package com.bokesoft.scm.yigo.auth.impl;

import com.bokesoft.scm.yigo.api.auth.AuthHandler;
import com.bokesoft.scm.yigo.api.auth.CaptchaImageResult;
import com.bokesoft.scm.yigo.api.auth.LoginResult;
import com.bokesoft.scm.yigo.api.auth.SSOLoginResult;
import com.bokesoft.scm.yigo.api.auth.TFACaptchaSendHandler;
import com.bokesoft.scm.yigo.api.auth.constants.UserUseType;
import com.bokesoft.scm.yigo.auth.captcha.LoginCaptchaHandler;
import com.bokesoft.scm.yigo.auth.captcha.impl.EhcacheLoginCaptchaHandler;
import com.bokesoft.scm.yigo.auth.captcha.impl.RedisLoginCaptchaHandler;
import com.bokesoft.scm.yigo.auth.configure.AuthProperties;
import com.bokesoft.scm.yigo.auth.totp.TotpGenerate;
import com.bokesoft.scm.yigo.extend.auth.AuthUtils;
import com.bokesoft.scm.yigo.extend.utils.RedisUtils;
import com.bokesoft.scm.yigo.extend.utils.SessionUtils;
import com.bokesoft.yes.common.encrypt.RSA;
import com.bokesoft.yes.common.encrypt.SaltHash;
import com.bokesoft.yes.mid.base.SvrInfo;
import com.bokesoft.yes.mid.certificate.utils.MidPasswordRuleChecker;
import com.bokesoft.yes.tools.json.JSONUtil;
import com.bokesoft.yes.tools.util.ReflectHelper;
import com.bokesoft.yigo.meta.dataobject.MetaColumn;
import com.bokesoft.yigo.meta.dataobject.MetaDataObject;
import com.bokesoft.yigo.meta.dataobject.MetaTable;
import com.bokesoft.yigo.meta.factory.IMetaFactory;
import com.bokesoft.yigo.meta.setting.MetaLoginSetting;
import com.bokesoft.yigo.meta.setting.MetaSetting;
import com.bokesoft.yigo.mid.auth.IChangePWDProcess;
import com.bokesoft.yigo.mid.base.DefaultContext;
import com.bokesoft.yigo.mid.base.SessionException;
import com.bokesoft.yigo.mid.connection.IDBManager;
import com.bokesoft.yigo.mid.para.SysPara;
import com.bokesoft.yigo.struct.datatable.DataTable;
import com.bokesoft.yigo.struct.env.Env;
import com.gitlab.summercattle.commons.exception.CommonException;
import com.gitlab.summercattle.commons.utils.auxiliary.UuidUtils;
import com.wf.captcha.ArithmeticCaptcha;
import java.io.ByteArrayOutputStream;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/bokesoft/scm/yigo/auth/impl/DefaultAuthHandler.class */
public class DefaultAuthHandler implements AuthHandler {

    @Autowired
    private AuthProperties authProperties;
    private LoginCaptchaHandler loginCaptchaHandler;

    @Autowired
    private TotpGenerate totpGenerate;
    private TFACaptchaSendHandler tfaCaptchaSendHandler;

    public DefaultAuthHandler(TFACaptchaSendHandler tFACaptchaSendHandler) {
        this.tfaCaptchaSendHandler = tFACaptchaSendHandler;
    }

    public LoginResult login(String str, String str2, String str3, String str4, boolean z, UserUseType userUseType, String str5, String str6, String str7, String str8, String str9, String str10) throws Throwable {
        if (showValidateImage(userUseType, str5).booleanValue() && (StringUtils.isBlank(str7) || StringUtils.isBlank(str8))) {
            throw new CommonException("验证码信息为空");
        }
        if (StringUtils.isNotBlank(str7) && StringUtils.isNotBlank(str8)) {
            if (!str8.equalsIgnoreCase(getLoginCaptchaHandler().getCaptcha(str7))) {
                throw new CommonException("验证码信息错误");
            }
            getLoginCaptchaHandler().removeCaptcha(str7);
        }
        if (useTwoFactorCaptcha(userUseType, str5).booleanValue() && StringUtils.isBlank(str9)) {
            throw new CommonException("双因素验证码信息为空");
        }
        if (StringUtils.isNotBlank(str9)) {
            if (!this.totpGenerate.generateTotpCode(getTwoFactorCaptchaSecret(userUseType, str5).get("secret")).equals(str9)) {
                throw new CommonException("双因素验证码信息错误");
            }
        }
        try {
            Map<String, String> userInfo = getUserInfo(userUseType, str5);
            String str11 = str5;
            if (userInfo.containsKey("code")) {
                str11 = userInfo.get("code");
            }
            Map map = null;
            if (StringUtils.isNotBlank(str10)) {
                map = JSONUtil.toMap(str10);
            }
            String str12 = null;
            if (userInfo.containsKey("tenant")) {
                str12 = userInfo.get("tenant");
                if (map == null) {
                    map = new HashMap();
                }
                map.put("tenant", str12);
            }
            long login = AuthUtils.login(str, str2, str3, str4, z, str11, str6, map);
            getLoginCaptchaHandler().removeLoginFail(userUseType, str5);
            boolean checkNeedChangePassword = checkNeedChangePassword(login);
            if (checkNeedChangePassword) {
                logout(str2, str3, str4);
            }
            return new LoginResult((Map) null, str12, checkNeedChangePassword);
        } catch (CommonException e) {
            getLoginCaptchaHandler().recordLoginFail(userUseType, str5);
            throw e;
        }
    }

    private boolean checkNeedChangePassword(long j) throws CommonException {
        if (this.authProperties.getPasswordValidity() > 0) {
            return ((Boolean) SessionUtils.processWithContext(defaultContext -> {
                MetaTable table = defaultContext.getVE().getMetaFactory().getDataObject("Operator").getTable("SYS_Operator");
                MetaColumn oIDColumn = table.getOIDColumn();
                MetaColumn metaColumn = table.get("UpdateTime");
                DataTable execPrepareQuery = defaultContext.getDBManager().execPrepareQuery((("select " + metaColumn.getBindingDBColumnName()) + " from " + table.getBindingDBTableName() + " where ") + oIDColumn.getBindingDBColumnName() + "=?", new Object[]{Long.valueOf(j)});
                if (!execPrepareQuery.first()) {
                    throw new CommonException("用户信息异常");
                }
                Date dateTime = execPrepareQuery.getDateTime(metaColumn.getBindingDBColumnName());
                if (dateTime != null && Math.abs((new Date().getTime() - dateTime.getTime()) / 86400000) <= this.authProperties.getPasswordValidity()) {
                    return false;
                }
                return true;
            })).booleanValue();
        }
        return false;
    }

    public SSOLoginResult ssoLogin(String str, String str2, String str3, String str4, boolean z, UserUseType userUseType, String str5) throws Throwable {
        Map<String, String> userInfo = getUserInfo(userUseType, str5);
        String str6 = str5;
        if (userInfo.containsKey("code")) {
            str6 = userInfo.get("code");
        }
        HashMap hashMap = null;
        String str7 = null;
        if (userInfo.containsKey("tenant")) {
            str7 = userInfo.get("tenant");
            hashMap = new HashMap();
            hashMap.put("tenant", userInfo.get("tenant"));
        }
        AuthUtils.login(str, str2, str3, str4, z, str6, hashMap);
        return new SSOLoginResult(str7);
    }

    public void logout(String str, String str2, String str3) throws Throwable {
        AuthUtils.logout(str, str2, str3);
    }

    public Boolean showValidateImage(UserUseType userUseType, String str) throws Throwable {
        if (this.authProperties.isAlwaysShowValidate()) {
            return true;
        }
        if (StringUtils.isBlank(str)) {
            return false;
        }
        return Boolean.valueOf(getLoginCaptchaHandler().getLoginFailCount(userUseType, str) >= this.authProperties.getLoginFailShowValidate());
    }

    public CaptchaImageResult queryCaptchaImage() throws Throwable {
        ArithmeticCaptcha arithmeticCaptcha = new ArithmeticCaptcha(120, 40, 2);
        String uuid = UuidUtils.getUUID();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Throwable th = null;
        try {
            try {
                getLoginCaptchaHandler().putCaptcha(uuid, arithmeticCaptcha.text());
                arithmeticCaptcha.out(byteArrayOutputStream);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                if (byteArrayOutputStream != null) {
                    if (0 != 0) {
                        try {
                            byteArrayOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        byteArrayOutputStream.close();
                    }
                }
                return new CaptchaImageResult(uuid, Base64.encodeBase64String(byteArray));
            } finally {
            }
        } catch (Throwable th3) {
            if (byteArrayOutputStream != null) {
                if (th != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    byteArrayOutputStream.close();
                }
            }
            throw th3;
        }
    }

    private LoginCaptchaHandler getLoginCaptchaHandler() throws CommonException {
        if (this.loginCaptchaHandler == null) {
            synchronized (DefaultAuthHandler.class) {
                if (this.loginCaptchaHandler == null) {
                    String sessionCacheName = SvrInfo.getSessionCacheName();
                    if (!"redis".equals(sessionCacheName) && !"ehcache".equals(sessionCacheName)) {
                        throw new CommonException("不支持会话缓存类型'" + sessionCacheName + "'");
                    }
                    if ("redis".equals(sessionCacheName)) {
                        this.loginCaptchaHandler = new RedisLoginCaptchaHandler(RedisUtils.getRedisOperate(true));
                    } else if ("ehcache".equals(sessionCacheName)) {
                        this.loginCaptchaHandler = new EhcacheLoginCaptchaHandler();
                    }
                }
            }
        }
        return this.loginCaptchaHandler;
    }

    private Map<String, String> getUserInfo(UserUseType userUseType, String str) throws Throwable {
        return (Map) SessionUtils.processWithContext(defaultContext -> {
            String str2;
            if (userUseType == UserUseType.Phone) {
                str2 = this.authProperties.getPhoneField();
            } else if (userUseType == UserUseType.Email) {
                str2 = this.authProperties.getEmailField();
            } else if (userUseType == UserUseType.Employee) {
                str2 = this.authProperties.getEmployeeField();
            } else {
                if (userUseType != UserUseType.Code) {
                    throw new CommonException("用户登录使用类型'" + userUseType.toString() + "'未知");
                }
                str2 = "Code";
            }
            MetaTable table = defaultContext.getVE().getMetaFactory().getDataObject("Operator").getTable("SYS_Operator");
            MetaColumn metaColumn = table.get("Code");
            MetaColumn metaColumn2 = null;
            if (StringUtils.isNotBlank(this.authProperties.getTenantField())) {
                metaColumn2 = (MetaColumn) table.get(this.authProperties.getTenantField());
                if (metaColumn2 == null) {
                    throw new CommonException("在操作员定义中没有找到租户字段'" + this.authProperties.getTenantField() + "'");
                }
            }
            MetaColumn metaColumn3 = table.get(str2);
            String str3 = "select " + metaColumn.getBindingDBColumnName();
            if (StringUtils.isNotBlank(this.authProperties.getTenantField())) {
                str3 = str3 + "," + metaColumn2.getBindingDBColumnName();
            }
            String str4 = (str3 + " from " + table.getBindingDBTableName() + " where ") + (userUseType == UserUseType.Code ? "UPPER(" + metaColumn3.getBindingDBColumnName() + ")" : metaColumn3.getBindingDBColumnName()) + "=?";
            IDBManager dBManager = defaultContext.getDBManager();
            Object[] objArr = new Object[1];
            objArr[0] = userUseType == UserUseType.Code ? str.toUpperCase() : str;
            DataTable execPrepareQuery = dBManager.execPrepareQuery(str4, objArr);
            if (!execPrepareQuery.first()) {
                throw new CommonException("用户登录信息异常");
            }
            HashMap hashMap = new HashMap();
            if (userUseType != UserUseType.Code) {
                hashMap.put("code", execPrepareQuery.getString(metaColumn.getBindingDBColumnName()));
            }
            if (StringUtils.isNotBlank(this.authProperties.getTenantField())) {
                String string = execPrepareQuery.getString(metaColumn2.getBindingDBColumnName());
                if (StringUtils.isNotBlank(string)) {
                    hashMap.put("tenant", string);
                }
            }
            return hashMap;
        });
    }

    public Boolean useTwoFactorCaptcha(UserUseType userUseType, String str) throws Throwable {
        if (this.authProperties.getTwoFactorCaptchaType() <= 0 || this.authProperties.getTwoFactorCaptchaType() > 2) {
            return false;
        }
        if (this.authProperties.getTwoFactorCaptchaType() == 1) {
            return true;
        }
        if (StringUtils.isBlank(str)) {
            return false;
        }
        return (Boolean) SessionUtils.processWithContext(defaultContext -> {
            String str2;
            if (userUseType == UserUseType.Phone) {
                str2 = this.authProperties.getPhoneField();
            } else if (userUseType == UserUseType.Email) {
                str2 = this.authProperties.getEmailField();
            } else if (userUseType == UserUseType.Employee) {
                str2 = this.authProperties.getEmployeeField();
            } else {
                if (userUseType != UserUseType.Code) {
                    throw new CommonException("用户登录使用类型'" + userUseType.toString() + "'未知");
                }
                str2 = "Code";
            }
            MetaDataObject dataObject = defaultContext.getVE().getMetaFactory().getDataObject("Operator");
            MetaTable table = dataObject.getTable("SYS_Operator");
            MetaColumn oIDColumn = table.getOIDColumn();
            MetaColumn metaColumn = table.get(str2);
            String str3 = (("select " + oIDColumn.getBindingDBColumnName()) + " from " + table.getBindingDBTableName() + " where ") + (userUseType == UserUseType.Code ? "UPPER(" + metaColumn.getBindingDBColumnName() + ")" : metaColumn.getBindingDBColumnName()) + "=?";
            IDBManager dBManager = defaultContext.getDBManager();
            Object[] objArr = new Object[1];
            objArr[0] = userUseType == UserUseType.Code ? str.toUpperCase() : str;
            DataTable execPrepareQuery = dBManager.execPrepareQuery(str3, objArr);
            if (!execPrepareQuery.first()) {
                throw new CommonException("用户登录信息异常");
            }
            Long l = execPrepareQuery.getLong(oIDColumn.getBindingDBColumnName());
            MetaTable table2 = dataObject.getTable("SYS_OperatorRole");
            MetaColumn sOIDColumn = table2.getSOIDColumn();
            MetaColumn metaColumn2 = table2.get("Role");
            DataTable execPrepareQuery2 = defaultContext.getDBManager().execPrepareQuery(("select " + metaColumn2.getBindingDBColumnName()) + " from " + table2.getBindingDBTableName() + " where " + sOIDColumn.getBindingDBColumnName() + "=?", new Object[]{l});
            if (!execPrepareQuery2.first()) {
                throw new CommonException("用户登录信息异常");
            }
            Long l2 = execPrepareQuery2.getLong(metaColumn2.getBindingDBColumnName());
            MetaTable table3 = defaultContext.getVE().getMetaFactory().getDataObject("Role").getTable("SYS_Role");
            MetaColumn oIDColumn2 = table3.getOIDColumn();
            MetaColumn metaColumn3 = table3.get("IsAdmin");
            DataTable execPrepareQuery3 = defaultContext.getDBManager().execPrepareQuery(("select " + metaColumn3.getBindingDBColumnName()) + " from " + table3.getBindingDBTableName() + " where " + oIDColumn2.getBindingDBColumnName() + "=?", new Object[]{l2});
            if (execPrepareQuery3.first()) {
                return Boolean.valueOf(execPrepareQuery3.getInt(metaColumn3.getBindingDBColumnName()).intValue() == 1);
            }
            throw new CommonException("用户登录信息异常");
        });
    }

    public Integer sendTwoFactorCaptcha(UserUseType userUseType, String str) throws Throwable {
        if (StringUtils.isBlank(str)) {
            throw new CommonException("用户信息为空");
        }
        if (this.authProperties.getTwoFactorCaptchaType() <= 0 || this.authProperties.getTwoFactorCaptchaType() > 2 || this.authProperties.isUseTotpAuthenticator()) {
            throw new CommonException("不需要发送双因素验证码");
        }
        if (this.tfaCaptchaSendHandler == null) {
            throw new CommonException("双因素验证码发送处理为空");
        }
        Map<String, String> twoFactorCaptchaSecret = getTwoFactorCaptchaSecret(userUseType, str);
        String generateTotpCode = this.totpGenerate.generateTotpCode(twoFactorCaptchaSecret.get("secret"));
        int twoFactorCaptchaTimeout = this.authProperties.getTwoFactorCaptchaTimeout();
        this.tfaCaptchaSendHandler.sendCaptcha(twoFactorCaptchaSecret.get(this.authProperties.getPhoneField()), twoFactorCaptchaSecret.get(this.authProperties.getEmailField()), generateTotpCode, twoFactorCaptchaTimeout);
        return Integer.valueOf(twoFactorCaptchaTimeout);
    }

    private Map<String, String> getTwoFactorCaptchaSecret(UserUseType userUseType, String str) throws CommonException {
        return (Map) SessionUtils.processWithContext(defaultContext -> {
            String str2;
            if (userUseType == UserUseType.Phone) {
                str2 = this.authProperties.getPhoneField();
            } else if (userUseType == UserUseType.Email) {
                str2 = this.authProperties.getEmailField();
            } else if (userUseType == UserUseType.Employee) {
                str2 = this.authProperties.getEmployeeField();
            } else {
                if (userUseType != UserUseType.Code) {
                    throw new CommonException("用户登录使用类型'" + userUseType.toString() + "'未知");
                }
                str2 = "Code";
            }
            HashMap hashMap = new HashMap();
            MetaTable table = defaultContext.getVE().getMetaFactory().getDataObject("Operator").getTable("SYS_Operator");
            MetaColumn oIDColumn = table.getOIDColumn();
            MetaColumn metaColumn = table.get(str2);
            MetaColumn metaColumn2 = table.get("TFA_SECRET");
            MetaColumn metaColumn3 = null;
            MetaColumn metaColumn4 = null;
            if (StringUtils.isNotBlank(this.authProperties.getPhoneField())) {
                metaColumn3 = (MetaColumn) table.get(this.authProperties.getPhoneField());
            }
            if (StringUtils.isNotBlank(this.authProperties.getEmailField())) {
                metaColumn4 = (MetaColumn) table.get(this.authProperties.getEmailField());
            }
            String str3 = "select " + oIDColumn.getBindingDBColumnName() + "," + metaColumn2.getBindingDBColumnName();
            if (metaColumn3 != null) {
                str3 = str3 + "," + metaColumn3.getBindingDBColumnName();
            }
            if (metaColumn4 != null) {
                str3 = str3 + "," + metaColumn4.getBindingDBColumnName();
            }
            String str4 = (str3 + " from " + table.getBindingDBTableName() + " where ") + (userUseType == UserUseType.Code ? "UPPER(" + metaColumn.getBindingDBColumnName() + ")" : metaColumn.getBindingDBColumnName()) + "=?";
            IDBManager dBManager = defaultContext.getDBManager();
            Object[] objArr = new Object[1];
            objArr[0] = userUseType == UserUseType.Code ? str.toUpperCase() : str;
            DataTable execPrepareQuery = dBManager.execPrepareQuery(str4, objArr);
            if (!execPrepareQuery.first()) {
                throw new CommonException("用户登录信息异常");
            }
            if (StringUtils.isNotBlank(this.authProperties.getPhoneField())) {
                hashMap.put(this.authProperties.getPhoneField(), execPrepareQuery.getString(metaColumn3.getBindingDBColumnName()));
            }
            if (StringUtils.isNotBlank(this.authProperties.getEmailField())) {
                hashMap.put(this.authProperties.getEmailField(), execPrepareQuery.getString(metaColumn4.getBindingDBColumnName()));
            }
            String string = execPrepareQuery.getString(metaColumn2.getBindingDBColumnName());
            if (StringUtils.isBlank(string)) {
                Long l = execPrepareQuery.getLong(oIDColumn.getBindingDBColumnName());
                string = this.totpGenerate.generateKey();
                defaultContext.getDBManager().execPrepareUpdate("update " + table.getBindingDBTableName() + " set " + metaColumn2.getBindingDBColumnName() + "=? where " + oIDColumn.getBindingDBColumnName() + "=?", new Object[]{string, l});
            }
            hashMap.put("secret", string);
            return hashMap;
        });
    }

    public String getTwoFactorTotp(String str) throws Throwable {
        return (String) SessionUtils.processWithContext(str, defaultContext -> {
            long userID = defaultContext.getUserID();
            if (userID == -1) {
                throw new CommonException("会话标识'" + str + "'无效");
            }
            MetaTable table = defaultContext.getVE().getMetaFactory().getDataObject("Operator").getTable("SYS_Operator");
            MetaColumn oIDColumn = table.getOIDColumn();
            MetaColumn metaColumn = table.get("TFA_SECRET");
            MetaColumn metaColumn2 = table.get("Code");
            DataTable execPrepareQuery = defaultContext.getDBManager().execPrepareQuery((("select " + metaColumn2.getBindingDBColumnName() + "," + metaColumn.getBindingDBColumnName()) + " from " + table.getBindingDBTableName() + " where ") + oIDColumn.getBindingDBColumnName() + "=?", new Object[]{Long.valueOf(userID)});
            if (!execPrepareQuery.first()) {
                throw new CommonException("用户信息异常");
            }
            String string = execPrepareQuery.getString(metaColumn.getBindingDBColumnName());
            String string2 = execPrepareQuery.getString(metaColumn2.getBindingDBColumnName());
            if (StringUtils.isBlank(string)) {
                Long l = execPrepareQuery.getLong(oIDColumn.getBindingDBColumnName());
                string = this.totpGenerate.generateKey();
                defaultContext.getDBManager().execPrepareUpdate("update " + table.getBindingDBTableName() + " set " + metaColumn.getBindingDBColumnName() + "=? where " + oIDColumn.getBindingDBColumnName() + "=?", new Object[]{string, l});
            }
            return "otpauth://totp/" + string2 + "?secret=" + string;
        });
    }

    public Boolean verifyPWD(String str, String str2) throws Throwable {
        return (Boolean) SessionUtils.processWithContext(str, defaultContext -> {
            long userID = defaultContext.getUserID();
            if (userID == -1) {
                throw new CommonException("会话标识'" + str + "'无效");
            }
            MetaTable table = defaultContext.getVE().getMetaFactory().getDataObject("Operator").getTable("SYS_Operator");
            MetaColumn oIDColumn = table.getOIDColumn();
            MetaColumn metaColumn = table.get("Password");
            DataTable execPrepareQuery = defaultContext.getDBManager().execPrepareQuery((("select " + metaColumn.getBindingDBColumnName()) + " from " + table.getBindingDBTableName() + " where ") + oIDColumn.getBindingDBColumnName() + "=?", new Object[]{Long.valueOf(userID)});
            if (!execPrepareQuery.first()) {
                throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
            }
            RSA rsa = new RSA();
            String str3 = SysPara.getInstance().get("PrivateKey");
            String string = execPrepareQuery.getString(metaColumn.getBindingDBColumnName());
            return Boolean.valueOf(isHashEncrypt(defaultContext) ? hashCheck(str2, string) : rsaCheck(rsa, str2, string, str3));
        });
    }

    public void forceChangePWD(String str, String str2, String str3, UserUseType userUseType, String str4, String str5, String str6) throws Throwable {
        SessionUtils.processWithContext(defaultContext -> {
            String str7;
            MetaLoginSetting login;
            Env env = defaultContext.getEnv();
            setEnv(env, str2, str3);
            env.setClientIP(str);
            IChangePWDProcess iChangePWDProcess = null;
            try {
                IMetaFactory metaFactory = defaultContext.getVE().getMetaFactory();
                MetaSetting setting = metaFactory.getSetting();
                if (setting != null && (login = setting.getLogin()) != null) {
                    String changePwdProcess = login.getChangePwdProcess();
                    if (StringUtils.isNotBlank(changePwdProcess)) {
                        iChangePWDProcess = (IChangePWDProcess) ReflectHelper.newInstance(defaultContext.getVE(), changePwdProcess);
                    }
                }
                if (userUseType == UserUseType.Phone) {
                    str7 = this.authProperties.getPhoneField();
                } else if (userUseType == UserUseType.Email) {
                    str7 = this.authProperties.getEmailField();
                } else if (userUseType == UserUseType.Employee) {
                    str7 = this.authProperties.getEmployeeField();
                } else {
                    if (userUseType != UserUseType.Code) {
                        throw new CommonException("用户登录使用类型'" + userUseType.toString() + "'未知");
                    }
                    str7 = "Code";
                }
                MetaTable table = metaFactory.getDataObject("Operator").getTable("SYS_Operator");
                MetaColumn metaColumn = table.get(str7);
                MetaColumn oIDColumn = table.getOIDColumn();
                MetaColumn metaColumn2 = table.get("Password");
                MetaColumn metaColumn3 = table.get("UpdateTime");
                String str8 = (("select " + oIDColumn.getBindingDBColumnName() + "," + metaColumn2.getBindingDBColumnName()) + " from " + table.getBindingDBTableName() + " where ") + (userUseType == UserUseType.Code ? "UPPER(" + metaColumn.getBindingDBColumnName() + ")" : metaColumn.getBindingDBColumnName()) + "=?";
                IDBManager dBManager = defaultContext.getDBManager();
                Object[] objArr = new Object[1];
                objArr[0] = userUseType == UserUseType.Code ? str4.toUpperCase() : str4;
                DataTable execPrepareQuery = dBManager.execPrepareQuery(str8, objArr);
                if (!execPrepareQuery.first()) {
                    throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
                }
                RSA rsa = new RSA();
                String str9 = SysPara.getInstance().get("PrivateKey");
                String str10 = SysPara.getInstance().get("PublicKey");
                String string = execPrepareQuery.getString(metaColumn2.getBindingDBColumnName());
                if (!(isHashEncrypt(defaultContext) ? hashCheck(str5, string) : rsaCheck(rsa, str5, string, str9))) {
                    throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
                }
                defaultContext.getDBManager().execPrepareUpdate(String.format("update %s set %s=?,%s=? where %s=?", table.getBindingDBTableName(), metaColumn2.getBindingDBColumnName(), metaColumn3.getBindingDBColumnName(), oIDColumn.getBindingDBColumnName()), new Object[]{isHashEncrypt(defaultContext) ? getNewPasswordHash(str6) : getNewPasswordRSA(defaultContext, rsa, str6, str10), new Date(), execPrepareQuery.getLong(oIDColumn.getBindingDBColumnName())});
                if (iChangePWDProcess == null) {
                    return null;
                }
                iChangePWDProcess.success(defaultContext);
                return null;
            } catch (Throwable th) {
                if (0 != 0) {
                    iChangePWDProcess.failed(defaultContext, th);
                }
                throw th;
            }
        });
    }

    public void changePWD(String str, String str2, String str3, String str4, String str5, String str6) throws Throwable {
        SessionUtils.processWithContext(str4, defaultContext -> {
            MetaLoginSetting login;
            Env env = defaultContext.getEnv();
            setEnv(env, str2, str3);
            env.setClientID(str4);
            env.setClientIP(str);
            IChangePWDProcess iChangePWDProcess = null;
            try {
                long userID = defaultContext.getUserID();
                if (userID == -1) {
                    throw new CommonException("会话标识'" + str4 + "'无效");
                }
                IMetaFactory metaFactory = defaultContext.getVE().getMetaFactory();
                MetaSetting setting = metaFactory.getSetting();
                if (setting != null && (login = setting.getLogin()) != null) {
                    String changePwdProcess = login.getChangePwdProcess();
                    if (StringUtils.isNotBlank(changePwdProcess)) {
                        iChangePWDProcess = (IChangePWDProcess) ReflectHelper.newInstance(defaultContext.getVE(), changePwdProcess);
                    }
                }
                MetaTable table = metaFactory.getDataObject("Operator").getTable("SYS_Operator");
                MetaColumn oIDColumn = table.getOIDColumn();
                MetaColumn metaColumn = table.get("Password");
                MetaColumn metaColumn2 = table.get("UpdateTime");
                DataTable execPrepareQuery = defaultContext.getDBManager().execPrepareQuery((("select " + metaColumn.getBindingDBColumnName()) + " from " + table.getBindingDBTableName() + " where ") + oIDColumn.getBindingDBColumnName() + "=?", new Object[]{Long.valueOf(userID)});
                if (!execPrepareQuery.first()) {
                    throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
                }
                RSA rsa = new RSA();
                String str7 = SysPara.getInstance().get("PrivateKey");
                String str8 = SysPara.getInstance().get("PublicKey");
                String string = execPrepareQuery.getString(metaColumn.getBindingDBColumnName());
                if (!(isHashEncrypt(defaultContext) ? hashCheck(str5, string) : rsaCheck(rsa, str5, string, str7))) {
                    throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
                }
                defaultContext.getDBManager().execPrepareUpdate(String.format("update %s set %s=?,%s=? where %s=?", table.getBindingDBTableName(), metaColumn.getBindingDBColumnName(), metaColumn2.getBindingDBColumnName(), oIDColumn.getBindingDBColumnName()), new Object[]{isHashEncrypt(defaultContext) ? getNewPasswordHash(str6) : getNewPasswordRSA(defaultContext, rsa, str6, str8), new Date(), Long.valueOf(userID)});
                if (iChangePWDProcess == null) {
                    return null;
                }
                iChangePWDProcess.success(defaultContext);
                return null;
            } catch (Throwable th) {
                if (0 != 0) {
                    iChangePWDProcess.failed(defaultContext, th);
                }
                throw th;
            }
        });
    }

    private boolean isHashEncrypt(DefaultContext defaultContext) {
        MetaSetting setting = defaultContext.getVE().getMetaFactory().getSetting();
        return (setting == null || setting.getLogin() == null || setting.getLogin().getEncryptType() != 2) ? false : true;
    }

    private boolean rsaCheck(RSA rsa, String str, String str2, String str3) throws Exception {
        return str.equals(new String(rsa.decryptByPrivate(Base64.decodeBase64(str2.getBytes()), str3)));
    }

    private boolean hashCheck(String str, String str2) throws Exception {
        return SaltHash.validatePassword(str, str2);
    }

    private String getNewPasswordRSA(DefaultContext defaultContext, RSA rsa, String str, String str2) throws Throwable {
        MidPasswordRuleChecker.getInstance().check(str, defaultContext.getEnv().getLocale(), defaultContext);
        return new String(Base64.encodeBase64(rsa.encryptByPublic(str.getBytes(), str2)));
    }

    private String getNewPasswordHash(String str) throws Throwable {
        return SaltHash.createHash(str);
    }

    private void setEnv(Env env, String str, String str2) {
        if (StringUtils.isNotBlank(str)) {
            env.setLocale(str);
        }
        if (StringUtils.isNotBlank(str2)) {
            env.setLanguage(str2);
        }
    }
}
