package dev.flyfish.framework.user.service;

import dev.flyfish.framework.configuration.jwt.TokenProvider;
import dev.flyfish.framework.domain.base.IUser;
import dev.flyfish.framework.domain.po.User;
import dev.flyfish.framework.enums.UserStatus;
import dev.flyfish.framework.service.FlyfishUserDetailsService;
import dev.flyfish.framework.user.config.constants.UserCacheKeys;
import dev.flyfish.framework.utils.Assert;
import dev.flyfish.framework.utils.ReactiveRedisOperations;
import jakarta.annotation.PostConstruct;
import jakarta.annotation.Resource;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import java.util.function.Supplier;
import org.apache.commons.lang3.BooleanUtils;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.UserDetailsRepositoryReactiveAuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.ReactiveSecurityContextHolder;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

@Service
/* loaded from: input_file:dev/flyfish/framework/user/service/FlyfishUserDetailsServiceImpl.class */
public class FlyfishUserDetailsServiceImpl implements FlyfishUserDetailsService {
    private static final Map<Function<IUser, Boolean>, Supplier<AuthenticationException>> checkMap = new HashMap();
    private final UserService userService;
    private final UserDetailsConverter userDetailsConverter;

    @Resource
    private TokenProvider tokenProvider;

    @Resource
    private ReactiveRedisOperations reactiveRedisOperations;
    private ReactiveAuthenticationManager authenticationManager;

    @PostConstruct
    private void init() {
        UserDetailsRepositoryReactiveAuthenticationManager userDetailsRepositoryReactiveAuthenticationManager = new UserDetailsRepositoryReactiveAuthenticationManager(this);
        userDetailsRepositoryReactiveAuthenticationManager.setPasswordEncoder(NoOpPasswordEncoder.getInstance());
        this.authenticationManager = userDetailsRepositoryReactiveAuthenticationManager;
    }

    public Mono<UserDetails> updatePassword(UserDetails userDetails, String str) {
        return this.userService.updateById(((IUser) userDetails).toUser()).thenReturn(userDetails);
    }

    public Mono<UserDetails> findByUsername(String str) {
        String str2 = UserCacheKeys.get(str);
        return this.reactiveRedisOperations.hasKey(str2).flatMap(bool -> {
            if (Boolean.TRUE.equals(bool)) {
                return this.reactiveRedisOperations.get(str2);
            }
            Mono<User> findByUsername = this.userService.findByUsername(str);
            UserDetailsConverter userDetailsConverter = this.userDetailsConverter;
            Objects.requireNonNull(userDetailsConverter);
            return findByUsername.flatMap((v1) -> {
                return r1.mapToUserDetails(v1);
            }).flatMap(userDetails -> {
                return this.reactiveRedisOperations.set(str2, userDetails).thenReturn(userDetails);
            });
        }).flatMap(this::validate).switchIfEmpty(Mono.defer(() -> {
            return Mono.error(new UsernameNotFoundException("用户不存在！"));
        }));
    }

    private Mono<UserDetails> validate(UserDetails userDetails) {
        if (!(userDetails instanceof IUser)) {
            return Mono.just(userDetails);
        }
        IUser iUser = (IUser) userDetails;
        return (Mono) checkMap.entrySet().stream().filter(entry -> {
            return ((Boolean) ((Function) entry.getKey()).apply(iUser)).booleanValue();
        }).findFirst().map(entry2 -> {
            return Mono.error((Throwable) ((Supplier) entry2.getValue()).get());
        }).orElse(Mono.just(userDetails));
    }

    public Mono<Authentication> authenticate(UserDetails userDetails, ServerWebExchange serverWebExchange) {
        return loadContext(userDetails).flatMap(securityContext -> {
            return Mono.fromCallable(() -> {
                this.tokenProvider.addToken(serverWebExchange, securityContext.getAuthentication());
                return Mono.empty();
            }).contextWrite(ReactiveSecurityContextHolder.withSecurityContext(Mono.just(securityContext))).then(Mono.just(securityContext));
        }).map((v0) -> {
            return v0.getAuthentication();
        }).doOnNext(authentication -> {
            if (authentication.getPrincipal() instanceof IUser) {
                Assert.isTrue(BooleanUtils.isTrue(((IUser) authentication.getPrincipal()).getApp()), "用户没有移动端登录权限！");
            }
        });
    }

    public Mono<SecurityContext> loadContext(UserDetails userDetails) {
        return this.authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(userDetails.getUsername(), userDetails.getPassword())).map(authentication -> {
            SecurityContextImpl securityContextImpl = new SecurityContextImpl();
            securityContextImpl.setAuthentication(authentication);
            return securityContextImpl;
        });
    }

    public Mono<Void> logout(ServerWebExchange serverWebExchange) {
        return this.tokenProvider.removeToken(serverWebExchange);
    }

    public FlyfishUserDetailsServiceImpl(UserService userService, UserDetailsConverter userDetailsConverter) {
        this.userService = userService;
        this.userDetailsConverter = userDetailsConverter;
    }

    static {
        checkMap.put(iUser -> {
            return Boolean.valueOf(!(null == iUser.getEnable() || iUser.getEnable().booleanValue()) || iUser.getStatus() == UserStatus.DISABLED);
        }, () -> {
            return new DisabledException("用户被禁用");
        });
        checkMap.put(iUser2 -> {
            return Boolean.valueOf(iUser2.getStatus() == UserStatus.LOCKED);
        }, () -> {
            return new LockedException("账户已经锁定！请联系管理员修改密码！");
        });
    }
}
