package com.ebaiyihui.auth.server.service.impl;

import com.ebaiyihui.auth.server.common.AccountTypeConstant;
import com.ebaiyihui.auth.server.common.JwtConstant;
import com.ebaiyihui.auth.server.common.LoginConstant;
import com.ebaiyihui.auth.server.exception.LoginException;
import com.ebaiyihui.auth.server.service.AuthService;
import com.ebaiyihui.auth.server.service.DoctorWebAuthService;
import com.ebaiyihui.auth.server.service.HospitalAuthService;
import com.ebaiyihui.auth.server.service.SuperManagerAuthService;
import com.ebaiyihui.auth.server.utils.TokenUtils;
import com.ebaiyihui.cache.client.RedisClient;
import com.ebaiyihui.framework.common.ResultInfo;
import com.ebaiyihui.framework.enums.ReturnCodeEnum;
import com.ebaiyihui.framework.utils.SecretUtils;
import io.jsonwebtoken.Claims;
import java.util.Arrays;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:BOOT-INF/classes/com/ebaiyihui/auth/server/service/impl/AuthServiceImpl.class */
public class AuthServiceImpl implements AuthService {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AuthServiceImpl.class);
    public static final int ZERO = 0;
    public static final int ONE = 1;
    public static final int TWO = 2;

    @Value("${client_token_expire_time}")
    private Long clientTokenExpireTime;

    @Value("${login_token_secret}")
    private String login_token_secret;

    @Value("${web_login_expire_time}")
    private Long webLoginExpireTime;

    @Autowired
    private RedisClient redisClient;

    @Autowired
    HospitalAuthService hospitalAuthService;

    @Autowired
    DoctorWebAuthService doctorWebAuthService;

    @Autowired
    SuperManagerAuthService superManagerAuthService;

    @Override // com.ebaiyihui.auth.server.service.AuthService
    public void validateToken(String str, String str2) throws LoginException {
        log.info("开始校验：clientToken: " + str + " payload: " + str2);
        if (StringUtils.isBlank(str)) {
            log.info("token is empty" + str);
            throw new LoginException("未登录");
        }
        String[] split = decodeClientToken(str).split("\\|");
        String str3 = split[0];
        validateClientParam(str2, split[1], split.length == 3 ? split[2] : "");
        validateServerToken(str3);
    }

    private void validateServerToken(String str) throws LoginException {
        if (str.indexOf("Bearer ") == -1) {
            throw new LoginException("请求的签名无效");
        }
        Claims parseJWT = TokenUtils.parseJWT(str, this.login_token_secret);
        String obj = parseJWT.get(JwtConstant.ACCOUNT_TYPE_KEY).toString();
        String obj2 = parseJWT.get(JwtConstant.UNIQUE_NAME).toString();
        String obj3 = parseJWT.get(JwtConstant.UUID).toString();
        log.info("解密前端传递的token：view=" + obj2 + ", clientUuid=" + obj3);
        validateLoginExpire(obj, obj2);
        String obj4 = TokenUtils.parseJWT(getServerToken(obj, obj2), this.login_token_secret).get(JwtConstant.UUID).toString();
        log.info("校验登录时的UUID：前端传递给后端的UUID： " + obj3 + ", redis中的UUID：" + obj4);
        if (!obj3.equalsIgnoreCase(obj4)) {
            throw new LoginException("账号已被他人登录，请重新登录");
        }
        log.info("校验成功");
    }

    private String getServerToken(String str, String str2) throws LoginException {
        String str3 = "";
        if (AccountTypeConstant.APP_DOCTOR.equalsIgnoreCase(str)) {
            ResultInfo<List<String>> hmget = this.redisClient.hmget(LoginConstant.REDIS_AUTH_LOGIN_TOKEN_KEY + str2, AccountTypeConstant.APP_DOCTOR);
            if (hmget.getCode() != ReturnCodeEnum.SUCCEED.getValue().intValue()) {
                log.info("从redis中获取token失败， message: " + hmget.getMsg());
                throw new LoginException("网络超时, 请登录重试");
            }
            if (hmget.getResult().size() >= 1) {
                str3 = hmget.getResult().get(0);
            }
        } else if (AccountTypeConstant.WEB_DOCTOR.equalsIgnoreCase(str)) {
            ResultInfo<List<String>> hmget2 = this.redisClient.hmget(LoginConstant.REDIS_AUTH_LOGIN_TOKEN_KEY + str2, AccountTypeConstant.WEB_DOCTOR);
            if (hmget2.getCode() != ReturnCodeEnum.SUCCEED.getValue().intValue()) {
                log.info("从redis中获取token失败， message: " + hmget2.getMsg());
                throw new LoginException("网络超时, 请登录重试");
            }
            if (hmget2.getResult().size() >= 1) {
                str3 = hmget2.getResult().get(0);
            }
        } else {
            ResultInfo resultInfo = this.redisClient.get(LoginConstant.REDIS_AUTH_LOGIN_TOKEN_KEY + str2);
            if (resultInfo.getCode() != ReturnCodeEnum.SUCCEED.getValue().intValue()) {
                log.info("从redis中获取token失败， message: " + resultInfo.getMsg());
                throw new LoginException("网络超时, 请登录重试");
            }
            str3 = (String) resultInfo.getResult();
        }
        log.info("server token: " + str3);
        if (str3 != null && !str3.isEmpty()) {
            return str3;
        }
        log.info("账号被他人登录，请重新登录");
        throw new LoginException("账号已被他人登录，请重新登录");
    }

    private void validateLoginExpire(String str, String str2) throws LoginException {
        if (AccountTypeConstant.WEB_HOSPITAL.equalsIgnoreCase(str)) {
            validateWebHospitalLoginExpireTime(str2);
        }
        if (AccountTypeConstant.WEB_SUPER_MANAGER.equalsIgnoreCase(str)) {
            validateWebSuperManagerLoginExpierTime(str2);
        }
        if (AccountTypeConstant.WEB_DOCTOR.equalsIgnoreCase(str)) {
            validateWebDoctorLoginExpireTime(str2);
        }
    }

    private void validateWebDoctorLoginExpireTime(String str) throws LoginException {
        ResultInfo resultInfo = this.redisClient.get(LoginConstant.REDIS_WEB_LOGIN_TIME_DOCTOR_PREFIX + str);
        log.info("获取用户最后一次的操作API的时间" + resultInfo.toString());
        if (resultInfo.getCode() == ReturnCodeEnum.FAILURE.getValue().intValue()) {
            throw new LoginException(resultInfo.getMsg());
        }
        String str2 = (String) resultInfo.getResult();
        log.info("校验登录是否过期：当前时间戳： " + System.currentTimeMillis() + ", redis中的时间戳：" + str2);
        if (str2 == null) {
            log.info("账号被他人登录，请重新登录");
            throw new LoginException("账号被他人登录，请重新登录");
        }
        Long valueOf = Long.valueOf((System.currentTimeMillis() - Long.valueOf(str2).longValue()) / 1000);
        log.info("requestTime：" + valueOf + "s");
        if (valueOf.longValue() <= this.webLoginExpireTime.longValue()) {
            this.redisClient.set(LoginConstant.REDIS_WEB_LOGIN_TIME_DOCTOR_PREFIX + str, String.valueOf(System.currentTimeMillis()));
        } else {
            log.info("最后一次操作API大于cookie过期时间, 默认退出登录，清除当前session和cookie");
            this.doctorWebAuthService.logout(str);
            throw new LoginException("登录已过期，请重新登录");
        }
    }

    private void validateWebSuperManagerLoginExpierTime(String str) throws LoginException {
        ResultInfo resultInfo = this.redisClient.get(LoginConstant.REDIS_SUPER_MANAGER_LOGIN_TIME_PREFIX + str);
        log.info("获取用户最后一次的操作API的时间" + resultInfo.toString());
        if (resultInfo.getCode() == ReturnCodeEnum.FAILURE.getValue().intValue()) {
            throw new LoginException(resultInfo.getMsg());
        }
        String str2 = (String) resultInfo.getResult();
        log.info("校验登录是否过期：当前时间戳： " + System.currentTimeMillis() + ", redis中的时间戳：" + str2);
        if (str2 == null) {
            log.info("账号已被他人登录，请重新登录");
            throw new LoginException("账号被他人登录，请重新登录");
        }
        Long valueOf = Long.valueOf((System.currentTimeMillis() - Long.valueOf(str2).longValue()) / 1000);
        log.info("requestTime：" + valueOf + "s");
        if (valueOf.longValue() <= this.webLoginExpireTime.longValue()) {
            this.redisClient.set(LoginConstant.REDIS_SUPER_MANAGER_LOGIN_TIME_PREFIX + str, String.valueOf(System.currentTimeMillis()));
        } else {
            log.info("最后一次操作API大于cookie过期时间, 默认退出登录，清除当前session和cookie");
            this.superManagerAuthService.logout(str);
            throw new LoginException("登录已过期，请重新登录");
        }
    }

    private void validateWebHospitalLoginExpireTime(String str) throws LoginException {
        ResultInfo resultInfo = this.redisClient.get(LoginConstant.REDIS_WEB_LOGIN_TIME_PREFIX + str);
        log.info("获取用户最后一次的操作API的时间" + resultInfo.toString());
        if (resultInfo.getCode() == ReturnCodeEnum.FAILURE.getValue().intValue()) {
            throw new LoginException(resultInfo.getMsg());
        }
        String str2 = (String) resultInfo.getResult();
        log.info("校验登录是否过期：当前时间戳： " + System.currentTimeMillis() + ", redis中的时间戳：" + str2);
        if (str2 == null) {
            log.info("账号被他人登录，请重新登录");
            throw new LoginException("账号已被他人登录，请重新登录");
        }
        Long valueOf = Long.valueOf((System.currentTimeMillis() - Long.valueOf(str2).longValue()) / 1000);
        log.info("requestTime：" + valueOf + "s");
        if (valueOf.longValue() <= this.webLoginExpireTime.longValue()) {
            this.redisClient.set(LoginConstant.REDIS_WEB_LOGIN_TIME_PREFIX + str, String.valueOf(System.currentTimeMillis()));
        } else {
            log.info("最后一次操作API大于cookie过期时间, 默认退出登录，清除当前session和cookie");
            this.hospitalAuthService.logout(str);
            throw new LoginException("登录已过期，请重新登录");
        }
    }

    private void validateClientParam(String str, String str2, String str3) throws LoginException {
        log.info("开始校业务员数据之前: clientTokenPayload: " + str3 + ", payload: " + str);
        if (str3.contains(BeanFactory.FACTORY_BEAN_PREFIX)) {
            log.info("包含特殊字符未检验业务数据");
            return;
        }
        String simplifyPayload = simplifyPayload(str3);
        String[] split = simplifyPayload(str).split(",");
        String[] split2 = simplifyPayload.split(",");
        String convertArrayToStr = convertArrayToStr(split);
        String convertArrayToStr2 = convertArrayToStr(split2);
        if (convertArrayToStr2.contains(convertArrayToStr2)) {
            return;
        }
        log.info("clientTokenPayload: " + convertArrayToStr2 + ", payload: " + convertArrayToStr);
        throw new LoginException("请求的参数非法");
    }

    private String simplifyPayload(String str) {
        return str.replaceAll("\"", "").replaceAll("\\{", "").replaceAll("\\\\", "").replaceAll("}", "").replaceAll(":", "").replaceAll("\\[", "").replaceAll("]", "").replaceAll("undefined", "").replaceAll("null", "").replaceAll(BeanFactory.FACTORY_BEAN_PREFIX, "");
    }

    private String convertArrayToStr(String[] strArr) {
        Arrays.sort(strArr);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < strArr.length; i++) {
            sb.append(strArr[i].trim());
            if (i != strArr.length - 1) {
                sb.append(',');
            }
        }
        return sb.toString().trim();
    }

    private String decodeClientToken(String str) {
        String decodeBase64 = SecretUtils.decodeBase64(str.substring(str.length() - 10) + str.substring(0, str.length() - 10));
        log.info("解析后的ClientToken：" + decodeBase64);
        return decodeBase64;
    }
}
