package org.springblade.modules.auth.endpoint;

import com.github.xiaoymin.knife4j.annotations.ApiSort;
import com.wf.captcha.SpecCaptcha;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import java.util.UUID;
import org.springblade.common.cache.CacheNames;
import org.springblade.common.cache.RegionCache;
import org.springblade.common.config.adapter.BladeRedisAdapter;
import org.springblade.core.cache.utils.CacheUtil;
import org.springblade.core.jwt.JwtUtil;
import org.springblade.core.jwt.props.JwtProperties;
import org.springblade.core.log.annotation.ApiLog;
import org.springblade.core.secure.BladeUser;
import org.springblade.core.secure.utils.AuthUtil;
import org.springblade.core.tool.support.Kv;
import org.springblade.core.tool.utils.Func;
import org.springblade.core.tool.utils.WebUtil;
import org.springblade.modules.auth.granter.PasswordTokenGranter;
import org.springblade.modules.auth.granter.RefreshTokenGranter;
import org.springblade.modules.auth.provider.TokenGranterBuilder;
import org.springblade.modules.auth.provider.TokenParameter;
import org.springblade.modules.auth.utils.TokenUtil;
import org.springblade.modules.system.entity.UserInfo;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"blade-auth"})
@Api(value = "用户授权认证", tags = {"授权接口"})
@RestController
@ApiSort(RegionCache.PROVINCE_LEVEL)
/* loaded from: input_file:org/springblade/modules/auth/endpoint/BladeTokenEndPoint.class */
public class BladeTokenEndPoint {
    private final BladeRedisAdapter bladeRedis;
    private final JwtProperties jwtProperties;

    @PostMapping({"/oauth/token"})
    @ApiLog("登录用户验证")
    @ApiOperation(value = "获取认证令牌", notes = "传入租户ID:tenantId,账号:account,密码:password")
    public Kv token(@RequestParam @ApiParam(value = "租户ID", required = true) String str, @RequestParam(required = false) @ApiParam(value = "账号", required = true) String str2, @RequestParam(required = false) @ApiParam(value = "密码", required = true) String str3) {
        Kv create = Kv.create();
        String parameter = WebUtil.getRequest().getParameter("grant_type");
        String parameter2 = WebUtil.getRequest().getParameter(RefreshTokenGranter.GRANT_TYPE);
        String str4 = Func.toStr(WebUtil.getRequest().getHeader(TokenUtil.USER_TYPE_HEADER_KEY), TokenUtil.DEFAULT_USER_TYPE);
        TokenParameter tokenParameter = new TokenParameter();
        tokenParameter.getArgs().set("tenantId", str).set("username", str2).set(PasswordTokenGranter.GRANT_TYPE, str3).set("grantType", parameter).set("refreshToken", parameter2).set("userType", str4);
        UserInfo grant = TokenGranterBuilder.getGranter(parameter).grant(tokenParameter);
        return (grant == null || grant.getUser() == null) ? create.set("error_code", 400).set("error_description", "用户名或密码不正确") : Func.isEmpty(grant.getRoles()) ? create.set("error_code", 400).set("error_description", TokenUtil.USER_HAS_NO_ROLE) : TokenUtil.createAuthInfo(grant);
    }

    @GetMapping({"/oauth/logout"})
    @ApiOperation("退出登录")
    public Kv logout() {
        BladeUser user = AuthUtil.getUser();
        if (user != null && this.jwtProperties.getState().booleanValue()) {
            JwtUtil.removeAccessToken(user.getTenantId(), String.valueOf(user.getUserId()), JwtUtil.getToken(WebUtil.getRequest().getHeader("Blade-Auth")));
        }
        return Kv.create().set("success", "true").set("msg", "success");
    }

    @GetMapping({"/oauth/captcha"})
    @ApiOperation("获取验证码")
    public Kv captcha() {
        SpecCaptcha specCaptcha = new SpecCaptcha(130, 48, 5);
        String lowerCase = specCaptcha.text().toLowerCase();
        String uuid = UUID.randomUUID().toString();
        this.bladeRedis.put(CacheNames.AUTH_CACHE, CacheNames.CAPTCHA_KEY_SIMPLE, uuid, lowerCase);
        return Kv.create().set("key", uuid).set("image", specCaptcha.toBase64());
    }

    @GetMapping({"/oauth/clear-cache"})
    @ApiOperation("清除缓存")
    public Kv clearCache() {
        CacheUtil.clear("blade:biz");
        CacheUtil.clear("blade:user");
        CacheUtil.clear("blade:dict");
        CacheUtil.clear("blade:flow");
        CacheUtil.clear("blade:sys");
        CacheUtil.clear("blade:param");
        CacheUtil.clear("blade:resource");
        CacheUtil.clear("blade:menu");
        CacheUtil.clear("blade:menu", Boolean.FALSE);
        return Kv.create().set("success", "true").set("msg", "success");
    }

    public BladeTokenEndPoint(BladeRedisAdapter bladeRedisAdapter, JwtProperties jwtProperties) {
        this.bladeRedis = bladeRedisAdapter;
        this.jwtProperties = jwtProperties;
    }
}
