticateHandler extends AbstractAuthenticateHandler {
    private static final Logger log = LoggerFactory.getLogger(TxCascadeAccountAuthenticateHandler.class);

    @Autowired
    private TXCascadeCredentialDao txCascadeCredentialDao;

    @Autowired
    private TXCascadeAccountDao txCascadeAccountDao;

    @Autowired
    private OrgInfoService orgInfoService;

    @Autowired
    private LoginAccountDtoHelper loginAccountDtoHelper;

    @Autowired
    private TXAccountService txAccountService;

    @Autowired
    private OrgAccountService orgAccountService;

    @Autowired
    private HagService hagService;

    @Autowired
    private OrgSubAccountService orgSubAccountService;

    @Autowired
    private TxAccountPermissionService txAccountPermissionService;

    @Override // com.baijia.tianxiao.biz.www.authentication.AbstractAuthenticateHandler
    protected boolean doAuthentication(Credential credential, Map<String, Object> map) throws BussinessException {
        Boolean bool = false;
        try {
            String str = (String) MemcachedUtil.get("uniq_temp_tx_password_" + credential.getMobile());
            if (StringUtils.isNoneBlank(new CharSequence[]{str}) && str.equals(credential.getPassword())) {
                MemcachedUtil.delete("uniq_temp_tx_password_" + credential.getMobile());
                bool = true;
            }
        } catch (InterruptedException | TimeoutException | MemcachedException e) {
            log.error("get temp pwd error!mobile:{}", credential.getMobile(), e);
        }
        TXCascadeCredential byMobile = this.txCascadeCredentialDao.getByMobile(credential.getMobile());
        if (byMobile == null) {
            return false;
        }
        OrgAccount orgAccount = null;
        if (map.get(AbstractAuthenticateHandler.ORG_ACCOUNT_KEY) != null) {
            orgAccount = (OrgAccount) map.get(AbstractAuthenticateHandler.ORG_ACCOUNT_KEY);
        }
        try {
            if (!bool.booleanValue()) {
                if (orgAccount != null) {
                    if (!PasswordUtil.validatePassword(credential.getPassword(), orgAccount.getPassword())) {
                        log.info("cascade orgAccount pwd error mobile:{}", credential.getMobile());
                        return false;
                    }
                } else if (!PasswordUtil.validatePassword(credential.getPassword(), byMobile.getPassword())) {
                    log.info("no orgAccount and cascade credential pwd error mobile:{}", credential.getMobile());
                    return false;
                }
            }
            map.put("txCascadeCredential", byMobile);
            return true;
        } catch (Exception e2) {
            log.info("login pwd:{},hash:{},error!:{}", new Object[]{credential.getPassword(), byMobile.getPassword(), e2});
            return false;
        }
    }

    @Override // com.baijia.tianxiao.biz.www.authentication.AbstractAuthenticateHandler
    protected boolean postAuthenticate(Credential credential, boolean z, List<TXLoginAccountDto> list, Map<String, Object> map) throws BussinessException, Exception {
        TXLoginAccountDto buildLoginData;
        TXCascadeCredential tXCascadeCredential = (TXCascadeCredential) map.get("txCascadeCredential");
        Integer num = (Integer) GenericsUtils.getNullWithoutError(map, AbstractAuthenticateHandler.IS_FROM_MASTER);
        OrgAccount orgAccount = (OrgAccount) map.get(AbstractAuthenticateHandler.ORG_ACCOUNT_KEY);
        List<TXCascadeAccount> validAccountsByCredentialId = this.txCascadeAccountDao.getValidAccountsByCredentialId(tXCascadeCredential.getId());
        if (CollectionUtils.isEmpty(validAccountsByCredentialId)) {
            return false;
        }
        Integer id = orgAccount != null ? orgAccount.getId() : null;
        HashMap newHashMap = Maps.newHashMap();
        log.info("txCascadeAccounts:{}", validAccountsByCredentialId);
        for (TXCascadeAccount tXCascadeAccount : validAccountsByCredentialId) {
            OrgAccount orgAccountById = this.orgAccountService.getOrgAccountById(tXCascadeAccount.getOrgId());
            log.info("for orgAccount :{} , fromOrgId is:{} ", orgAccountById, id);
            if (this.hagService.hasPermission(orgAccountById.getNumber(), 0, "jigou_tianxiao_orgNumber", new Object[0])) {
                OrgSubAccount byOrgId = this.orgSubAccountService.getByOrgId(orgAccountById.getId(), new String[0]);
                if (null == byOrgId || byOrgId.getStatus().intValue() != OrgSubAccountStatus.NORMAL.getCode().intValue()) {
                    log.info("cascade:{}, can not login because the orgSubAccount is forbidden", tXCascadeAccount);
                } else if (null == byOrgId || byOrgId.getOnlineType().intValue() != Flag.TRUE.getInt()) {
                    TXAccount byOrgId2 = this.txAccountService.getByOrgId(byOrgId.getPid().intValue() > 0 ? byOrgId.getPid() : byOrgId.getOrgId(), new String[0]);
                    if (byOrgId2 == null) {
                        log.info("this cascade:{} can not find txAccount, maybe txAccount is forbidden", tXCascadeAccount);
                    } else if (byOrgId2.getVipLevel() == TXAccountType.DAZHONG.getCode()) {
                        log.info("cascade txAccount invalid111:{}", byOrgId2);
                    } else {
                        String txStrEncode = (byOrgId.getPid().intValue() == 0 && tXCascadeAccount.getAccountType().intValue() == CascadeType.MANAGER.getValue()) ? LoginAppInfoContext.isInitPageLoginUsers() ? EncryptUtils.txStrEncode(orgAccountById.getId(), tXCascadeAccount.getId(), byOrgId2.getId(), id, tXCascadeAccount.getAccountVersion(), TX_APP_ENVIRONMENT, num) : EncryptUtils.txStrEncode(orgAccountById.getId(), tXCascadeAccount.getId(), byOrgId2.getId(), tXCascadeAccount.getAccountVersion(), TX_APP_ENVIRONMENT) : LoginAppInfoContext.isInitPageLoginUsers() ? EncryptUtils.txStrEncode(orgAccountById.getId(), tXCascadeAccount.getId(), (Integer) null, id, tXCascadeAccount.getAccountVersion(), TX_APP_ENVIRONMENT, num) : EncryptUtils.txStrEncode(orgAccountById.getId(), tXCascadeAccount.getId(), (Integer) null, tXCascadeAccount.getAccountVersion(), TX_APP_ENVIRONMENT);
                        OrgInfo orgInfoByOrgId = this.orgInfoService.getOrgInfoByOrgId(orgAccountById.getId());
                        if (newHashMap.containsKey(orgAccountById.getId())) {
                            buildLoginData = (TXLoginAccountDto) newHashMap.get(orgAccountById.getId());
                        } else {
                            buildLoginData = this.loginAccountDtoHelper.buildLoginData(orgAccountById, orgInfoByOrgId);
                            buildLoginData.setHasRoles(Lists.newArrayList());
                            newHashMap.put(orgAccountById.getId(), buildLoginData);
                            list.add(buildLoginData);
                        }
                        buildLoginData.setDataAccountType(0);
                        RoleDto roleDto = new RoleDto();
                        roleDto.setId(tXCascadeAccount.getId().intValue());
                        roleDto.setNickName(tXCascadeCredential.getName());
                        roleDto.setType(tXCascadeAccount.getAccountType());
                        roleDto.setAuth_token(txStrEncode);
                        roleDto.setMobile(tXCascadeCredential.getMobile());
                        roleDto.setCreateTime(Long.valueOf(tXCascadeAccount.getCreateTime().getTime()));
                        InitPageUtils.fillInitPageInfos(byOrgId2, buildLoginData, orgInfoByOrgId.getShowName());
                        roleDto.setHasPermissions(PermissionTransformUtil.trans(this.txAccountPermissionService.universalGetPermissions(orgAccountById.getId().intValue(), tXCascadeAccount.getId()).getAPPps()));
                        if (StringUtils.isNotBlank(tXCascadeCredential.getAvatar())) {
                            roleDto.setRoleAvatar(tXCascadeCredential.getAvatar());
                        } else {
                            roleDto.setRoleAvatar(BizConstant.DEFAULT_CASCADE_AVATAR);
                        }
                        buildLoginData.getHasRoles().add(roleDto);
                    }
                } else {
                    log.info("cascade orgSubAccount onlineType invalid:{}", byOrgId);
                }
            } else {
                log.info("no hag txCascadeAccount:{}", tXCascadeAccount);
            }
        }
        return true;
    }
}
