package cool.scx.ext.auth;

import com.fasterxml.jackson.databind.JsonNode;
import cool.scx.core.ScxContext;
import cool.scx.core.base.BaseModelService;
import cool.scx.data.FieldFilter;
import cool.scx.data.Query;
import cool.scx.data.query.Logic;
import cool.scx.data.query.WhereBody;
import cool.scx.data.query.WhereOption;
import cool.scx.ext.auth.BaseUser;
import cool.scx.ext.auth.exception.UnknownLoginHandlerException;
import cool.scx.ext.auth.exception.UnknownUserException;
import cool.scx.ext.auth.exception.UsernameAlreadyExistsException;
import cool.scx.ext.auth.exception.WrongPasswordException;
import cool.scx.ext.auth.type.DeviceType;
import cool.scx.ext.auth.type.Perms;
import cool.scx.ext.auth.type.Session;
import cool.scx.ext.auth.type.SessionStore;
import cool.scx.ext.ws.WSMessage;
import cool.scx.mvc.ScxMvc;
import cool.scx.mvc.exception.ForbiddenException;
import cool.scx.mvc.exception.UnauthorizedException;
import cool.scx.util.CryptoUtils;
import cool.scx.util.ObjectUtils;
import cool.scx.util.StringUtils;
import cool.scx.util.ansi.Ansi;
import cool.scx.util.ansi.AnsiElement;
import io.vertx.core.http.ServerWebSocket;
import io.vertx.ext.web.RoutingContext;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:cool/scx/ext/auth/BaseAuthHandler.class */
public abstract class BaseAuthHandler<U extends BaseUser> {
    public static final Path SCX_SESSION_CACHE_PATH = ScxContext.getPathByAppRoot("AppRoot:scx-session.cache");
    public static final String SCX_AUTH_TOKEN_KEY = "S-Token";
    public static final String SCX_AUTH_DEVICE_KEY = "S-Device";
    protected final SessionStore SESSION_STORE = new SessionStore();
    protected final Map<String, ThirdPartyLoginHandler<?>> THIRD_PARTY_LOGIN_HANDLER_MAP = new HashMap();
    protected final BaseModelService<U> userService;

    protected BaseAuthHandler(BaseModelService<U> baseModelService) {
        this.userService = baseModelService;
    }

    public U getCurrentUser() {
        return getCurrentUser(ScxMvc.routingContext());
    }

    public U getCurrentUser(RoutingContext routingContext) {
        return getCurrentUserByToken(AuthHelper.getToken(routingContext));
    }

    public U getCurrentUserByToken(String str) {
        Session byToken = this.SESSION_STORE.getByToken(str);
        if (byToken != null) {
            return (U) this.userService.get(byToken.userID().longValue());
        }
        return null;
    }

    public Session login(String str, String str2, RoutingContext routingContext) throws UnknownUserException, WrongPasswordException {
        DeviceType deviceTypeByHeader = AuthHelper.getDeviceTypeByHeader(routingContext);
        Session session = new Session(AuthHelper.tryGetAuthToken(routingContext, deviceTypeByHeader), ((BaseUser) tryLogin(str, str2)).id, deviceTypeByHeader);
        this.SESSION_STORE.add(session);
        return session;
    }

    public U tryLogin(String str, String str2) throws UnknownUserException, WrongPasswordException {
        U u = (U) this.userService.get(Query.query().where(new Object[]{WhereBody.equal("username", str, new WhereOption[0])}));
        if (u == null) {
            throw new UnknownUserException();
        }
        if (AuthHelper.checkPassword(str2, u.password)) {
            return u;
        }
        throw new WrongPasswordException(((BaseUser) u).id);
    }

    public abstract U signup(String str, String str2);

    public boolean logout(RoutingContext routingContext) {
        return this.SESSION_STORE.removeByToken(AuthHelper.getToken(routingContext));
    }

    public U changePasswordByAdmin(String str, Long l) {
        U currentUser = getCurrentUser();
        if (currentUser == null) {
            throw new UnauthorizedException("请登录 !!!");
        }
        if (!currentUser.isAdmin.booleanValue()) {
            throw new ForbiddenException("非管理员无权限修改用户的用户名 !!!");
        }
        BaseUser baseUser = (BaseUser) this.userService.get(l.longValue());
        if (baseUser == null) {
            throw new UnknownUserException();
        }
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException("新密码不能为空 !!!");
        }
        baseUser.password = CryptoUtils.encryptPassword(str.trim());
        return (U) this.userService.update(baseUser, FieldFilter.ofIncluded(new String[]{"password"}));
    }

    public U changePasswordBySelf(String str, String str2) throws WrongPasswordException, UnknownUserException {
        U currentUser = getCurrentUser();
        if (currentUser == null) {
            throw new UnauthorizedException("请登录 !!!");
        }
        if (!AuthHelper.checkPassword(str2, currentUser.password)) {
            throw new WrongPasswordException(((BaseUser) currentUser).id);
        }
        BaseUser baseUser = (BaseUser) this.userService.get(((BaseUser) currentUser).id.longValue());
        if (baseUser == null) {
            throw new UnknownUserException();
        }
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException("新密码不能为空 !!!");
        }
        baseUser.password = CryptoUtils.encryptPassword(str.trim());
        return (U) this.userService.update(baseUser);
    }

    public U changeUsernameBySelf(String str, String str2) throws UnauthorizedException, WrongPasswordException {
        U currentUser = getCurrentUser();
        if (currentUser == null) {
            throw new UnauthorizedException("请登录 !!!");
        }
        if (!AuthHelper.checkPassword(str2, currentUser.password)) {
            throw new WrongPasswordException(((BaseUser) currentUser).id);
        }
        U checkNeedChangeUserByID = checkNeedChangeUserByID(((BaseUser) currentUser).id);
        checkNeedChangeUserByID.username = checkNewUsername(str, ((BaseUser) checkNeedChangeUserByID).id);
        return (U) this.userService.update(checkNeedChangeUserByID);
    }

    public U checkNeedChangeUserByID(Long l) {
        U u = (U) this.userService.get(l.longValue(), FieldFilter.ofIncluded(new String[0]).addIncluded(new String[]{"id", "password", "username"}));
        if (u == null) {
            throw new UnknownUserException();
        }
        return u;
    }

    public final Perms getPerms() {
        return getPerms(getCurrentUser());
    }

    public abstract Perms getPerms(U u);

    public abstract U signupByThirdParty(String str, String str2, String str3);

    public Session loginByThirdParty(String str, String str2, String str3, RoutingContext routingContext) {
        DeviceType deviceTypeByHeader = AuthHelper.getDeviceTypeByHeader(routingContext);
        Session session = new Session(AuthHelper.tryGetAuthToken(routingContext, deviceTypeByHeader), ((BaseUser) findThirdPartyLoginHandler(str3).tryLogin(str, str2)).id, deviceTypeByHeader);
        this.SESSION_STORE.add(session);
        return session;
    }

    public final ThirdPartyLoginHandler<U> findThirdPartyLoginHandler(String str) {
        ThirdPartyLoginHandler<U> thirdPartyLoginHandler = (ThirdPartyLoginHandler) this.THIRD_PARTY_LOGIN_HANDLER_MAP.get(str);
        if (thirdPartyLoginHandler == null) {
            throw new UnknownLoginHandlerException();
        }
        return thirdPartyLoginHandler;
    }

    public final SessionStore loggedInClientTable() {
        return this.SESSION_STORE;
    }

    public final void addThirdPartyLoginHandler(String str, ThirdPartyLoginHandler<?> thirdPartyLoginHandler) {
        this.THIRD_PARTY_LOGIN_HANDLER_MAP.put(str, thirdPartyLoginHandler);
    }

    public abstract boolean hasPerm(String str);

    public void bindWebSocketByToken(WSMessage<?> wSMessage) {
        Session byToken = this.SESSION_STORE.getByToken((String) ObjectUtils.convertValue(((Map) ObjectUtils.convertValue(wSMessage.body(), ObjectUtils.MAP_TYPE, new ObjectUtils.Option[0])).get("token"), String.class, new ObjectUtils.Option[0]));
        if (byToken != null) {
            byToken.webSocket = wSMessage.webSocket();
        }
    }

    public Session getCurrentSession() {
        return this.SESSION_STORE.getByToken(AuthHelper.getToken(ScxMvc.routingContext()));
    }

    public U getCurrentUserByWebSocket(ServerWebSocket serverWebSocket) {
        Session byWebSocket = this.SESSION_STORE.getByWebSocket(serverWebSocket);
        if (byWebSocket != null) {
            return (U) this.userService.get(byWebSocket.userID().longValue());
        }
        return null;
    }

    public void readSessionFromFile() {
        try {
            int i = 0;
            Iterator it = ObjectUtils.jsonMapper(new ObjectUtils.Option[0]).readTree(CryptoUtils.decryptBinary(Files.readAllBytes(SCX_SESSION_CACHE_PATH), ScxContext.appKey())).iterator();
            while (it.hasNext()) {
                JsonNode jsonNode = (JsonNode) it.next();
                try {
                    this.SESSION_STORE.add(new Session(jsonNode.get("token").textValue(), Long.valueOf(jsonNode.get("userID").longValue()), DeviceType.of(jsonNode.get("loginDevice").textValue())));
                    i++;
                } catch (Exception e) {
                }
            }
            Ansi.out().brightGreen("成功从 " + SCX_SESSION_CACHE_PATH + " 中恢复 " + i + " 条 Session 数据!!!", new AnsiElement[0]).println();
        } catch (Exception e2) {
        }
    }

    public void writeSessionToFile() {
        List list = this.SESSION_STORE.loggedInClients().stream().map(session -> {
            HashMap hashMap = new HashMap();
            hashMap.put("userID", session.userID());
            hashMap.put("loginDevice", session.loginDevice());
            hashMap.put("token", session.token());
            return hashMap;
        }).toList();
        try {
            Files.write(SCX_SESSION_CACHE_PATH, CryptoUtils.encryptBinary(ObjectUtils.toJson(list, new ObjectUtils.Option[0]).getBytes(StandardCharsets.UTF_8), ScxContext.appKey()), new OpenOption[0]);
            Ansi.out().red("保存 " + list.size() + " 条 Session 数据到 " + SCX_SESSION_CACHE_PATH + " 中!!!", new AnsiElement[0]).println();
        } catch (Exception e) {
        }
    }

    public String checkNewUsername(String str, Long l) {
        if (StringUtils.isBlank(str)) {
            throw new IllegalArgumentException("新用户名不能为空 !!!");
        }
        String trim = str.trim();
        if (this.userService.count(Query.query().where(new Object[]{Logic.andSet().equal("username", trim, new WhereOption[0]).notEqual("id", l, new WhereOption[]{WhereOption.SKIP_IF_NULL})})) != 0) {
            throw new UsernameAlreadyExistsException();
        }
        return trim;
    }

    public String checkNewUsername(String str) {
        return checkNewUsername(str, null);
    }
}
