package com.bstek.bdf2.core.service.impl;

import com.bstek.bdf2.core.business.IUser;
import com.bstek.bdf2.core.context.ContextHolder;
import com.bstek.bdf2.core.model.DefaultUser;
import com.bstek.bdf2.core.service.IDeptService;
import com.bstek.bdf2.core.service.IFrameworkService;
import com.bstek.bdf2.core.service.IGroupService;
import com.bstek.bdf2.core.service.IPositionService;
import com.bstek.dorado.core.Configure;
import org.apache.commons.lang.StringUtils;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.encoding.PasswordEncoder;
import org.springframework.security.core.AuthenticationException;

/* loaded from: input_file:com/bstek/bdf2/core/service/impl/DefaultFrameworkService.class */
public class DefaultFrameworkService implements IFrameworkService {
    public static final String BEAN_ID = "bdf2.frameworkService";
    private IDeptService deptService;
    private IPositionService positionService;
    private IGroupService groupService;
    private PasswordEncoder passwordEncoder;

    @Override // com.bstek.bdf2.core.service.IFrameworkService
    public void authenticate(IUser iUser, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        preChecks(usernamePasswordAuthenticationToken);
        DefaultUser defaultUser = (DefaultUser) iUser;
        if (!this.passwordEncoder.isPasswordValid(iUser.getPassword(), usernamePasswordAuthenticationToken.getCredentials().toString(), defaultUser.getSalt())) {
            throw new BadCredentialsException("The password is invalid");
        }
        defaultUser.setDepts(this.deptService.loadUserDepts(iUser.getUsername()));
        defaultUser.setPositions(this.positionService.loadUserPositions(iUser.getUsername()));
        defaultUser.setGroups(this.groupService.loadUserGroups(iUser.getUsername()));
    }

    private void preChecks(UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) throws AuthenticationException {
        if (Configure.getBoolean("bdf2.useCaptchaForLogin")) {
            String parameter = ContextHolder.getRequest().getParameter("captcha_");
            if (!StringUtils.isNotEmpty(parameter)) {
                throw new BadCredentialsException("验证码不能为空");
            }
            String str = (String) ContextHolder.getHttpSession().getAttribute("KAPTCHA_SESSION_KEY");
            if (str == null) {
                throw new BadCredentialsException("验证码过期");
            }
            if (!str.equals(parameter)) {
                throw new BadCredentialsException("验证码不正确");
            }
        }
        if (usernamePasswordAuthenticationToken.getPrincipal() == null) {
            throw new BadCredentialsException("Username can not be null");
        }
        if (usernamePasswordAuthenticationToken.getCredentials() == null) {
            throw new BadCredentialsException("password can not be null");
        }
    }

    public void setPasswordEncoder(PasswordEncoder passwordEncoder) {
        this.passwordEncoder = passwordEncoder;
    }

    public void setDeptService(IDeptService iDeptService) {
        this.deptService = iDeptService;
    }

    public void setPositionService(IPositionService iPositionService) {
        this.positionService = iPositionService;
    }

    public void setGroupService(IGroupService iGroupService) {
        this.groupService = iGroupService;
    }
}
