package net.ibizsys.central.cloud.uaa.rabbitmq.spring.controller;

import java.util.Map;
import javax.annotation.PostConstruct;
import net.ibizsys.central.SystemGatewayException;
import net.ibizsys.central.cloud.core.IServiceHub;
import net.ibizsys.central.cloud.core.cloudutil.ICloudUAAUtilRuntime;
import net.ibizsys.central.cloud.core.util.CloudCacheTagUtils;
import net.ibizsys.central.cloud.core.util.domain.Employee;
import net.ibizsys.central.cloud.uaa.core.IUAAUtilSystemRuntime;
import net.ibizsys.central.cloud.uaa.rabbitmq.util.domain.ResourceCheck;
import net.ibizsys.central.cloud.uaa.rabbitmq.util.domain.TopicCheck;
import net.ibizsys.central.cloud.uaa.rabbitmq.util.domain.VirtualHostCheck;
import net.ibizsys.central.sysutil.ISysCacheUtilRuntime;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({""})
@RestController
/* loaded from: input_file:net/ibizsys/central/cloud/uaa/rabbitmq/spring/controller/AuthRestController.class */
public class AuthRestController {
    private static final Log log = LogFactory.getLog(AuthRestController.class);

    @Autowired
    IServiceHub iServiceHub;
    private ICloudUAAUtilRuntime iCloudUAAUtilRuntime = null;
    private ISysCacheUtilRuntime iSysCacheUtilRuntime = null;

    @PostConstruct
    protected void postConstruct() {
        log.debug(String.format("CloudRabbitMQ认证服务已经启动", new Object[0]));
        this.iServiceHub.registerIgnoreAuthPattern("/uaa/rabbitmq/**");
        if (this.iCloudUAAUtilRuntime == null) {
            this.iServiceHub.requireCloudUtilRuntime(IUAAUtilSystemRuntime.class, ICloudUAAUtilRuntime.class);
        }
    }

    protected ICloudUAAUtilRuntime getCloudUAAUtilRuntime() {
        if (this.iCloudUAAUtilRuntime == null) {
            try {
                this.iCloudUAAUtilRuntime = this.iServiceHub.getCloudUtilRuntime(IUAAUtilSystemRuntime.class, ICloudUAAUtilRuntime.class, false);
            } catch (Throwable th) {
                log.error(String.format("获取Cloud体系UAA功能模块发生异常，$1%s", th.getMessage()), th);
                throw new SystemGatewayException(this.iServiceHub, String.format("未指定Cloud体系UAA功能模块", new Object[0]), th);
            }
        }
        return this.iCloudUAAUtilRuntime;
    }

    protected ISysCacheUtilRuntime getSysCacheUtilRuntime() {
        if (this.iSysCacheUtilRuntime == null) {
            try {
                this.iSysCacheUtilRuntime = (ISysCacheUtilRuntime) this.iServiceHub.getSysUtilRuntime((Class) null, ISysCacheUtilRuntime.class, false);
            } catch (Throwable th) {
                log.error(String.format("获取系统缓存功能组件发生异常，$1%s", th.getMessage()), th);
                throw new SystemGatewayException(this.iServiceHub, String.format("未指定系统缓存功能组件", new Object[0]), th);
            }
        }
        return this.iSysCacheUtilRuntime;
    }

    @RequestMapping(method = {RequestMethod.GET, RequestMethod.POST}, value = {"/uaa/rabbitmq/user"})
    public String user(@RequestParam("username") String str, @RequestParam("password") String str2) {
        Employee employee;
        if (!StringUtils.hasLength(str) || !StringUtils.hasLength(str2)) {
            return "deny";
        }
        try {
            if (!getCloudUAAUtilRuntime().validateToken(str2)) {
                throw new Exception("Token已失效");
            }
            Map all = getSysCacheUtilRuntime().getAll(CloudCacheTagUtils.getAuthenticationUserCat(getCloudUAAUtilRuntime().getUsernameFromToken(str2), str2));
            if (!ObjectUtils.isEmpty(all)) {
                for (Map.Entry entry : all.entrySet()) {
                    if (StringUtils.hasLength((String) entry.getKey()) && ((String) entry.getKey()).indexOf(CloudCacheTagUtils.EMPLOYEETAG_PREFIX) == 0 && (employee = (Employee) getSysCacheUtilRuntime().getSystemRuntime().deserialize(entry.getValue(), Employee.class)) != null && StringUtils.hasLength(employee.getMqttTopic()) && str.equals(employee.getMqttTopic())) {
                        return "allow";
                    }
                }
            }
            log.warn(String.format("校验用户[%1$s][%2$s]失败", str, str2));
            return "deny";
        } catch (Throwable th) {
            log.error(String.format("校验用户[%1$s][%2$s]发生异常，%3$s", str, str2, th.getMessage()), th);
            return "deny";
        }
    }

    @RequestMapping(method = {RequestMethod.GET, RequestMethod.POST}, value = {"/uaa/rabbitmq/vhost"})
    public String vhost(VirtualHostCheck virtualHostCheck) {
        log.debug(String.format("Checking vhost access with %1$s", virtualHostCheck));
        return "allow";
    }

    @RequestMapping(method = {RequestMethod.GET, RequestMethod.POST}, value = {"/uaa/rabbitmq/resource"})
    public String resource(ResourceCheck resourceCheck) {
        log.debug(String.format("Checking resource access with %1$s", resourceCheck));
        return "allow";
    }

    @RequestMapping(method = {RequestMethod.GET, RequestMethod.POST}, value = {"/uaa/rabbitmq/topic"})
    public String topic(TopicCheck topicCheck) {
        boolean equals = topicCheck.getUsername().replace("/", ".").equals(topicCheck.getRouting_key());
        log.debug(String.format("Checking topic access with %1$s, result: %2$s", topicCheck, Boolean.valueOf(equals)));
        return equals ? "allow" : "deny";
    }
}
