package com.ebaiyihui.scrm.service.impl;

import com.aliyuncs.auth.AuthConstant;
import com.aliyuncs.utils.ParameterHelper;
import com.ebaiyihui.scrm.domain.entity.SuiteAuthorizedCorp;
import com.ebaiyihui.scrm.domain.entity.SuiteConfig;
import com.ebaiyihui.scrm.domain.entity.WechatWorkConfig;
import com.ebaiyihui.scrm.mapper.SuiteAuthorizedCorpMapper;
import com.ebaiyihui.scrm.mapper.SuiteConfigMapper;
import com.ebaiyihui.scrm.service.SuiteService;
import com.ebaiyihui.scrm.service.WechatWorkApiService;
import com.ebaiyihui.scrm.service.WechatWorkConfigService;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.itextpdf.text.Annotation;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.messaging.MessageHeaders;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Service
/* loaded from: input_file:BOOT-INF/classes/com/ebaiyihui/scrm/service/impl/SuiteServiceImpl.class */
public class SuiteServiceImpl implements SuiteService {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SuiteServiceImpl.class);

    @Autowired
    private SuiteConfigMapper suiteConfigMapper;

    @Autowired
    private SuiteAuthorizedCorpMapper suiteAuthorizedCorpMapper;

    @Autowired
    private WechatWorkApiService wechatWorkApiService;

    @Autowired
    private RedisTemplate<String, String> redisTemplate;

    @Autowired
    private WechatWorkConfigService wechatWorkConfigService;
    private final ObjectMapper objectMapper = new ObjectMapper();

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public SuiteConfig getSuiteConfig(String str) {
        try {
            return this.suiteConfigMapper.selectBySuiteId(str);
        } catch (Exception e) {
            log.error("获取Suite配置失败: suiteId={}", str, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public void saveSuiteTicket(String str, String str2) {
        try {
            log.info("开始保存Suite Ticket: suiteId={}, ticketLength={}", str, Integer.valueOf(str2 != null ? str2.length() : 0));
            String str3 = "suite_ticket:" + str;
            this.redisTemplate.opsForValue().set(str3, str2, 30L, TimeUnit.MINUTES);
            log.debug("Suite Ticket已保存到Redis缓存: key={}", str3);
            SuiteConfig selectBySuiteId = this.suiteConfigMapper.selectBySuiteId(str);
            if (selectBySuiteId == null) {
                log.error("数据库中不存在Suite配置记录: suiteId={}，请先执行初始化脚本", str);
                log.error("解决方案：执行 byh-scrm-server/sql/fix_suite_ticket_issue.sql");
                logAuthOperation(str, null, "save_suite_ticket", "保存Suite Ticket", "partial_success", "Redis缓存成功，数据库配置不存在");
                return;
            }
            int updateSuiteTicket = this.suiteConfigMapper.updateSuiteTicket(str, str2);
            if (updateSuiteTicket > 0) {
                log.info("Suite Ticket已更新到数据库: suiteId={}, updateResult={}", str, Integer.valueOf(updateSuiteTicket));
            } else {
                log.error("Suite Ticket数据库更新失败: suiteId={}, updateResult={}", str, Integer.valueOf(updateSuiteTicket));
                log.error("可能原因：1) Suite配置记录不存在 2) 数据库连接问题 3) SQL语句执行失败");
                if (selectBySuiteId.getStatus() != null && selectBySuiteId.getStatus().intValue() == 0) {
                    log.warn("Suite配置状态为禁用: suiteId={}, status={}", str, selectBySuiteId.getStatus());
                }
            }
            String str4 = "suite_access_token:" + str;
            log.debug("已清除Suite Access Token缓存: key={}, deleted={}", str4, this.redisTemplate.delete((RedisTemplate<String, String>) str4));
            logAuthOperation(str, null, "save_suite_ticket", "保存Suite Ticket", updateSuiteTicket > 0 ? "success" : "partial_success", updateSuiteTicket > 0 ? "完全成功" : "Redis成功，数据库失败");
            log.info("Suite Ticket保存完成: suiteId={}, 数据库更新结果={}", str, updateSuiteTicket > 0 ? "成功" : "失败");
        } catch (Exception e) {
            log.error("保存Suite Ticket失败: suiteId={}", str, e);
            logAuthOperation(str, null, "save_suite_ticket", "保存Suite Ticket", "failed", e.getMessage());
            throw new RuntimeException("保存Suite Ticket失败: " + e.getMessage(), e);
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public void batchSaveSuiteTickets(Map<String, String> map) {
        if (map == null || map.isEmpty()) {
            log.warn("批量保存Suite Ticket: 输入为空");
            return;
        }
        log.info("开始批量保存Suite Ticket: count={}", Integer.valueOf(map.size()));
        int i = 0;
        int i2 = 0;
        for (Map.Entry<String, String> entry : map.entrySet()) {
            try {
                saveSuiteTicket(entry.getKey(), entry.getValue());
                i++;
            } catch (Exception e) {
                log.error("批量保存Suite Ticket失败: suiteId={}", entry.getKey(), e);
                i2++;
            }
        }
        log.info("批量保存Suite Ticket完成: 成功={}, 失败={}", Integer.valueOf(i), Integer.valueOf(i2));
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public String getLatestSuiteTicket(String str) {
        try {
            String str2 = "suite_ticket:" + str;
            String str3 = this.redisTemplate.opsForValue().get(str2);
            if (StringUtils.isNotEmpty(str3)) {
                return str3;
            }
            SuiteConfig selectBySuiteId = this.suiteConfigMapper.selectBySuiteId(str);
            if (selectBySuiteId == null || !StringUtils.isNotEmpty(selectBySuiteId.getSuiteTicket())) {
                return null;
            }
            this.redisTemplate.opsForValue().set(str2, selectBySuiteId.getSuiteTicket(), 30L, TimeUnit.MINUTES);
            return selectBySuiteId.getSuiteTicket();
        } catch (Exception e) {
            log.error("获取Suite Ticket失败: suiteId={}", str, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public String getSuiteAccessToken(String str, boolean z) {
        try {
            String str2 = "suite_access_token:" + str;
            if (!z) {
                String str3 = this.redisTemplate.opsForValue().get(str2);
                if (StringUtils.isNotEmpty(str3)) {
                    return str3;
                }
            }
            SuiteConfig suiteConfig = getSuiteConfig(str);
            if (suiteConfig == null) {
                log.error("Suite配置不存在: suiteId={}", str);
                return null;
            }
            String latestSuiteTicket = getLatestSuiteTicket(str);
            if (StringUtils.isEmpty(latestSuiteTicket)) {
                log.error("Suite Ticket不存在: suiteId={}", str);
                return null;
            }
            HashMap hashMap = new HashMap();
            hashMap.put("suite_id", str);
            hashMap.put("suite_secret", suiteConfig.getSuiteSecret());
            hashMap.put("suite_ticket", latestSuiteTicket);
            String post = this.wechatWorkApiService.post("https://qyapi.weixin.qq.com/cgi-bin/service/get_suite_token", this.objectMapper.writeValueAsString(hashMap));
            if (!StringUtils.isNotEmpty(post)) {
                return null;
            }
            Map map = (Map) this.objectMapper.readValue(post, Map.class);
            Integer num = (Integer) map.get("errcode");
            if (num == null || num.intValue() != 0) {
                log.error("获取Suite Access Token失败: {}", map.get("errmsg"));
                return null;
            }
            String str4 = (String) map.get("suite_access_token");
            this.redisTemplate.opsForValue().set(str2, str4, ((Integer) map.get("expires_in")).intValue() - 300, TimeUnit.SECONDS);
            return str4;
        } catch (Exception e) {
            log.error("获取Suite Access Token异常: suiteId={}", str, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> getCorpPermanentCode(String str, String str2) {
        String suiteAccessToken;
        HashMap hashMap = new HashMap();
        try {
            suiteAccessToken = getSuiteAccessToken(str, false);
        } catch (Exception e) {
            log.error("获取企业永久授权码异常: suiteId={}, authCode={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("message", "获取永久授权码异常: " + e.getMessage());
        }
        if (StringUtils.isEmpty(suiteAccessToken)) {
            hashMap.put("success", false);
            hashMap.put("message", "获取Suite Access Token失败");
            return hashMap;
        }
        String str3 = "https://qyapi.weixin.qq.com/cgi-bin/service/get_permanent_code?access_token=" + suiteAccessToken;
        HashMap hashMap2 = new HashMap();
        hashMap2.put("auth_code", str2);
        String post = this.wechatWorkApiService.post(str3, this.objectMapper.writeValueAsString(hashMap2));
        if (StringUtils.isNotEmpty(post)) {
            Map map = (Map) this.objectMapper.readValue(post, Map.class);
            Integer num = (Integer) map.get("errcode");
            if (num == null || num.intValue() != 0) {
                hashMap.put("success", false);
                hashMap.put("message", "API调用失败: " + map.get("errmsg"));
            } else {
                hashMap.put("success", true);
                hashMap.put("data", map);
                Map map2 = (Map) map.get("auth_corp_info");
                if (map2 != null) {
                    hashMap.put("authCorpId", map2.get("corpid"));
                    hashMap.put("corpName", map2.get("corp_name"));
                }
                hashMap.put("permanentCode", map.get("permanent_code"));
                hashMap.put("authInfo", map.get("auth_info"));
            }
        } else {
            hashMap.put("success", false);
            hashMap.put("message", "API响应为空");
        }
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public String getCorpAccessToken(String str, String str2, boolean z) {
        try {
            String str3 = "corp_access_token:" + str + ":" + str2;
            if (!z) {
                String str4 = this.redisTemplate.opsForValue().get(str3);
                if (StringUtils.isNotEmpty(str4)) {
                    return str4;
                }
            }
            SuiteAuthorizedCorp authorizedCorp = getAuthorizedCorp(str, str2);
            if (authorizedCorp == null) {
                log.error("授权企业信息不存在: suiteId={}, authCorpId={}", str, str2);
                log.error("请检查以下几点：");
                log.error("1. 确认企业是否已完成代开发应用授权");
                log.error("2. 检查suite_authorized_corp表中是否存在对应记录");
                log.error("3. 如果是新部署，请先运行数据迁移脚本");
                log.error("4. 可以考虑临时切换到独立应用模式");
                return null;
            }
            if (StringUtils.isEmpty(authorizedCorp.getPermanentCode())) {
                log.error("授权企业永久授权码为空: suiteId={}, authCorpId={}, corpName={}", str, str2, authorizedCorp.getCorpName());
                log.error("请检查以下几点：");
                log.error("1. 确认企业是否已完成代开发应用授权流程");
                log.error("2. 检查permanent_code字段是否为空或占位符");
                log.error("3. 如果是临时占位符，需要重新完成授权流程");
                log.error("4. 建议临时切换到独立应用模式: UPDATE wechat_work_configs SET is_suite_mode=0 WHERE hospital_id='{}' AND appcode='{}'", authorizedCorp.getHospitalId(), authorizedCorp.getAppcode());
                return null;
            }
            if ("TEMP_PERMANENT_CODE_PLACEHOLDER".equals(authorizedCorp.getPermanentCode())) {
                log.error("检测到临时占位符永久授权码: suiteId={}, authCorpId={}", str, str2);
                log.error("这是一个临时占位符，需要完成真实的企业微信代开发授权流程");
                log.error("建议操作：");
                log.error("1. 临时切换到独立应用模式以恢复服务");
                log.error("2. 联系管理员完成企业微信代开发授权");
                log.error("3. 获取真实的permanent_code后更新数据库");
                return null;
            }
            String suiteAccessToken = getSuiteAccessToken(str, false);
            if (StringUtils.isEmpty(suiteAccessToken)) {
                log.error("获取Suite Access Token失败: suiteId={}", str);
                log.error("请检查：");
                log.error("1. Suite配置是否正确");
                log.error("2. Suite Ticket是否有效");
                log.error("3. Suite Secret是否正确");
                return null;
            }
            String str5 = "https://qyapi.weixin.qq.com/cgi-bin/service/get_corp_token?access_token=" + suiteAccessToken;
            HashMap hashMap = new HashMap();
            hashMap.put("auth_corpid", str2);
            hashMap.put("permanent_code", authorizedCorp.getPermanentCode());
            String post = this.wechatWorkApiService.post(str5, this.objectMapper.writeValueAsString(hashMap));
            if (!StringUtils.isNotEmpty(post)) {
                return null;
            }
            Map map = (Map) this.objectMapper.readValue(post, Map.class);
            Integer num = (Integer) map.get("errcode");
            if (num != null && num.intValue() == 0) {
                String str6 = (String) map.get("access_token");
                Integer num2 = (Integer) map.get("expires_in");
                this.redisTemplate.opsForValue().set(str3, str6, num2.intValue() - 300, TimeUnit.SECONDS);
                authorizedCorp.setAccessToken(str6);
                authorizedCorp.setAccessTokenExpiresAt(LocalDateTime.now().plusSeconds(num2.intValue()));
                updateAuthorizedCorp(authorizedCorp);
                log.info("企业访问令牌获取成功: suiteId={}, authCorpId={}, expiresIn={}", str, str2, num2);
                return str6;
            }
            log.error("获取企业访问令牌失败: suiteId={}, authCorpId={}, errcode={}, errmsg={}", str, str2, num, (String) map.get("errmsg"));
            if (num.intValue() == 40013) {
                log.error("错误原因：无效的CorpID，请检查auth_corpid是否正确");
                return null;
            }
            if (num.intValue() == 40014) {
                log.error("错误原因：无效的access_token，Suite Access Token可能已过期");
                return null;
            }
            if (num.intValue() == 40084) {
                log.error("错误原因：无效的permanent_code，可能需要重新授权");
                return null;
            }
            if (num.intValue() != 40001) {
                return null;
            }
            log.error("错误原因：不合法的secret参数，请检查Suite配置");
            return null;
        } catch (Exception e) {
            log.error("获取企业访问令牌异常: suiteId={}, authCorpId={}", str, str2, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public int saveAuthorizedCorp(SuiteAuthorizedCorp suiteAuthorizedCorp) {
        try {
            suiteAuthorizedCorp.setCreateTime(LocalDateTime.now());
            suiteAuthorizedCorp.setUpdateTime(LocalDateTime.now());
            return this.suiteAuthorizedCorpMapper.insert(suiteAuthorizedCorp);
        } catch (Exception e) {
            log.error("保存授权企业信息失败: {}", suiteAuthorizedCorp, e);
            return 0;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public int updateAuthorizedCorp(SuiteAuthorizedCorp suiteAuthorizedCorp) {
        try {
            suiteAuthorizedCorp.setUpdateTime(LocalDateTime.now());
            return this.suiteAuthorizedCorpMapper.update(suiteAuthorizedCorp);
        } catch (Exception e) {
            log.error("更新授权企业信息失败: {}", suiteAuthorizedCorp, e);
            return 0;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public SuiteAuthorizedCorp getAuthorizedCorp(String str, String str2) {
        try {
            return this.suiteAuthorizedCorpMapper.selectBySuiteIdAndCorpId(str, str2);
        } catch (Exception e) {
            log.error("获取授权企业信息失败: suiteId={}, authCorpId={}", str, str2, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public SuiteAuthorizedCorp getAuthorizedCorpByCorpUserId(String str) {
        try {
            return this.suiteAuthorizedCorpMapper.selectByCorpUserId(str);
        } catch (Exception e) {
            log.error("根据企业用户ID获取授权企业失败: corpUserId={}", str, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public List<SuiteAuthorizedCorp> getAuthorizedCorpList(String str) {
        try {
            return this.suiteAuthorizedCorpMapper.selectBySuiteId(str);
        } catch (Exception e) {
            log.error("获取授权企业列表失败: suiteId={}", str, e);
            return new ArrayList();
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public List<SuiteAuthorizedCorp> getAuthorizedCorpListByHospitalId(String str) {
        try {
            return this.suiteAuthorizedCorpMapper.selectByHospitalId(str);
        } catch (Exception e) {
            log.error("根据医院ID获取授权企业列表失败: hospitalId={}", str, e);
            return new ArrayList();
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public List<SuiteAuthorizedCorp> getAuthorizedCorpListByAppcode(String str) {
        try {
            return this.suiteAuthorizedCorpMapper.selectByAppcode(str);
        } catch (Exception e) {
            log.error("根据应用编码获取授权企业列表失败: appcode={}", str, e);
            return new ArrayList();
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public List<SuiteAuthorizedCorp> getAuthorizedCorpListByHospitalIdAndAppcode(String str, String str2) {
        try {
            return this.suiteAuthorizedCorpMapper.selectByHospitalIdAndAppcode(str, str2);
        } catch (Exception e) {
            log.error("根据医院ID和应用编码获取授权企业列表失败: hospitalId={}, appcode={}", str, str2, e);
            return new ArrayList();
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public SuiteAuthorizedCorp getAuthorizedCorpBySuiteIdAndHospitalIdAndAppcode(String str, String str2, String str3) {
        try {
            return this.suiteAuthorizedCorpMapper.selectBySuiteIdAndHospitalIdAndAppcode(str, str2, str3);
        } catch (Exception e) {
            log.error("根据Suite ID、医院ID和应用编码获取授权企业失败: suiteId={}, hospitalId={}, appcode={}", str, str2, str3, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public SuiteAuthorizedCorp getAuthorizedCorpByCorpIdAndHospitalIdAndAppcode(String str, String str2, String str3) {
        try {
            return this.suiteAuthorizedCorpMapper.selectByCorpIdAndHospitalIdAndAppcode(str, str2, str3);
        } catch (Exception e) {
            log.error("根据企业ID、医院ID和应用编码获取授权企业失败: corpId={}, hospitalId={}, appcode={}", str, str2, str3, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public int cancelCorpAuth(String str, String str2) {
        try {
            SuiteAuthorizedCorp authorizedCorp = getAuthorizedCorp(str, str2);
            if (authorizedCorp == null) {
                return 0;
            }
            authorizedCorp.setStatus("已取消");
            authorizedCorp.setCancelTime(LocalDateTime.now());
            return updateAuthorizedCorp(authorizedCorp);
        } catch (Exception e) {
            log.error("取消企业授权失败: suiteId={}, authCorpId={}", str, str2, e);
            return 0;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> getCorpInfo(String str, String str2) {
        String corpAccessToken;
        HashMap hashMap = new HashMap();
        try {
            corpAccessToken = getCorpAccessToken(str, str2, false);
        } catch (Exception e) {
            log.error("获取企业信息异常: suiteId={}, authCorpId={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("message", "获取企业信息异常: " + e.getMessage());
        }
        if (StringUtils.isEmpty(corpAccessToken)) {
            hashMap.put("success", false);
            hashMap.put("message", "获取企业访问令牌失败");
            return hashMap;
        }
        String str3 = this.wechatWorkApiService.get("https://qyapi.weixin.qq.com/cgi-bin/corp/get?access_token=" + corpAccessToken);
        if (StringUtils.isNotEmpty(str3)) {
            Map map = (Map) this.objectMapper.readValue(str3, Map.class);
            Integer num = (Integer) map.get("errcode");
            if (num == null || num.intValue() != 0) {
                hashMap.put("success", false);
                hashMap.put("message", "API调用失败: " + map.get("errmsg"));
            } else {
                hashMap.put("success", true);
                hashMap.put("data", map);
            }
        } else {
            hashMap.put("success", false);
            hashMap.put("message", "API响应为空");
        }
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> syncCorpInfo(String str, String str2) {
        Map<String, Object> corpInfo;
        HashMap hashMap = new HashMap();
        try {
            corpInfo = getCorpInfo(str, str2);
        } catch (Exception e) {
            log.error("同步企业信息异常: suiteId={}, authCorpId={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("message", "同步企业信息异常: " + e.getMessage());
        }
        if (!((Boolean) corpInfo.get("success")).booleanValue()) {
            return corpInfo;
        }
        Map map = (Map) corpInfo.get("data");
        SuiteAuthorizedCorp authorizedCorp = getAuthorizedCorp(str, str2);
        if (authorizedCorp != null) {
            authorizedCorp.setCorpName((String) map.get("corp_name"));
            authorizedCorp.setCorpType((String) map.get("corp_type"));
            authorizedCorp.setCorpSquareLogoUrl((String) map.get("corp_square_logo_url"));
            authorizedCorp.setCorpRoundLogoUrl((String) map.get("corp_round_logo_url"));
            authorizedCorp.setCorpUserMax((Integer) map.get("corp_user_max"));
            authorizedCorp.setCorpAgentMax((Integer) map.get("corp_agent_max"));
            authorizedCorp.setLastSyncTime(LocalDateTime.now());
            updateAuthorizedCorp(authorizedCorp);
        }
        hashMap.put("success", true);
        hashMap.put("message", "企业信息同步成功");
        hashMap.put("data", map);
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public void logAuthOperation(String str, String str2, String str3, String str4, String str5, String str6) {
        try {
            log.info("Suite授权操作日志: suiteId={}, authCorpId={}, operationType={}, result={}, error={}", str, str2, str3, str5, str6);
        } catch (Exception e) {
            log.error("记录授权操作日志失败", (Throwable) e);
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> refreshPermanentCode(String str, String str2, String str3) {
        Map<String, Object> corpPermanentCode;
        HashMap hashMap = new HashMap();
        try {
            log.info("开始刷新永久授权码: suiteId={}, authCorpId={}", str, str2);
            if (StringUtils.isEmpty(str3)) {
                str3 = getLatestAuthCodeFromCache(str, str2);
                if (StringUtils.isEmpty(str3)) {
                    hashMap.put("success", false);
                    hashMap.put("message", "没有可用的授权码进行刷新");
                    return hashMap;
                }
            }
            corpPermanentCode = getCorpPermanentCode(str, str3);
        } catch (Exception e) {
            log.error("刷新永久授权码异常: suiteId={}, authCorpId={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("message", "刷新永久授权码异常: " + e.getMessage());
            logAuthOperation(str, str2, "refresh_permanent_code", "刷新永久授权码", "failed", e.getMessage());
        }
        if (!((Boolean) corpPermanentCode.getOrDefault("success", false)).booleanValue()) {
            hashMap.put("success", false);
            hashMap.put("message", "获取新永久授权码失败: " + corpPermanentCode.get("message"));
            return hashMap;
        }
        String str4 = (String) corpPermanentCode.get("permanentCode");
        if (StringUtils.isEmpty(str4)) {
            hashMap.put("success", false);
            hashMap.put("message", "获取到的新永久授权码为空");
            return hashMap;
        }
        SuiteAuthorizedCorp authorizedCorp = getAuthorizedCorp(str, str2);
        if (authorizedCorp == null) {
            hashMap.put("success", false);
            hashMap.put("message", "授权企业信息不存在");
            return hashMap;
        }
        String permanentCode = authorizedCorp.getPermanentCode();
        authorizedCorp.setPermanentCode(str4);
        authorizedCorp.setLastSyncTime(LocalDateTime.now());
        if (updateAuthorizedCorp(authorizedCorp) > 0) {
            hashMap.put("success", true);
            hashMap.put("message", "永久授权码刷新成功");
            hashMap.put("oldPermanentCode", permanentCode);
            hashMap.put("newPermanentCode", str4);
            log.info("永久授权码刷新成功: suiteId={}, authCorpId={}", str, str2);
            logAuthOperation(str, str2, "refresh_permanent_code", "刷新永久授权码", "success", null);
        } else {
            hashMap.put("success", false);
            hashMap.put("message", "永久授权码更新到数据库失败");
        }
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> validatePermanentCode(String str, String str2, String str3) {
        String suiteAccessToken;
        HashMap hashMap = new HashMap();
        try {
            log.debug("验证永久授权码: suiteId={}, authCorpId={}", str, str2);
            suiteAccessToken = getSuiteAccessToken(str, false);
        } catch (Exception e) {
            log.error("验证永久授权码异常: suiteId={}, authCorpId={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("valid", false);
            hashMap.put("message", "验证永久授权码异常: " + e.getMessage());
        }
        if (StringUtils.isEmpty(suiteAccessToken)) {
            hashMap.put("success", false);
            hashMap.put("valid", false);
            hashMap.put("message", "无法获取Suite Access Token");
            return hashMap;
        }
        String str4 = "https://qyapi.weixin.qq.com/cgi-bin/service/get_corp_token?access_token=" + suiteAccessToken;
        HashMap hashMap2 = new HashMap();
        hashMap2.put("auth_corpid", str2);
        hashMap2.put("permanent_code", str3);
        String post = this.wechatWorkApiService.post(str4, this.objectMapper.writeValueAsString(hashMap2));
        if (StringUtils.isNotEmpty(post)) {
            Map map = (Map) this.objectMapper.readValue(post, Map.class);
            Integer num = (Integer) map.get("errcode");
            if (num != null && num.intValue() == 0) {
                hashMap.put("success", true);
                hashMap.put("valid", true);
                hashMap.put("message", "永久授权码有效");
                log.debug("永久授权码验证成功: suiteId={}, authCorpId={}", str, str2);
            } else if (num.intValue() == 40084) {
                hashMap.put("success", true);
                hashMap.put("valid", false);
                hashMap.put("message", "永久授权码已失效");
                hashMap.put("errcode", num);
                log.warn("永久授权码已失效: suiteId={}, authCorpId={}, errcode={}", str, str2, num);
            } else {
                hashMap.put("success", true);
                hashMap.put("valid", false);
                hashMap.put("message", "永久授权码验证失败: " + map.get("errmsg"));
                hashMap.put("errcode", num);
                hashMap.put("errmsg", map.get("errmsg"));
                log.warn("永久授权码验证失败: suiteId={}, authCorpId={}, errcode={}, errmsg={}", str, str2, num, map.get("errmsg"));
            }
        } else {
            hashMap.put("success", false);
            hashMap.put("valid", false);
            hashMap.put("message", "API响应为空");
        }
        return hashMap;
    }

    private String getLatestAuthCodeFromCache(String str, String str2) {
        try {
            return this.redisTemplate.opsForValue().get("latest_auth_code:" + str + ":" + str2);
        } catch (Exception e) {
            log.warn("从缓存获取授权码失败: suiteId={}, authCorpId={}", str, str2, e);
            return null;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> generateAuthUrl(String str, String str2, String str3) {
        SuiteConfig suiteConfig;
        HashMap hashMap = new HashMap();
        try {
            log.info("生成授权链接: hospitalId={}, appcode={}, suiteId={}", str, str2, str3);
            suiteConfig = getSuiteConfig(str3);
        } catch (Exception e) {
            log.error("生成授权链接失败: hospitalId={}, appcode={}, suiteId={}", str, str2, str3, e);
            hashMap.put("success", false);
            hashMap.put("message", "生成授权链接失败: " + e.getMessage());
        }
        if (suiteConfig == null) {
            hashMap.put("success", false);
            hashMap.put("message", "Suite配置不存在");
            return hashMap;
        }
        String preAuthCode = getPreAuthCode(str3);
        if (StringUtils.isEmpty(preAuthCode)) {
            hashMap.put("success", false);
            hashMap.put("message", "获取预授权码失败");
            return hashMap;
        }
        String str4 = str + ":" + str2 + ":" + System.currentTimeMillis();
        String authRedirectUri = suiteConfig.getAuthRedirectUri();
        if (StringUtils.isEmpty(authRedirectUri)) {
            authRedirectUri = "https://ihos.chinachdu.com/YCRMYY/scrm/api/scrm/suite/auth/callback";
        }
        String format = String.format("https://open.work.weixin.qq.com/3rdapp/install?suite_id=%s&pre_auth_code=%s&redirect_uri=%s&state=%s", str3, preAuthCode, authRedirectUri, str4);
        String str5 = "auth_state:" + str4;
        HashMap hashMap2 = new HashMap();
        hashMap2.put("hospitalId", str);
        hashMap2.put("appcode", str2);
        hashMap2.put("suiteId", str3);
        hashMap2.put(MessageHeaders.TIMESTAMP, String.valueOf(System.currentTimeMillis()));
        this.redisTemplate.opsForValue().set(str5, this.objectMapper.writeValueAsString(hashMap2), 10L, TimeUnit.MINUTES);
        hashMap.put("success", true);
        hashMap.put("authUrl", format);
        hashMap.put("state", str4);
        hashMap.put("preAuthCode", preAuthCode);
        hashMap.put("redirectUri", authRedirectUri);
        hashMap.put("message", "授权链接生成成功，请企业管理员访问此链接完成授权");
        log.info("授权链接生成成功: authUrl={}", format);
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> handleAuthCallback(String str, String str2) {
        Map<String, Object> validateAuthCallback;
        HashMap hashMap = new HashMap();
        try {
            log.info("处理授权回调: authCode={}, state={}", str, str2);
            validateAuthCallback = validateAuthCallback(str, str2, null);
        } catch (Exception e) {
            log.error("处理授权回调失败: authCode={}, state={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("message", "处理授权回调失败: " + e.getMessage());
        }
        if (!((Boolean) validateAuthCallback.get("valid")).booleanValue()) {
            hashMap.put("success", false);
            hashMap.put("message", "授权回调参数校验失败: " + validateAuthCallback.get("message"));
            return hashMap;
        }
        log.info("授权回调参数校验通过，继续处理授权流程");
        String str3 = "auth_state:" + str2;
        String str4 = this.redisTemplate.opsForValue().get(str3);
        if (StringUtils.isEmpty(str4)) {
            hashMap.put("success", false);
            hashMap.put("message", "状态参数无效或已过期");
            return hashMap;
        }
        Map map = (Map) this.objectMapper.readValue(str4, Map.class);
        String str5 = (String) map.get("hospitalId");
        String str6 = (String) map.get("appcode");
        String str7 = (String) map.get("suiteId");
        Map<String, Object> corpPermanentCode = getCorpPermanentCode(str7, str);
        if (!((Boolean) corpPermanentCode.get("success")).booleanValue()) {
            hashMap.put("success", false);
            hashMap.put("message", "获取永久授权码失败: " + corpPermanentCode.get("message"));
            return hashMap;
        }
        String str8 = (String) corpPermanentCode.get("authCorpId");
        String str9 = (String) corpPermanentCode.get("corpName");
        String str10 = (String) corpPermanentCode.get("permanentCode");
        SuiteAuthorizedCorp suiteAuthorizedCorp = new SuiteAuthorizedCorp();
        suiteAuthorizedCorp.setSuiteId(str7);
        suiteAuthorizedCorp.setCorpId(str8);
        suiteAuthorizedCorp.setCorpName(str9);
        suiteAuthorizedCorp.setPermanentCode(str10);
        suiteAuthorizedCorp.setAuthCode(str);
        suiteAuthorizedCorp.setAuthTime(LocalDateTime.now());
        suiteAuthorizedCorp.setHospitalId(str5);
        suiteAuthorizedCorp.setAppcode(str6);
        suiteAuthorizedCorp.setStatus("已授权");
        SuiteAuthorizedCorp authorizedCorp = getAuthorizedCorp(str7, str8);
        if (authorizedCorp != null) {
            suiteAuthorizedCorp.setId(authorizedCorp.getId());
            updateAuthorizedCorp(suiteAuthorizedCorp);
        } else {
            saveAuthorizedCorp(suiteAuthorizedCorp);
        }
        this.redisTemplate.opsForValue().set("used_auth_code:" + str, "1", 86400L, TimeUnit.SECONDS);
        updateWechatWorkConfig(str5, str6, str7, str8, str10);
        this.redisTemplate.delete((RedisTemplate<String, String>) str3);
        hashMap.put("success", true);
        hashMap.put("message", "授权处理成功");
        hashMap.put("authCorpId", str8);
        hashMap.put("corpName", str9);
        hashMap.put("permanentCode", str10);
        hashMap.put("hospitalId", str5);
        hashMap.put("appcode", str6);
        log.info("授权处理成功: authCorpId={}, corpName={}", str8, str9);
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> checkAuthStatus(String str, String str2) {
        List list;
        HashMap hashMap = new HashMap();
        try {
            log.info("检查授权状态: hospitalId={}, appcode={}", str, str2);
            list = (List) this.suiteAuthorizedCorpMapper.selectAll().stream().filter(suiteAuthorizedCorp -> {
                return str.equals(suiteAuthorizedCorp.getHospitalId()) && str2.equals(suiteAuthorizedCorp.getAppcode());
            }).collect(Collectors.toList());
        } catch (Exception e) {
            log.error("检查授权状态失败: hospitalId={}, appcode={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("message", "检查授权状态失败: " + e.getMessage());
        }
        if (list == null || list.isEmpty()) {
            hashMap.put("success", false);
            hashMap.put("message", "未找到授权信息");
            hashMap.put("isAuthorized", false);
            return hashMap;
        }
        SuiteAuthorizedCorp suiteAuthorizedCorp2 = (SuiteAuthorizedCorp) list.get(0);
        Map<String, Object> validatePermanentCode = validatePermanentCode(suiteAuthorizedCorp2.getSuiteId(), suiteAuthorizedCorp2.getCorpId(), suiteAuthorizedCorp2.getPermanentCode());
        hashMap.put("success", true);
        hashMap.put("isAuthorized", true);
        hashMap.put("authCorpId", suiteAuthorizedCorp2.getCorpId());
        hashMap.put("corpName", suiteAuthorizedCorp2.getCorpName());
        hashMap.put("suiteId", suiteAuthorizedCorp2.getSuiteId());
        hashMap.put("authTime", suiteAuthorizedCorp2.getAuthTime());
        hashMap.put("status", suiteAuthorizedCorp2.getStatus());
        hashMap.put("permanentCodeValid", validatePermanentCode.get("success"));
        if (((Boolean) validatePermanentCode.get("success")).booleanValue()) {
            hashMap.put("message", "授权状态正常");
        } else {
            hashMap.put("message", "授权已过期或无效，需要重新授权");
        }
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> refreshPermanentCode(String str, String str2) {
        return refreshPermanentCode(str, str2, null);
    }

    private String getPreAuthCode(String str) {
        try {
            String suiteAccessToken = getSuiteAccessToken(str, false);
            if (StringUtils.isEmpty(suiteAccessToken)) {
                log.error("获取Suite Access Token失败");
                return null;
            }
            String str2 = "https://qyapi.weixin.qq.com/cgi-bin/service/get_pre_auth_code?access_token=" + suiteAccessToken;
            HashMap hashMap = new HashMap();
            hashMap.put("suite_id", str);
            String post = this.wechatWorkApiService.post(str2, this.objectMapper.writeValueAsString(hashMap));
            if (!StringUtils.isNotEmpty(post)) {
                return null;
            }
            Map map = (Map) this.objectMapper.readValue(post, Map.class);
            Integer num = (Integer) map.get("errcode");
            if (num != null && num.intValue() == 0) {
                return (String) map.get("pre_auth_code");
            }
            log.error("获取预授权码失败: {}", map.get("errmsg"));
            return null;
        } catch (Exception e) {
            log.error("获取预授权码异常: suiteId={}", str, e);
            return null;
        }
    }

    private void updateWechatWorkConfig(String str, String str2, String str3, String str4, String str5) {
        try {
            log.info("需要更新企业微信配置: hospitalId={}, appcode={}, authCorpId={}, permanentCode={}", str, str2, str4, str5);
        } catch (Exception e) {
            log.error("更新企业微信配置失败: hospitalId={}, appcode={}", str, str2, e);
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public Map<String, Object> validateAuthCallback(String str, String str2, String str3) {
        HashMap hashMap = new HashMap();
        try {
            log.info("开始校验授权回调参数: authCode={}, state={}, expiresIn={}", str, str2, str3);
            if (StringUtils.isEmpty(str)) {
                hashMap.put("valid", false);
                hashMap.put("message", "授权码不能为空");
                return hashMap;
            }
            if (str.length() < 10 || str.length() > 512) {
                hashMap.put("valid", false);
                hashMap.put("message", "授权码格式不正确，长度应在10-512字符之间");
                return hashMap;
            }
            if (!str.matches(ParameterHelper.PATTERN)) {
                hashMap.put("valid", false);
                hashMap.put("message", "授权码包含非法字符");
                return hashMap;
            }
            if (StringUtils.isNotEmpty(str2)) {
                try {
                    String[] split = str2.split(":");
                    if (split.length < 3) {
                        hashMap.put("valid", false);
                        hashMap.put("message", "State参数格式错误");
                        return hashMap;
                    }
                    String str4 = split[0];
                    String str5 = split[1];
                    String str6 = split[2];
                    if (StringUtils.isEmpty(str4) || StringUtils.isEmpty(str5)) {
                        hashMap.put("valid", false);
                        hashMap.put("message", "State参数中缺少必要信息");
                        return hashMap;
                    }
                    try {
                        if (System.currentTimeMillis() - Long.parseLong(str6) > 600000) {
                            hashMap.put("valid", false);
                            hashMap.put("message", "State参数已过期");
                            return hashMap;
                        }
                        hashMap.put("hospitalId", str4);
                        hashMap.put("appcode", str5);
                    } catch (NumberFormatException e) {
                        hashMap.put("valid", false);
                        hashMap.put("message", "State参数时间戳格式错误");
                        return hashMap;
                    }
                } catch (Exception e2) {
                    log.warn("State参数解析失败: {}", str2, e2);
                    hashMap.put("valid", false);
                    hashMap.put("message", "State参数解析失败");
                    return hashMap;
                }
            }
            if (StringUtils.isNotEmpty(str3)) {
                try {
                    int parseInt = Integer.parseInt(str3);
                    if (parseInt <= 0) {
                        hashMap.put("valid", false);
                        hashMap.put("message", "授权码已过期");
                        return hashMap;
                    }
                    hashMap.put("expiresIn", Integer.valueOf(parseInt));
                } catch (NumberFormatException e3) {
                    hashMap.put("valid", false);
                    hashMap.put("message", "过期时间格式错误");
                    return hashMap;
                }
            }
            if (StringUtils.isNotEmpty(this.redisTemplate.opsForValue().get("used_auth_code:" + str))) {
                hashMap.put("valid", false);
                hashMap.put("message", "授权码已被使用");
                return hashMap;
            }
            this.redisTemplate.opsForValue().set("checked_auth_code:" + str, "1", AuthConstant.TSC_VALID_TIME_SECONDS, TimeUnit.SECONDS);
            hashMap.put("valid", true);
            hashMap.put("message", "授权回调参数校验通过");
            hashMap.put("authCode", str);
            hashMap.put("state", str2);
            log.info("授权回调参数校验通过: authCode={}", str);
            return hashMap;
        } catch (Exception e4) {
            log.error("校验授权回调参数异常: authCode={}, state={}", str, str2, e4);
            hashMap.put("valid", false);
            hashMap.put("message", "校验过程发生异常: " + e4.getMessage());
            return hashMap;
        }
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    public String verifyWechatCallback(String str, String str2, String str3, String str4, HttpServletRequest httpServletRequest) {
        try {
            log.info("开始验证企业微信回调 URL: msgSignature={}, timestamp={}, nonce={}, echostr={}", str, str2, str3, str4);
            String parameter = httpServletRequest.getParameter("hospitalId");
            String parameter2 = httpServletRequest.getParameter("appcode");
            if (StringUtils.isEmpty(parameter) || StringUtils.isEmpty(parameter2)) {
                log.info("尝试从路径解析参数: pathInfo={}, requestURI={}", httpServletRequest.getPathInfo(), httpServletRequest.getRequestURI());
                if (StringUtils.isEmpty(parameter)) {
                    parameter = "default";
                }
                if (StringUtils.isEmpty(parameter2)) {
                    parameter2 = "default";
                }
            }
            log.info("使用配置参数: hospitalId={}, appcode={}", parameter, parameter2);
            List<WechatWorkConfig> wechatWorkConfigListByHospitalIdAndAppcode = this.wechatWorkConfigService.getWechatWorkConfigListByHospitalIdAndAppcode(parameter, parameter2);
            if (wechatWorkConfigListByHospitalIdAndAppcode == null || wechatWorkConfigListByHospitalIdAndAppcode.isEmpty()) {
                log.error("未找到企业微信配置: hospitalId={}, appcode={}", parameter, parameter2);
                return null;
            }
            WechatWorkConfig wechatWorkConfig = wechatWorkConfigListByHospitalIdAndAppcode.get(0);
            if (!verifySignature(str, str2, str3, wechatWorkConfig.getCallbackToken(), str4)) {
                log.error("签名验证失败: hospitalId={}, appcode={}", parameter, parameter2);
                return null;
            }
            String str5 = str4;
            if (StringUtils.isNotEmpty(wechatWorkConfig.getCallbackAesKey())) {
                try {
                    str5 = decryptMessage(str4, wechatWorkConfig.getCallbackAesKey(), wechatWorkConfig.getCorpId());
                    Logger logger = log;
                    Object[] objArr = new Object[4];
                    objArr[0] = parameter;
                    objArr[1] = parameter2;
                    objArr[2] = Integer.valueOf(str4.length());
                    objArr[3] = Integer.valueOf(str5 != null ? str5.length() : 0);
                    logger.info("回调验证解密成功: hospitalId={}, appcode={}, 原始长度={}, 解密后长度={}", objArr);
                } catch (Exception e) {
                    log.error("回调验证解密失败: hospitalId={}, appcode={}, echostr={}", parameter, parameter2, str4, e);
                    return null;
                }
            } else {
                log.info("未配置 CallbackAesKey，直接返回 echostr: hospitalId={}, appcode={}", parameter, parameter2);
            }
            log.info("企业微信回调验证成功: hospitalId={}, appcode={}", parameter, parameter2);
            return str5;
        } catch (Exception e2) {
            log.error("验证企业微信回调异常", (Throwable) e2);
            return null;
        }
    }

    private boolean verifySignature(String str, String str2, String str3, String str4, String str5) {
        try {
            Logger logger = log;
            Object[] objArr = new Object[5];
            objArr[0] = str;
            objArr[1] = str2;
            objArr[2] = str3;
            objArr[3] = str4;
            objArr[4] = Integer.valueOf(str5 != null ? str5.length() : 0);
            logger.info("开始验证签名: signature={}, timestamp={}, nonce={}, token={}, data长度={}", objArr);
            if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2) || StringUtils.isEmpty(str3) || StringUtils.isEmpty(str4)) {
                log.error("签名验证参数不完整: signature={}, timestamp={}, nonce={}, token={}", str, str2, str3, str4);
                return false;
            }
            List asList = Arrays.asList(str4, str2, str3, str5);
            Collections.sort(asList);
            StringBuilder sb = new StringBuilder();
            Iterator it = asList.iterator();
            while (it.hasNext()) {
                sb.append((String) it.next());
            }
            String sb2 = sb.toString();
            log.debug("排序后的字符串: {}", sb2);
            byte[] digest = MessageDigest.getInstance("SHA-1").digest(sb2.getBytes(StandardCharsets.UTF_8));
            StringBuilder sb3 = new StringBuilder();
            for (byte b : digest) {
                String hexString = Integer.toHexString(b & 255);
                if (hexString.length() < 2) {
                    sb3.append(0);
                }
                sb3.append(hexString);
            }
            String sb4 = sb3.toString();
            log.info("计算得到的签名: {}, 传入的签名: {}, 匹配: {}", sb4, str, Boolean.valueOf(str.equals(sb4)));
            return str.equals(sb4);
        } catch (Exception e) {
            log.error("验证签名异常: {}", e.getMessage(), e);
            return false;
        }
    }

    private String decryptMessage(String str, String str2, String str3) throws Exception {
        log.info("开始解密消息: encryptedMsg长度={}, encodingAesKey长度={}, corpId={}", Integer.valueOf(str.length()), Integer.valueOf(str2.length()), str3);
        return str;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public Map<String, Object> savePermanentCode(String str, String str2, String str3, Map<String, Object> map) {
        HashMap hashMap = new HashMap();
        try {
            log.info("开始保存永久授权码: suiteId={}, authCorpId={}", str, str2);
        } catch (Exception e) {
            log.error("保存永久授权码异常: suiteId={}, authCorpId={}", str, str2, e);
            hashMap.put("success", false);
            hashMap.put("message", "保存永久授权码异常: " + e.getMessage());
            logAuthOperation(str, str2, "save_permanent_code", "保存永久授权码", "failed", e.getMessage());
        }
        if (StringUtils.isEmpty(str3)) {
            hashMap.put("success", false);
            hashMap.put("message", "永久授权码不能为空");
            return hashMap;
        }
        SuiteAuthorizedCorp authorizedCorp = getAuthorizedCorp(str, str2);
        if (authorizedCorp != null) {
            String permanentCode = authorizedCorp.getPermanentCode();
            authorizedCorp.setPermanentCode(str3);
            authorizedCorp.setLastSyncTime(LocalDateTime.now());
            authorizedCorp.setUpdateTime(LocalDateTime.now());
            if (map != null) {
                updateCorpInfoFromAuthData(authorizedCorp, map);
            }
            if (updateAuthorizedCorp(authorizedCorp) <= 0) {
                hashMap.put("success", false);
                hashMap.put("message", "永久授权码数据库更新失败");
                return hashMap;
            }
            hashMap.put("success", true);
            hashMap.put("message", "永久授权码更新成功");
            hashMap.put(Annotation.OPERATION, "update");
            hashMap.put("oldPermanentCode", permanentCode);
            hashMap.put("newPermanentCode", str3);
            log.info("永久授权码更新成功: suiteId={}, authCorpId={}", str, str2);
        } else {
            SuiteAuthorizedCorp suiteAuthorizedCorp = new SuiteAuthorizedCorp();
            suiteAuthorizedCorp.setSuiteId(str);
            suiteAuthorizedCorp.setCorpId(str2);
            suiteAuthorizedCorp.setPermanentCode(str3);
            suiteAuthorizedCorp.setAuthTime(LocalDateTime.now());
            suiteAuthorizedCorp.setLastSyncTime(LocalDateTime.now());
            suiteAuthorizedCorp.setStatus("已授权");
            if (map != null) {
                updateCorpInfoFromAuthData(suiteAuthorizedCorp, map);
            }
            if (saveAuthorizedCorp(suiteAuthorizedCorp) <= 0) {
                hashMap.put("success", false);
                hashMap.put("message", "永久授权码数据库保存失败");
                return hashMap;
            }
            hashMap.put("success", true);
            hashMap.put("message", "永久授权码保存成功");
            hashMap.put(Annotation.OPERATION, "insert");
            hashMap.put("permanentCode", str3);
            log.info("永久授权码保存成功: suiteId={}, authCorpId={}", str, str2);
        }
        clearCorpAccessTokenCache(str, str2);
        logAuthOperation(str, str2, "save_permanent_code", "保存永久授权码", "success", null);
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public Map<String, Object> batchUpdatePermanentCodes(Map<String, Map<String, Object>> map) {
        HashMap hashMap = new HashMap();
        if (map == null || map.isEmpty()) {
            hashMap.put("success", false);
            hashMap.put("message", "批量更新数据为空");
            return hashMap;
        }
        log.info("开始批量更新永久授权码: count={}", Integer.valueOf(map.size()));
        int i = 0;
        int i2 = 0;
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, Map<String, Object>> entry : map.entrySet()) {
            String key = entry.getKey();
            Map<String, Object> value = entry.getValue();
            try {
                String[] split = key.split(":");
                if (split.length != 2) {
                    log.error("无效的企业标识格式: {}", key);
                    i2++;
                    arrayList.add(key);
                } else {
                    Map<String, Object> savePermanentCode = savePermanentCode(split[0], split[1], (String) value.get("permanentCode"), value);
                    if (((Boolean) savePermanentCode.getOrDefault("success", false)).booleanValue()) {
                        i++;
                    } else {
                        i2++;
                        arrayList.add(key);
                        log.error("批量更新永久授权码失败: corpKey={}, error={}", key, savePermanentCode.get("message"));
                    }
                }
            } catch (Exception e) {
                log.error("批量更新永久授权码异常: corpKey={}", key, e);
                i2++;
                arrayList.add(key);
            }
        }
        hashMap.put("success", Boolean.valueOf(i2 == 0));
        hashMap.put("totalCount", Integer.valueOf(map.size()));
        hashMap.put("successCount", Integer.valueOf(i));
        hashMap.put("failCount", Integer.valueOf(i2));
        hashMap.put("failedCorps", arrayList);
        hashMap.put("message", String.format("批量更新完成: 成功=%d, 失败=%d", Integer.valueOf(i), Integer.valueOf(i2)));
        log.info("批量更新永久授权码完成: 总数={}, 成功={}, 失败={}", Integer.valueOf(map.size()), Integer.valueOf(i), Integer.valueOf(i2));
        return hashMap;
    }

    @Override // com.ebaiyihui.scrm.service.SuiteService
    @Transactional(rollbackFor = {Exception.class})
    public Map<String, Object> syncTicketAndPermanentCodeStatus(String str) {
        HashMap hashMap = new HashMap();
        try {
            log.info("开始同步Suite状态: suiteId={}", str);
            String latestSuiteTicket = getLatestSuiteTicket(str);
            boolean isNotEmpty = StringUtils.isNotEmpty(latestSuiteTicket);
            String str2 = null;
            boolean z = false;
            if (isNotEmpty) {
                try {
                    str2 = getSuiteAccessToken(str, false);
                    z = StringUtils.isNotEmpty(str2);
                } catch (Exception e) {
                    log.warn("获取Suite Access Token失败: suiteId={}", str, e);
                }
            }
            List<SuiteAuthorizedCorp> authorizedCorpList = getAuthorizedCorpList(str);
            int size = authorizedCorpList != null ? authorizedCorpList.size() : 0;
            int i = 0;
            int i2 = 0;
            ArrayList arrayList = new ArrayList();
            if (authorizedCorpList != null) {
                for (SuiteAuthorizedCorp suiteAuthorizedCorp : authorizedCorpList) {
                    HashMap hashMap2 = new HashMap();
                    hashMap2.put("authCorpId", suiteAuthorizedCorp.getCorpId());
                    hashMap2.put("corpName", suiteAuthorizedCorp.getCorpName());
                    if (!StringUtils.isNotEmpty(suiteAuthorizedCorp.getPermanentCode()) || "TEMP_PERMANENT_CODE_PLACEHOLDER".equals(suiteAuthorizedCorp.getPermanentCode())) {
                        hashMap2.put("permanentCodeValid", false);
                        hashMap2.put("validationMessage", "永久授权码为空或占位符");
                        i2++;
                    } else {
                        try {
                            Map<String, Object> validatePermanentCode = validatePermanentCode(str, suiteAuthorizedCorp.getCorpId(), suiteAuthorizedCorp.getPermanentCode());
                            boolean booleanValue = ((Boolean) validatePermanentCode.getOrDefault("valid", false)).booleanValue();
                            hashMap2.put("permanentCodeValid", Boolean.valueOf(booleanValue));
                            hashMap2.put("validationMessage", validatePermanentCode.get("message"));
                            if (booleanValue) {
                                i++;
                            } else {
                                i2++;
                            }
                        } catch (Exception e2) {
                            hashMap2.put("permanentCodeValid", false);
                            hashMap2.put("validationMessage", "验证异常: " + e2.getMessage());
                            i2++;
                        }
                    }
                    arrayList.add(hashMap2);
                }
            }
            hashMap.put("success", true);
            hashMap.put("suiteId", str);
            hashMap.put("syncTime", LocalDateTime.now());
            HashMap hashMap3 = new HashMap();
            hashMap3.put("hasValidTicket", Boolean.valueOf(isNotEmpty));
            hashMap3.put("ticketLength", Integer.valueOf(isNotEmpty ? latestSuiteTicket.length() : 0));
            hashMap.put("suiteTicketStatus", hashMap3);
            HashMap hashMap4 = new HashMap();
            hashMap4.put("hasValidAccessToken", Boolean.valueOf(z));
            hashMap4.put("tokenLength", Integer.valueOf(z ? str2.length() : 0));
            hashMap.put("suiteAccessTokenStatus", hashMap4);
            HashMap hashMap5 = new HashMap();
            hashMap5.put("totalCorps", Integer.valueOf(size));
            hashMap5.put("validPermanentCodes", Integer.valueOf(i));
            hashMap5.put("invalidPermanentCodes", Integer.valueOf(i2));
            hashMap5.put("validRate", Double.valueOf(size > 0 ? i / size : 0.0d));
            hashMap.put("permanentCodeStatus", hashMap5);
            hashMap.put("corpStatusList", arrayList);
            boolean z2 = isNotEmpty && z && i2 == 0;
            hashMap.put("overallHealthy", Boolean.valueOf(z2));
            if (!z2) {
                ArrayList arrayList2 = new ArrayList();
                if (!isNotEmpty) {
                    arrayList2.add("Suite Ticket无效或过期");
                }
                if (!z) {
                    arrayList2.add("Suite Access Token无效");
                }
                if (i2 > 0) {
                    arrayList2.add("存在无效的永久授权码");
                }
                hashMap.put("healthIssues", arrayList2);
            }
            log.info("Suite状态同步完成: suiteId={}, healthy={}, totalCorps={}, validCodes={}", str, Boolean.valueOf(z2), Integer.valueOf(size), Integer.valueOf(i));
        } catch (Exception e3) {
            log.error("同步Suite状态异常: suiteId={}", str, e3);
            hashMap.put("success", false);
            hashMap.put("message", "同步状态异常: " + e3.getMessage());
        }
        return hashMap;
    }

    private void updateCorpInfoFromAuthData(SuiteAuthorizedCorp suiteAuthorizedCorp, Map<String, Object> map) {
        if (map == null) {
            return;
        }
        try {
            Map map2 = (Map) map.get("auth_corp_info");
            if (map2 != null) {
                String str = (String) map2.get("corp_name");
                if (StringUtils.isNotEmpty(str)) {
                    suiteAuthorizedCorp.setCorpName(str);
                }
                String str2 = (String) map2.get("corp_type");
                if (StringUtils.isNotEmpty(str2)) {
                    suiteAuthorizedCorp.setCorpType(str2);
                }
                String str3 = (String) map2.get("corp_square_logo_url");
                if (StringUtils.isNotEmpty(str3)) {
                    suiteAuthorizedCorp.setCorpSquareLogoUrl(str3);
                }
                String str4 = (String) map2.get("corp_round_logo_url");
                if (StringUtils.isNotEmpty(str4)) {
                    suiteAuthorizedCorp.setCorpRoundLogoUrl(str4);
                }
                Integer num = (Integer) map2.get("corp_user_max");
                if (num != null) {
                    suiteAuthorizedCorp.setCorpUserMax(num);
                }
                Integer num2 = (Integer) map2.get("corp_agent_max");
                if (num2 != null) {
                    suiteAuthorizedCorp.setCorpAgentMax(num2);
                }
            }
            Map map3 = (Map) map.get("auth_info");
            if (map3 != null) {
                List list = (List) map3.get("agent");
                if (list != null && !list.isEmpty()) {
                    suiteAuthorizedCorp.setAuthUserInfo(this.objectMapper.writeValueAsString(list));
                }
                String str5 = (String) map3.get("auth_scope");
                if (StringUtils.isNotEmpty(str5)) {
                    suiteAuthorizedCorp.setAuthScope(str5);
                }
            }
        } catch (Exception e) {
            log.warn("更新企业信息失败", (Throwable) e);
        }
    }

    private void clearCorpAccessTokenCache(String str, String str2) {
        try {
            String str3 = "corp_access_token:" + str + ":" + str2;
            log.debug("已清除企业访问令牌缓存: key={}, deleted={}", str3, this.redisTemplate.delete((RedisTemplate<String, String>) str3));
        } catch (Exception e) {
            log.warn("清除企业访问令牌缓存失败", (Throwable) e);
        }
    }
}
