package cn.com.duiba.creditsclub.consumer.controller;

import cn.com.duiba.credits.sdk.SignTool;
import cn.com.duiba.creditsclub.comm.excption.BizException;
import cn.com.duiba.creditsclub.comm.excption.HomeRuntimeException;
import cn.com.duiba.creditsclub.comm.util.CookieUtil;
import cn.com.duiba.creditsclub.comm.util.DcustomParseUtil;
import cn.com.duiba.creditsclub.comm.util.EmojiUtil;
import cn.com.duiba.creditsclub.comm.util.RequestCookieLocal;
import cn.com.duiba.creditsclub.comm.util.RequestTool;
import cn.com.duiba.creditsclub.comm.util.UrlTool;
import cn.com.duiba.creditsclub.consumer.constants.ConsumerConstants;
import cn.com.duiba.creditsclub.consumer.entity.ConsumerEntity;
import cn.com.duiba.creditsclub.consumer.param.LoginParam;
import cn.com.duiba.creditsclub.consumer.service.ConsumerService;
import cn.com.duiba.creditsclub.core.annotation.UnloginAccess;
import cn.com.duiba.creditsclub.credits.entity.AppBaseConfigEntity;
import cn.com.duiba.creditsclub.credits.service.BaseConfigService;
import cn.com.duiba.creditsclub.risk.dto.CheckBlockListDto;
import cn.com.duiba.creditsclub.risk.service.RiskRuleEngineService;
import cn.com.duiba.wolf.utils.NumberUtils;
import cn.com.duiba.wolf.utils.UUIDUtils;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

@RequestMapping({"/mobile"})
@Controller
/* loaded from: input_file:cn/com/duiba/creditsclub/consumer/controller/LoginController.class */
public class LoginController {
    private static final Logger LOGGER = LoggerFactory.getLogger(LoginController.class);

    @Autowired
    private BaseConfigService baseConfigService;

    @Autowired
    private ConsumerService consumerService;

    @Autowired
    private RiskRuleEngineService riskRuleEngineService;
    private static final String LOGIN_ERROR = "loginError";
    private static final String LOGIN_URL = "loginUrl";
    private static final String MESSAGE = "message";

    @RequestMapping({"/autologin"})
    @UnloginAccess
    public String login(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Model model) {
        try {
            LoginParam loginParam = getLoginParam(httpServletRequest);
            RequestCookieLocal.setThreadLocallyAndLimitQps(httpServletRequest, httpServletResponse);
            RequestTool.setRequestInThreadLocal(httpServletRequest, httpServletResponse);
            try {
                paramValidate(loginParam);
                timestampValidate(loginParam);
                AppBaseConfigEntity baseConfig = this.baseConfigService.getBaseConfig();
                if (!StringUtils.equals(baseConfig.getAppKey(), loginParam.getAppKey())) {
                    throw new BizException("非法的应用");
                }
                if (!SignTool.signVerify(baseConfig.getAppSecret(), RequestTool.getRequestParamMap(httpServletRequest))) {
                    throw new BizException("签名验证失败");
                }
                CheckBlockListDto checkBlockListDto = new CheckBlockListDto();
                checkBlockListDto.setPartnerUserId(loginParam.getUid());
                checkBlockListDto.setIp(RequestCookieLocal.getIp());
                if (this.riskRuleEngineService.checkBlockList(checkBlockListDto)) {
                    throw new BizException("非法用户");
                }
                ConsumerEntity userInfo = getUserInfo(loginParam);
                saveUserData(userInfo, loginParam, httpServletRequest.getParameter("dcustom"), httpServletRequest.getServerName());
                setLoginCookie(httpServletRequest, userInfo);
                return "redirect:" + processRedirect(httpServletRequest);
            } catch (BizException e) {
                LOGGER.info("登录失败，message={}\nquery=[{}]\nparam=[{}]", new Object[]{e.getMessage(), httpServletRequest.getQueryString(), JSON.toJSONString(loginParam)});
                httpServletRequest.setAttribute("errorMessage", e.getMessage());
                return LOGIN_ERROR;
            } catch (Exception e2) {
                LOGGER.warn("登录失败，message={}\nquery=[{}]\nparam=[{}]", new Object[]{e2.getMessage(), httpServletRequest.getQueryString(), JSON.toJSONString(loginParam), e2});
                httpServletRequest.setAttribute("errorMessage", e2.getMessage());
                return LOGIN_ERROR;
            }
        } catch (Exception e3) {
            String fullRequestUrl = cn.com.duiba.wolf.perf.timeprofile.RequestTool.getFullRequestUrl(httpServletRequest);
            LOGGER.error("免登参数提取失败, cid={}, loginUrl={}", new Object[]{RequestCookieLocal.getCid(), fullRequestUrl, e3});
            model.addAttribute(MESSAGE, e3.getMessage());
            model.addAttribute(LOGIN_URL, fullRequestUrl);
            httpServletRequest.setAttribute(MESSAGE, e3.getMessage());
            return LOGIN_ERROR;
        }
    }

    private void setLoginCookie(HttpServletRequest httpServletRequest, ConsumerEntity consumerEntity) throws UnsupportedEncodingException {
        RequestCookieLocal.injectConsumerInfoIntoCookie(consumerEntity);
        String serverName = httpServletRequest.getServerName();
        CookieUtil.setCrossCookieFor24Hour(ConsumerConstants.IS_NOTLOGIN_USER, String.valueOf(consumerEntity.isNotLoginUser()), serverName);
        String parameter = httpServletRequest.getParameter("transfer");
        if (!StringUtils.isNotBlank(parameter) || parameter.length() >= 100) {
            CookieUtil.deleteCookie("transfer", serverName);
        } else {
            CookieUtil.setCrossCookieFor24Hour("transfer", parameter, serverName);
        }
        String parameter2 = httpServletRequest.getParameter("dcustom");
        if (StringUtils.isNotBlank(parameter2)) {
            CookieUtil.setCrossCookieFor24Hour("dcustom", URLEncoder.encode(StringEscapeUtils.unescapeHtml3(parameter2), UrlTool.EDCODE_TYPE_UTF8), serverName);
        } else {
            CookieUtil.deleteCookie("dcustom", serverName);
        }
    }

    private ConsumerEntity saveUserData(ConsumerEntity consumerEntity, LoginParam loginParam, String str, String str2) throws Exception {
        if (loginParam.getCredits() != null) {
            consumerEntity.setCredits(loginParam.getCredits());
        } else if (consumerEntity.getCredits() == null) {
            consumerEntity.setCredits(0L);
        }
        if (StringUtils.isNotBlank(loginParam.getPhone())) {
            consumerEntity.setPhone(loginParam.getPhone());
        }
        if (NumberUtils.isNumeric(loginParam.getVip())) {
            consumerEntity.setVipLevel(Integer.valueOf(loginParam.getVip()));
        }
        if (StringUtils.isNotBlank(str)) {
            String unescapeHtml3 = StringEscapeUtils.unescapeHtml3(str);
            CookieUtil.setCrossCookieFor24Hour("dcustom", URLEncoder.encode(unescapeHtml3, UrlTool.EDCODE_TYPE_UTF8), str2);
            Map<String, String> parseDcustom = DcustomParseUtil.parseDcustom(unescapeHtml3);
            consumerEntity.setNickname(new String(EmojiUtil.filterEmoji(parseDcustom.get("nickname") != null ? parseDcustom.get("nickname") : "").getBytes(), StandardCharsets.UTF_8));
            consumerEntity.setAvatar(parseDcustom.get("avatar"));
        } else {
            CookieUtil.deleteCookie("dcustom", str2);
        }
        if (consumerEntity.getId() == null) {
            try {
                consumerEntity.setId(this.consumerService.insert(consumerEntity).getId());
            } catch (Exception e) {
                LOGGER.info("创建用户失败，降级走查询方式，consumer={}", JSONObject.toJSONString(consumerEntity), e);
                ConsumerEntity findByPartnerUserId = this.consumerService.findByPartnerUserId(consumerEntity.getPartnerUserId());
                if (findByPartnerUserId != null) {
                    consumerEntity.setId(findByPartnerUserId.getId());
                }
            }
        } else {
            this.consumerService.update(consumerEntity);
        }
        if (consumerEntity.getId() == null) {
            throw new HomeRuntimeException("创建用户失败");
        }
        return consumerEntity;
    }

    private String processRedirect(HttpServletRequest httpServletRequest) {
        return UrlTool.getFullUrl(StringEscapeUtils.unescapeHtml3(httpServletRequest.getParameter(LoginParam._REDIRECT)));
    }

    private ConsumerEntity getUserInfo(LoginParam loginParam) {
        if (loginParam.getUid() != null && loginParam.getUid().equals("not_login")) {
            ConsumerEntity consumerEntity = new ConsumerEntity();
            consumerEntity.setPartnerUserId("gen_new_" + UUIDUtils.createUUID());
            return consumerEntity;
        }
        ConsumerEntity findById = Objects.equals(loginParam.getUid(), RequestCookieLocal.getPartnerUserId()) ? this.consumerService.findById(RequestCookieLocal.getCid()) : this.consumerService.findByPartnerUserId(loginParam.getUid());
        if (findById == null) {
            findById = new ConsumerEntity();
            findById.setPartnerUserId(loginParam.getUid());
        }
        return findById;
    }

    public static LoginParam getLoginParam(HttpServletRequest httpServletRequest) {
        LoginParam loginParam = new LoginParam();
        String parameter = httpServletRequest.getParameter(LoginParam._TIMESTAMP);
        loginParam.setTimestamp(StringUtils.isNotBlank(parameter) ? Long.valueOf(parameter) : null);
        String parameter2 = httpServletRequest.getParameter("credits");
        loginParam.setCredits(StringUtils.isNotBlank(parameter2) ? Long.valueOf(NumberUtils.parseLong(parameter2, 0L)) : null);
        loginParam.setAlipay(httpServletRequest.getParameter(LoginParam._ALIPAY));
        loginParam.setRealname(httpServletRequest.getParameter(LoginParam._REAL_NAME));
        loginParam.setQq(httpServletRequest.getParameter(LoginParam._QQ));
        loginParam.setAppKey(httpServletRequest.getParameter(LoginParam._APPKEY));
        loginParam.setPhone(httpServletRequest.getParameter(LoginParam._PHONE));
        loginParam.setUid(httpServletRequest.getParameter(LoginParam.PATERNER_USERID));
        loginParam.setVip(httpServletRequest.getParameter(LoginParam._VIP));
        loginParam.setRedirect(httpServletRequest.getParameter(LoginParam._REDIRECT));
        loginParam.setSign(httpServletRequest.getParameter(LoginParam._SIGN));
        return loginParam;
    }

    private void paramValidate(LoginParam loginParam) throws BizException {
        if (StringUtils.isBlank(loginParam.getAppKey())) {
            throw new BizException("appKey不能为空");
        }
        if (StringUtils.isBlank(loginParam.getUid())) {
            throw new BizException("uid不能为空");
        }
        if (loginParam.getTimestamp() == null) {
            throw new BizException("timestamp不能为空");
        }
        if (StringUtils.isBlank(loginParam.getSign())) {
            throw new BizException("sign不能为空");
        }
    }

    private void timestampValidate(LoginParam loginParam) throws BizException {
        if (System.currentTimeMillis() - loginParam.getTimestamp().longValue() > 300000) {
            throw new BizException("请求已过期");
        }
    }
}
