package com.bokesoft.yigo.mid.auth;

import com.bokesoft.yes.common.encrypt.SaltHash;
import com.bokesoft.yes.mid.auth.LoginImpl;
import com.bokesoft.yes.mid.auth.LoginUtil;
import com.bokesoft.yes.mid.auth.cache.SessionInfo;
import com.bokesoft.yes.mid.base.MidVE;
import com.bokesoft.yes.mid.base.ServerSetting;
import com.bokesoft.yes.mid.base.SvrInfo;
import com.bokesoft.yes.mid.certificate.utils.MidPasswordRuleChecker;
import com.bokesoft.yes.mid.connection.DBUtil;
import com.bokesoft.yes.mid.connection.dbmanager.PSArgs;
import com.bokesoft.yes.mid.session.AccountLockoutInfoProvider;
import com.bokesoft.yes.mid.session.IAccountLockoutInfo;
import com.bokesoft.yes.mid.session.IAccountLockoutInfoMap;
import com.bokesoft.yes.mid.session.ISessionLog;
import com.bokesoft.yes.mid.session.SysSessionLog;
import com.bokesoft.yes.mid.session.UserRoleUtil;
import com.bokesoft.yes.mid.util.AuthUtil;
import com.bokesoft.yes.tools.json.JSONUtil;
import com.bokesoft.yes.tools.util.ReflectHelper;
import com.bokesoft.yigo.common.exception.CoreException;
import com.bokesoft.yigo.meta.dataobject.MetaTable;
import com.bokesoft.yigo.meta.factory.IMetaFactory;
import com.bokesoft.yigo.meta.setting.MetaLoginSetting;
import com.bokesoft.yigo.meta.setting.MetaSetting;
import com.bokesoft.yigo.mid.base.DefaultContext;
import com.bokesoft.yigo.mid.base.IServiceContext;
import com.bokesoft.yigo.mid.base.LoginInfo;
import com.bokesoft.yigo.mid.base.SessionException;
import com.bokesoft.yigo.mid.connection.IDBManager;
import com.bokesoft.yigo.mid.para.SysPara;
import com.bokesoft.yigo.mid.rsa.RSAMidUtil;
import com.bokesoft.yigo.mid.session.ISessionInfo;
import com.bokesoft.yigo.mid.session.ISessionInfoProvider;
import com.bokesoft.yigo.mid.session.SessionInfoProviderHolder;
import com.bokesoft.yigo.struct.env.Env;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.ServiceLoader;
import org.json.JSONArray;
import org.json.JSONObject;

/* loaded from: input_file:com/bokesoft/yigo/mid/auth/Login.class */
public class Login {
    private LoginInfo loginInfo;
    private LoginImpl impl;
    private static ServiceLoader<IAuthLogProcess> authLogProcesses = ServiceLoader.load(IAuthLogProcess.class);
    private String SQL_QUERY_USER = null;
    protected Long operatorID = null;
    protected String name = "";
    protected String passwordFromDB = "";
    protected ISessionLog sessionLog = new SysSessionLog();
    protected IAccountLockoutInfoMap accountLockoutInfoMap = null;
    protected ILoginProcess<IServiceContext> loginProcess = null;

    public Login(LoginInfo loginInfo) {
        this.loginInfo = null;
        this.impl = null;
        this.loginInfo = loginInfo;
        this.impl = new LoginImpl(loginInfo);
    }

    protected void checkValidateCode(DefaultContext defaultContext) {
        if (ServerSetting.getInstance().containsValidateLevel(1)) {
            ISessionInfo iSessionInfo = SessionInfoProviderHolder.getProvider(0).getSessionInfoMap().get(this.loginInfo.getTempClientID());
            if (iSessionInfo == null || !iSessionInfo.getValidateCode().equalsIgnoreCase(this.loginInfo.getValidateCode())) {
                throw new SessionException(8, SessionException.formatMessage(defaultContext.getEnv(), 8, new Object[0]));
            }
        }
    }

    private JSONObject doLoginImpl(DefaultContext defaultContext) throws Throwable {
        if (this.loginInfo.getUser().equalsIgnoreCase("Guest")) {
            throw new SessionException(16, SessionException.formatMessage(defaultContext.getEnv(), 16, new Object[0]));
        }
        int mode = this.loginInfo.getMode();
        ISessionInfoProvider provider = SessionInfoProviderHolder.getProvider(mode);
        if (provider == null) {
            throw new SessionException(5, SessionException.formatMessage(defaultContext.getEnv(), 5, new Object[0]));
        }
        checkValidateCode(defaultContext);
        MidVE ve = defaultContext.getVE();
        initSQLQuery(defaultContext);
        queryUserData(defaultContext);
        Env env = defaultContext.getVE().getEnv();
        String clientID = env.getClientID();
        this.accountLockoutInfoMap = AccountLockoutInfoProvider.getInstance().getAccountLockoutInfoMap();
        SessionInfo sessionInfo = new SessionInfo();
        sessionInfo.setClientID(clientID);
        sessionInfo.setOperatorID(this.operatorID.longValue());
        sessionInfo.setUserCode(this.loginInfo.getUser());
        sessionInfo.setIP(env.getClientIP());
        sessionInfo.setLoginTime(new Date());
        sessionInfo.setLastActiveTime(new Date());
        sessionInfo.setMode(mode);
        sessionInfo.setSessionParas(this.loginInfo.getParas());
        sessionInfo.setUserName(this.name);
        queryRoleData(defaultContext, sessionInfo, this.operatorID);
        try {
            this.accountLockoutInfoMap.autoUnlock(defaultContext, sessionInfo);
            this.accountLockoutInfoMap.check(defaultContext, sessionInfo);
            passwordCheck(defaultContext);
            env.setUserID(this.operatorID);
            env.setUserName(this.name);
            env.setAuthenticated(true);
            Object obj = sessionInfo.getSessionParas().get("kick");
            if (obj != null) {
                SvrInfo.setKick(((Boolean) obj).booleanValue());
            }
            if (SvrInfo.kick()) {
                List<String> operatorClientIds = AuthUtil.getOperatorClientIds(String.valueOf(this.operatorID));
                if (operatorClientIds.size() > 0) {
                    for (String str : operatorClientIds) {
                        ISessionInfo iSessionInfo = provider.getSessionInfoMap().get(str);
                        if (iSessionInfo != null) {
                            this.sessionLog.logKickout(ve, this.operatorID.longValue());
                            provider.getSessionInfoMap().remove(str);
                            AuthUtil.putKickInfo(this.operatorID + "@" + str, str);
                            if (this.loginProcess != null) {
                                this.loginProcess.kickout(defaultContext);
                            }
                            Iterator<IAuthLogProcess> it = authLogProcesses.iterator();
                            while (it.hasNext()) {
                                it.next().postKickout(defaultContext, this.loginInfo, iSessionInfo);
                            }
                        }
                    }
                }
            }
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("clientID", clientID);
            jSONObject.put("UserID", this.operatorID);
            jSONObject.put("Time", sessionInfo.getLoginTime().getTime());
            jSONObject.put("Name", this.name);
            this.impl.doLoginImpl(defaultContext, sessionInfo);
            this.sessionLog.logLogin(defaultContext, sessionInfo);
            int log = this.accountLockoutInfoMap.log(defaultContext, this.operatorID.longValue(), sessionInfo.getMode(), 0);
            LoginUtil.removeTempSessionInfo(this.loginInfo.getTempClientID());
            Map sessionParas = env.getSessionParas();
            Long valueOf = Long.valueOf(env.getClusterid());
            jSONObject.put("SessionParas", sessionParas == null ? "" : JSONUtil.toJSON(sessionParas));
            jSONObject.put("clusterID", valueOf);
            jSONObject.put("LoginCount", log);
            return jSONObject;
        } catch (CoreException e) {
            this.sessionLog.logErr(defaultContext, -2, e.getMessage());
            throw e;
        }
    }

    private JSONObject doLoginCheckImpl(DefaultContext defaultContext) throws Throwable {
        if (this.loginInfo.getUser().equalsIgnoreCase("Guest")) {
            throw new SessionException(16, SessionException.formatMessage(defaultContext.getEnv(), 16, new Object[0]));
        }
        int mode = this.loginInfo.getMode();
        ISessionInfoProvider provider = SessionInfoProviderHolder.getProvider(mode);
        if (provider == null) {
            throw new SessionException(5, SessionException.formatMessage(defaultContext.getEnv(), 5, new Object[0]));
        }
        checkValidateCode(defaultContext);
        initSQLQuery(defaultContext);
        queryUserData(defaultContext);
        Env env = defaultContext.getVE().getEnv();
        String clientID = env.getClientID();
        this.accountLockoutInfoMap = AccountLockoutInfoProvider.getInstance().getAccountLockoutInfoMap();
        SessionInfo sessionInfo = new SessionInfo();
        sessionInfo.setClientID(clientID);
        sessionInfo.setOperatorID(this.operatorID.longValue());
        sessionInfo.setIP(env.getClientIP());
        sessionInfo.setLoginTime(new Date());
        sessionInfo.setLastActiveTime(new Date());
        sessionInfo.setMode(mode);
        sessionInfo.setSessionParas(this.loginInfo.getParas());
        queryRoleData(defaultContext, sessionInfo, this.operatorID);
        try {
            this.accountLockoutInfoMap.autoUnlock(defaultContext, sessionInfo);
            this.accountLockoutInfoMap.check(defaultContext, sessionInfo);
            passwordCheck(defaultContext);
            env.setUserName(this.name);
            env.setAuthenticated(true);
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("kick", false);
            List operatorClientIds = AuthUtil.getOperatorClientIds(String.valueOf(this.operatorID));
            if (operatorClientIds.size() > 0) {
                JSONArray jSONArray = new JSONArray();
                Iterator it = operatorClientIds.iterator();
                while (it.hasNext()) {
                    ISessionInfo iSessionInfo = provider.getSessionInfoMap().get((String) it.next());
                    if (iSessionInfo != null) {
                        jSONArray.put(new JSONObject(iSessionInfo));
                    }
                }
                if (jSONArray.length() > 0) {
                    jSONObject.put("SessionInfo", jSONArray);
                }
                jSONObject.put("kick", true);
            }
            return jSONObject;
        } catch (CoreException e) {
            this.sessionLog.logErr(defaultContext, -2, e.getMessage());
            throw e;
        }
    }

    public final JSONObject doLogin(DefaultContext defaultContext) throws Throwable {
        MetaLoginSetting login;
        String loginProcess;
        MidVE ve = defaultContext.getVE();
        ve.setAuthenticate(true);
        MetaSetting setting = defaultContext.getVE().getMetaFactory().getSetting();
        if (setting != null && (login = setting.getLogin()) != null && (loginProcess = login.getLoginProcess()) != null && !loginProcess.isEmpty()) {
            this.loginProcess = (ILoginProcess) ReflectHelper.newInstance(ve, loginProcess);
        }
        if (this.loginProcess != null) {
            this.loginProcess.before(defaultContext, this.loginInfo);
        }
        try {
            JSONObject doLoginImpl = doLoginImpl(defaultContext);
            AuthUtil.putOperator4ClientIdCache(String.valueOf(this.operatorID), ve.getEnv().getClientID());
            if (this.loginProcess != null) {
                this.loginProcess.success(defaultContext, this.loginInfo);
            }
            return doLoginImpl;
        } catch (Exception e) {
            if (this.loginProcess != null) {
                this.loginProcess.failed(defaultContext, this.loginInfo, e);
            }
            throw e;
        }
    }

    public final JSONObject doLoginCheck(DefaultContext defaultContext) throws Throwable {
        MetaLoginSetting login;
        String loginProcess;
        MidVE ve = defaultContext.getVE();
        ve.setAuthenticate(true);
        MetaSetting setting = defaultContext.getVE().getMetaFactory().getSetting();
        if (setting != null && (login = setting.getLogin()) != null && (loginProcess = login.getLoginProcess()) != null && !loginProcess.isEmpty()) {
            this.loginProcess = (ILoginProcess) ReflectHelper.newInstance(ve, loginProcess);
        }
        if (this.loginProcess != null) {
            this.loginProcess.before(defaultContext, this.loginInfo);
        }
        try {
            return doLoginCheckImpl(defaultContext);
        } catch (Exception e) {
            if (this.loginProcess != null) {
                this.loginProcess.failed(defaultContext, this.loginInfo, e);
            }
            throw e;
        }
    }

    private void initSQLQuery(DefaultContext defaultContext) throws Throwable {
        IMetaFactory metaFactory = defaultContext.getVE().getMetaFactory();
        IDBManager dBManager = defaultContext.getDBManager();
        MetaTable metaTable = metaFactory.getDataObject("Operator").getTableCollection().get("SYS_Operator");
        String bindingDBColumnName = metaTable.get("Code").getBindingDBColumnName();
        String bindingDBColumnName2 = metaTable.get("Enable").getBindingDBColumnName();
        ArrayList arrayList = new ArrayList();
        arrayList.add(metaTable.getOIDColumn().getBindingDBColumnName());
        arrayList.add(metaTable.get("Password").getBindingDBColumnName());
        arrayList.add(metaTable.get("Name").getBindingDBColumnName());
        this.SQL_QUERY_USER = DBUtil.getQuerySQL(dBManager, arrayList, metaTable, bindingDBColumnName2) + " and " + dBManager.keyWordEscape(bindingDBColumnName) + "=?";
    }

    protected void queryUserData(DefaultContext defaultContext) throws Throwable {
        IDBManager dBManager = defaultContext.getDBManager();
        PreparedStatement preparedStatement = null;
        ResultSet resultSet = null;
        try {
            PreparedStatement preparedQueryStatement = dBManager.preparedQueryStatement(this.SQL_QUERY_USER);
            PSArgs pSArgs = new PSArgs();
            pSArgs.addIntArg(1);
            pSArgs.addStringArg(this.loginInfo.getUser().toUpperCase());
            ResultSet executeQuery = dBManager.executeQuery(preparedQueryStatement, this.SQL_QUERY_USER, pSArgs);
            if (!executeQuery.next()) {
                LoginUtil.recordLoginFailed(this.loginInfo.getTempClientID());
                this.sessionLog.logErr(defaultContext, 1, "");
                throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
            }
            this.operatorID = Long.valueOf(executeQuery.getLong(1));
            this.passwordFromDB = executeQuery.getString(2);
            this.name = executeQuery.getString(3) == null ? "" : executeQuery.getString(3);
            if (executeQuery != null) {
                executeQuery.close();
            }
            if (preparedQueryStatement != null) {
                preparedQueryStatement.close();
            }
        } catch (Throwable th) {
            if (0 != 0) {
                resultSet.close();
            }
            if (0 != 0) {
                preparedStatement.close();
            }
            throw th;
        }
    }

    protected void queryRoleData(DefaultContext defaultContext, SessionInfo sessionInfo, Long l) throws Throwable {
        new UserRoleUtil().queryRoleData(defaultContext, sessionInfo, l);
    }

    protected void passwordCheck(DefaultContext defaultContext) throws Throwable {
        MetaSetting setting = defaultContext.getVE().getMetaFactory().getSetting();
        if ((setting == null || setting.getLogin() == null || setting.getLogin().getEncryptType().intValue() != 2) ? RSACheck(defaultContext) : hashCheck()) {
            return;
        }
        LoginUtil.recordLoginFailed(this.loginInfo.getTempClientID());
        this.accountLockoutInfoMap.log(defaultContext, this.operatorID.longValue(), this.loginInfo.getMode(), 1);
        this.sessionLog.logErr(defaultContext, 1, "");
        IAccountLockoutInfo iAccountLockoutInfo = this.accountLockoutInfoMap.get(this.operatorID + "_" + defaultContext.getVE().getEnv().getMode());
        int accountLockoutThreshold = this.accountLockoutInfoMap.getAccountLockoutThreshold();
        int login_failed_count = accountLockoutThreshold - iAccountLockoutInfo.getLogin_failed_count();
        if (login_failed_count <= 0) {
            throw new SessionException(4, SessionException.formatMessage(defaultContext.getEnv(), 4, new Object[0]));
        }
        if (login_failed_count != 1) {
            throw new SessionException(1, SessionException.formatMessage(defaultContext.getEnv(), 1, new Object[0]));
        }
        throw new SessionException(14, SessionException.formatMessage(defaultContext.getEnv(), 14, new Object[]{Integer.valueOf(accountLockoutThreshold)}));
    }

    private boolean RSACheck(DefaultContext defaultContext) throws Throwable {
        String decryptByPrivate = RSAMidUtil.decryptByPrivate(SysPara.getInstance().get("PrivateKey"), this.passwordFromDB);
        String password = this.loginInfo.getPassword();
        MidPasswordRuleChecker.getInstance().checkLoginRule(password, defaultContext.getVE().getEnv().getLocale(), defaultContext);
        return password.equals(decryptByPrivate);
    }

    private boolean hashCheck() throws Throwable {
        return SaltHash.validatePassword(this.loginInfo.getPassword(), this.passwordFromDB);
    }
}
