package com.mbap.pp.common.controller;

import com.mbap.core.logger.LoggerBox;
import com.mbap.core.util.AuthInfoUtil;
import com.mbap.core.util.CurrentInfo;
import com.mbap.pp.common.domain.OnlyValidate;
import com.mbap.pp.common.service.CommonService;
import com.mbap.pp.common.service.LoginExtenderService;
import com.mbap.util.constant.CsrfMsg;
import com.mbap.util.date.DateUtil;
import com.mbap.util.lang.StringUtil;
import com.mbap.util.view.R;
import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics;
import java.awt.image.BufferedImage;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.LinkedHashMap;
import javax.annotation.Resource;
import javax.imageio.ImageIO;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"rest/system/common"})
@Controller
/* loaded from: input_file:com/mbap/pp/common/controller/CommonRESTController.class */
public class CommonRESTController {

    @Autowired
    private CommonService commonService;

    @Autowired
    private RedisTemplate<String, Object> redisTemplate;

    @Resource
    private LoginExtenderService loginExtendService;

    @RequestMapping(value = {"/onlyValidate"}, method = {RequestMethod.POST}, name = "通用唯一校验")
    @ResponseBody
    public R onlyValidate(@RequestBody OnlyValidate onlyValidate) {
        try {
            return this.commonService.validate(onlyValidate) == 0 ? R.SUCCESS(true) : R.SUCCESS(false);
        } catch (Exception e) {
            LoggerBox.EXCEPTION_LOGGER.record("唯一校验出错", e);
            return R.ERROR();
        }
    }

    @RequestMapping(value = {"/adminValidate"}, method = {RequestMethod.GET}, name = "是否管理员校验")
    @ResponseBody
    public R adminValidate() {
        try {
            return AuthInfoUtil.getStaff().getId().equals("402881f7347e754501347e9d325c0003") ? R.SUCCESS(true) : R.SUCCESS(false);
        } catch (Exception e) {
            LoggerBox.EXCEPTION_LOGGER.record("唯一校验出错", e);
            return R.ERROR();
        }
    }

    @GetMapping({"csrf"})
    @ResponseBody
    public R getCsrf(@RequestParam(value = "client_id", required = true) String str) {
        try {
            return R.SUCCESS(this.commonService.createCsrf(str));
        } catch (Exception e) {
            LoggerBox.EXCEPTION_LOGGER.record("生成csrf信息出错", e);
            return R.ERROR();
        }
    }

    @RequestMapping(value = {"/createValidCode"}, method = {RequestMethod.GET})
    public void createValiCode(HttpServletResponse httpServletResponse, @RequestParam(value = "clientName", required = true) String str, @RequestParam(value = "csrfCode", required = true) String str2) {
        SecureRandom instanceStrong;
        StringBuilder sb;
        String str3;
        LinkedHashMap linkedHashMap;
        try {
            httpServletResponse.setContentType("image/jpeg");
            httpServletResponse.setHeader("Pragma", "No-cache");
            httpServletResponse.setHeader("Cache-Control", "no-cache");
            httpServletResponse.setDateHeader("Expires", 0L);
            BufferedImage bufferedImage = new BufferedImage(60, 20, 1);
            ServletOutputStream outputStream = httpServletResponse.getOutputStream();
            Graphics graphics = bufferedImage.getGraphics();
            try {
                instanceStrong = SecureRandom.getInstanceStrong();
                graphics.setColor(getRandColor(200, 250));
                graphics.fillRect(0, 0, 60, 20);
                graphics.setFont(new Font("Comic Sans MS", 0, 20));
                graphics.setColor(getRandColor(160, 200));
                for (int i = 0; i < 100; i++) {
                    int nextInt = instanceStrong.nextInt(60);
                    int nextInt2 = instanceStrong.nextInt(20);
                    graphics.drawLine(nextInt, nextInt2, nextInt + instanceStrong.nextInt(12), nextInt2 + instanceStrong.nextInt(12));
                }
                sb = new StringBuilder();
                if (StringUtil.isEmpty(this.loginExtendService.getValidCode(str, str2))) {
                    for (int i2 = 0; i2 < 4; i2++) {
                        String valueOf = String.valueOf(instanceStrong.nextInt(10));
                        sb.append(valueOf);
                        graphics.setColor(new Color(20 + instanceStrong.nextInt(110), 20 + instanceStrong.nextInt(110), 20 + instanceStrong.nextInt(110)));
                        graphics.drawString(valueOf, (13 * i2) + 6, 16);
                    }
                } else {
                    sb.append(this.loginExtendService.getValidCode(str, str2));
                    char[] charArray = sb.toString().toCharArray();
                    for (int i3 = 0; i3 < charArray.length; i3++) {
                        graphics.setColor(new Color(20 + instanceStrong.nextInt(110), 20 + instanceStrong.nextInt(110), 20 + instanceStrong.nextInt(110)));
                        graphics.drawString(String.valueOf(charArray[i3]), (13 * i3) + 6, 16);
                    }
                }
                str3 = "csrfrecord:" + DateUtil.format("yyyyMMdd") + ":" + str + ":" + str2;
                linkedHashMap = (LinkedHashMap) this.redisTemplate.opsForHash().get(str3, str2);
            } catch (NoSuchAlgorithmException e) {
                LoggerBox.EXCEPTION_LOGGER.record("验证码生成异常", e);
            }
            if (linkedHashMap == null || !StringUtil.isNotEmpty(linkedHashMap.get("csrf").toString()) || !linkedHashMap.get("csrf").toString().equals(str2) || !linkedHashMap.get("client_id").toString().equals(str)) {
                throw new RuntimeException("无效的验证码生成请求");
            }
            CsrfMsg csrfMsg = new CsrfMsg(linkedHashMap.get("client_id").toString(), "");
            csrfMsg.setCsrf(str2);
            csrfMsg.setValidCode(sb.toString());
            csrfMsg.setTime(System.currentTimeMillis());
            csrfMsg.setClient_ip(CurrentInfo.getRequest().getHeader("client_ip"));
            this.redisTemplate.opsForHash().put(str3, str2, csrfMsg);
            for (int i4 = 0; i4 < 35; i4++) {
                int nextInt3 = instanceStrong.nextInt(60);
                int nextInt4 = instanceStrong.nextInt(20);
                graphics.drawLine(nextInt3, nextInt4, nextInt3 + instanceStrong.nextInt(12), nextInt4 + instanceStrong.nextInt(12));
            }
            graphics.dispose();
            ImageIO.write(bufferedImage, "jpg", outputStream);
            outputStream.flush();
            outputStream.close();
            httpServletResponse.flushBuffer();
        } catch (Exception e2) {
            LoggerBox.EXCEPTION_LOGGER.record("验证码生成异常", e2);
        }
    }

    public Color getRandColor(int i, int i2) {
        try {
            SecureRandom instanceStrong = SecureRandom.getInstanceStrong();
            if (i > 255) {
                i = 255;
            }
            if (i2 > 255) {
                i2 = 255;
            }
            return new Color(i + instanceStrong.nextInt(i2 - i), i + instanceStrong.nextInt(i2 - i), i + instanceStrong.nextInt(i2 - i));
        } catch (NoSuchAlgorithmException e) {
            LoggerBox.EXCEPTION_LOGGER.record("验证码生成异常", e);
            return null;
        }
    }

    @RequestMapping(value = {"/checkValidCode"}, method = {RequestMethod.GET})
    @ResponseBody
    public R checkValidCode(@RequestParam(value = "csrfCode", required = true) String str, @RequestParam(value = "validCode", required = true) String str2, @RequestParam(value = "clientId", required = true) String str3) {
        try {
            LinkedHashMap linkedHashMap = (LinkedHashMap) this.redisTemplate.opsForHash().get("csrfrecord:" + DateUtil.format("yyyyMMdd") + ":" + str3 + ":" + str, str);
            return (linkedHashMap == null || !str2.equals(linkedHashMap.get("validCode").toString())) ? R.SUCCESS(false) : R.SUCCESS(true);
        } catch (Exception e) {
            LoggerBox.EXCEPTION_LOGGER.record("生成csrf信息出错", e);
            return R.ERROR();
        }
    }
}
