package kd.isc.iscb.platform.core.connector.ierp;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.TypeReference;
import com.alibaba.fastjson.parser.Feature;
import com.alibaba.fastjson.serializer.SerializerFeature;
import java.io.IOException;
import java.io.Reader;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import kd.bos.cache.CacheFactory;
import kd.bos.cache.DistributeSessionlessCache;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.instance.Instance;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.servicehelper.BusinessDataServiceHelper;
import kd.bos.servicehelper.QueryServiceHelper;
import kd.bos.util.EncryptUtils;
import kd.bos.util.PasswordEncryptUtil;
import kd.isc.iscb.platform.core.api.openapi.OpenApiConstFields;
import kd.isc.iscb.platform.core.connector.ConnectionWrapper;
import kd.isc.iscb.platform.core.connector.ConnectorUtil;
import kd.isc.iscb.platform.core.connector.apic.doc.apixml.Const;
import kd.isc.iscb.platform.core.connector.k3cloud.K3CloudConstant;
import kd.isc.iscb.platform.core.connector.self.ProxyUserUtil;
import kd.isc.iscb.platform.core.connector.sunftp.FtpUtil;
import kd.isc.iscb.util.connector.InitResult;
import kd.isc.iscb.util.connector.PermissionMode;
import kd.isc.iscb.util.connector.client.RemoteSystem;
import kd.isc.iscb.util.connector.server.ConnectorCallback;
import kd.isc.iscb.util.db.DbUtil;
import kd.isc.iscb.util.dt.D;
import kd.isc.iscb.util.except.IscBizException;
import kd.isc.iscb.util.misc.Cipher;
import kd.isc.iscb.util.misc.Hash;
import kd.isc.iscb.util.misc.Json;
import kd.isc.iscb.util.misc.NetUtil;
import kd.isc.iscb.util.misc.StringUtil;

/* loaded from: input_file:kd/isc/iscb/platform/core/connector/ierp/IerpUtil.class */
public class IerpUtil {
    private static final String FIELD_WEB_APP = "web_app";
    private static final String FIELD_SERVER_PORT = "server_port";
    private static final String FIELD_SERVER_IP = "server_ip";
    private static final String FIELD_TENANT = "tenant";
    private static final String FIELD_USER = "user";
    private static final String FIELD_SECRET = "password";
    private static final String FIELD_ACCOUNT = "account";
    private static final String PARAM_COMMAND = "command";
    private static final String FIELD_APP_ID = "appId";
    private static final Log logger = LogFactory.getLog(IerpUtil.class);
    private static final DistributeSessionlessCache cache = CacheFactory.getCommonCacheFactory().getDistributeSessionlessCache("ierp.connector");

    public static void deploy(DynamicObject dynamicObject, String str, String str2, PermissionMode permissionMode) {
        IerpProxyContext ierpProxyContext = new IerpProxyContext(dynamicObject);
        String remoteURL = ierpProxyContext.getRemoteURL();
        String ierpAccessKey = getIerpAccessKey(dynamicObject);
        String generateEncodeKey = generateEncodeKey(ierpProxyContext, dynamicObject.getString(FIELD_APP_ID), str2);
        HashMap hashMap = new HashMap();
        hashMap.put("h", Hash.md5(str + ierpAccessKey));
        hashMap.put("t", Long.valueOf(System.currentTimeMillis()));
        String encrypt = Cipher.encrypt(Json.toString(hashMap), generateEncodeKey);
        HashMap hashMap2 = new HashMap();
        hashMap2.put(PARAM_COMMAND, "remote_deploy");
        hashMap2.put("ierp_server_url", str);
        hashMap2.put("access_key", Cipher.encrypt(ierpAccessKey, generateEncodeKey));
        hashMap2.put("permission_mode", permissionMode.toString());
        hashMap2.put(FIELD_APP_ID, dynamicObject.getString(FIELD_APP_ID));
        hashMap2.put("check_content", encrypt);
        String uuid = UUID.randomUUID().toString();
        hashMap2.put("sql_key_salt", uuid);
        hashMap2.put("sql_key_hash", D.s(Long.valueOf(Hash.mur64((uuid + ierpProxyContext.getKey()).getBytes(StandardCharsets.UTF_8)))));
        NetUtil.asyncHttpInvoke(remoteURL, hashMap2);
    }

    public static String generateEncodeKey(IerpProxyContext ierpProxyContext, String str, String str2) {
        if (StringUtil.isEmpty(str2)) {
            throw new IscBizException(ResManager.loadKDString("开放应用密码不允许为空", "IerpUtil_0", "isc-iscb-platform-core", new Object[0]));
        }
        String encryptPSW = EncryptUtils.encryptPSW(str2);
        HashMap hashMap = new HashMap();
        hashMap.put(FIELD_APP_ID, str);
        hashMap.put(PARAM_COMMAND, "get_something");
        String s = D.s(ierpProxyContext.invoke(hashMap));
        if (s == null) {
            return encryptPSW;
        }
        try {
            return PasswordEncryptUtil.getEncryptedPassword(str2, s);
        } catch (Exception e) {
            logger.warn("加密失败，原因：" + e.getMessage(), e);
            return encryptPSW;
        }
    }

    public static String generateURL(DynamicObject dynamicObject) {
        StringBuilder generateURI = generateURI(dynamicObject);
        HashMap hashMap = new HashMap();
        hashMap.put("u", dynamicObject.get("user"));
        hashMap.put("p", dynamicObject.get("password"));
        hashMap.put(FIELD_ACCOUNT, dynamicObject.get(FIELD_ACCOUNT));
        hashMap.put(FIELD_TENANT, dynamicObject.get(FIELD_TENANT));
        hashMap.put("t", Long.valueOf(System.currentTimeMillis()));
        generateURI.append("&key=").append(Cipher.encrypt(Json.toString(hashMap), generateIerpKey(dynamicObject, getProxyUser(dynamicObject))));
        return generateURI.toString();
    }

    public static StringBuilder generateURI(DynamicObject dynamicObject) {
        StringBuilder connectorContextUrl = getConnectorContextUrl(dynamicObject);
        try {
            connectorContextUrl.append("/kapi").append("/app/iscb/IscServiceDispatcher").append("?access_token=").append(getThirdAccessToken(dynamicObject));
            return connectorContextUrl;
        } catch (Exception e) {
            if (!StringUtil.getMessage(e).contains("用户名或密码错误")) {
                throw new IscBizException(e);
            }
            String s = D.s(dynamicObject.get(FIELD_ACCOUNT));
            throw new IscBizException(String.format(ResManager.loadKDString("账套：%1$s（%2$s）登录失败，请检查集成云“连接配置”上登记的代理用户或密码是否正确。", "IerpUtil_6", "isc-iscb-platform-core", new Object[0]), s, getAccountName(connectorContextUrl.toString(), s)), e);
        }
    }

    public static String getAccountName(String str, String str2) {
        try {
            if (str.endsWith(FtpUtil.SLASH_STR)) {
                str = str.substring(0, str.length() - 1);
            }
            return getAccountNameFromRemote(str2, str + "/auth/getAllDatacenters.do");
        } catch (Exception e) {
            logger.warn("找不到账套ID：" + str2 + "对应的账套名称。", e);
            return "unknown";
        }
    }

    private static String getAccountNameFromRemote(String str, String str2) throws IOException {
        Reader httpGet = NetUtil.httpGet(str2, "utf-8");
        try {
            for (Map map : (List) Json.toObject(httpGet)) {
                if (str.equals(map.get("accountId"))) {
                    String s = D.s(map.get("accountName"));
                    DbUtil.close(httpGet);
                    return s;
                }
            }
            return "unknown";
        } finally {
            DbUtil.close(httpGet);
        }
    }

    private static StringBuilder getConnectorContextUrl(DynamicObject dynamicObject) {
        StringBuilder sb = new StringBuilder();
        String s = D.s(dynamicObject.getString("http_protocal"));
        if (s == null) {
            s = "http";
        }
        sb.append(s).append("://").append(dynamicObject.get("server_ip"));
        int i = D.i(dynamicObject.get("server_port"));
        if (i != 0) {
            sb.append(':').append(i);
        }
        String s2 = D.s(dynamicObject.get("web_app"));
        if (s2 != null) {
            sb.append(s2);
        }
        return sb;
    }

    public static String getIerpAccessKey(DynamicObject dynamicObject) {
        long j = dynamicObject.getLong("ierp_proxy_user_id");
        if (j <= 0) {
            throw new IscBizException(ResManager.loadKDString("必须指定“苍穹代理用户”才能生成访问键！", "IerpUtil_4", "isc-iscb-platform-core", new Object[0]));
        }
        DynamicObject loadSingleFromCache = BusinessDataServiceHelper.loadSingleFromCache(Long.valueOf(j), "bos_user");
        Map<String, String> thirdLoginInfo = ConnectorUtil.getThirdLoginInfo(dynamicObject, loadSingleFromCache);
        thirdLoginInfo.put("key", generateIerpKey(dynamicObject, loadSingleFromCache));
        return Cipher.encrypt(Json.toString(thirdLoginInfo));
    }

    public static String generateIerpKey(DynamicObject dynamicObject, DynamicObject dynamicObject2) {
        StringBuilder sb = new StringBuilder();
        sb.append(dynamicObject.get("server_ip")).append('/');
        sb.append(dynamicObject.get("server_port")).append('/');
        sb.append(dynamicObject.get("user")).append('/');
        sb.append(dynamicObject.get(FIELD_ACCOUNT)).append('/');
        sb.append(dynamicObject.get(FIELD_TENANT)).append('/');
        sb.append(dynamicObject.get("web_app")).append('/');
        sb.append(dynamicObject.getPkValue()).append('/');
        RequestContext requestContext = RequestContext.get();
        sb.append(requestContext.getTenantId()).append('/');
        sb.append(requestContext.getAccountId()).append('/');
        if (dynamicObject2 != null) {
            sb.append('/').append(dynamicObject2.getPkValue());
        }
        return Hash.md5(sb.toString()).toUpperCase();
    }

    public static void pushPermission(DynamicObject dynamicObject, Map<Object, Object> map, String str) {
        Map map2 = (Map) Json.toObject(Cipher.decrypt(getIerpAccessKey(dynamicObject)));
        map2.put("current_data_center", dynamicObject.getString(FIELD_ACCOUNT) + Const.COMMA + dynamicObject.getString(FIELD_TENANT));
        String encrypt = Cipher.encrypt(Json.toString(map), Cipher.encrypt(Json.toString(map2)));
        String remoteURL = new IerpProxyContext(dynamicObject).getRemoteURL();
        HashMap hashMap = new HashMap();
        hashMap.put(PARAM_COMMAND, "push_permission");
        hashMap.put("data", encrypt);
        NetUtil.asyncHttpInvoke(remoteURL, hashMap);
    }

    public static String getThirdAccessToken(DynamicObject dynamicObject) {
        Map<String, String> thirdLoginInfo = getThirdLoginInfo(dynamicObject, getProxyUser(dynamicObject));
        String key = getKey(thirdLoginInfo);
        String str = (String) cache.get(key);
        if (str != null) {
            return str;
        }
        Map newAccessTokenData = ConnectorCallback.getNewAccessTokenData(thirdLoginInfo);
        long l = D.l(newAccessTokenData.get("expire_time"));
        long currentTimeMillis = System.currentTimeMillis();
        long j = 1800;
        if (l > 0 && l > currentTimeMillis) {
            long j2 = (l - currentTimeMillis) / 1000;
            j = j2 > 1800 ? 1800L : j2;
        } else if (l > 0) {
            logger.error(String.format("IerpUtil.getThirdAccessToken方法：远端苍穹返回的过期时间小于当前时间，远端返回的是：%s，但是当前时间是：%s", Long.valueOf(l), Long.valueOf(currentTimeMillis)));
        }
        String s = D.s(newAccessTokenData.get("access_token"));
        cache.put(key, s, (int) j);
        return s;
    }

    private static String getKey(Map<String, String> map) {
        return Hash.mur2digital32(new Object[]{map.get("user"), map.get("accountId"), map.get("tenantid"), map.get(FIELD_APP_ID), map.get("appSecuret"), map.get("ierp_server_url"), map.get("password")});
    }

    public static void removeThirdAccessToken(DynamicObject dynamicObject) {
        Map<String, String> thirdLoginInfo = getThirdLoginInfo(dynamicObject, getProxyUser(dynamicObject));
        ConnectorCallback.removeAccessToken(thirdLoginInfo);
        cache.remove(getKey(thirdLoginInfo));
    }

    public static Map<String, String> getThirdLoginInfo(DynamicObject dynamicObject, DynamicObject dynamicObject2) {
        HashMap hashMap = new HashMap();
        String string = dynamicObject.getString(OpenApiConstFields.APPID);
        String string2 = dynamicObject.getString("appsecret");
        hashMap.put(FIELD_APP_ID, string);
        hashMap.put("appSecuret", string2);
        hashMap.put("accountId", dynamicObject.getString(FIELD_ACCOUNT));
        hashMap.put("tenantid", dynamicObject.getString(FIELD_TENANT));
        hashMap.put("language", dynamicObject.getString(K3CloudConstant.ICID));
        hashMap.put("clusterName", Instance.getClusterName());
        String string3 = dynamicObject.getString("user");
        hashMap.put("user", string3);
        hashMap.put(ProxyUserUtil.USER_TYPE, D.isLong(string3) ? "Mobile" : string3.contains("@") ? "Email" : "UserName");
        hashMap.put("connection_id", dynamicObject.getPkValue().toString());
        hashMap.put("connection_number", dynamicObject.getString("number"));
        hashMap.put("isc_hub", ConnectorUtil.getIscHub(dynamicObject));
        hashMap.put("isc_local_ip", NetUtil.getLocalAddress());
        hashMap.put("ierp_server_url", getConnectorContextUrl(dynamicObject).toString());
        hashMap.put("proxyUser", D.s(dynamicObject2.getPkValue()));
        if (ConnectorUtil.passwordRequired()) {
            hashMap.put("password", dynamicObject.getString("newpwd"));
            hashMap.put("logintype", "2");
        }
        return hashMap;
    }

    public static DynamicObject getProxyUser(DynamicObject dynamicObject) {
        long j = dynamicObject.getLong("ierp_proxy_user_id");
        if (j <= 0 || !QueryServiceHelper.exists("bos_user", Long.valueOf(j))) {
            throw new IllegalArgumentException(ResManager.loadKDString("未指定当前苍穹代理用户或用户不存在！", "IerpUtil_5", "isc-iscb-platform-core", new Object[0]));
        }
        return BusinessDataServiceHelper.loadSingleFromCache(Long.valueOf(j), "bos_user");
    }

    public static String getAccountKey() {
        return RequestContext.get().getAccountId() + Const.COMMA + RequestContext.get().getTenantId();
    }

    public static void undeploy(DynamicObject dynamicObject, IerpProxyContext ierpProxyContext, String str, String str2, String str3) {
        HashMap hashMap = new HashMap();
        hashMap.put(PARAM_COMMAND, "remote_undeploy");
        hashMap.put(FIELD_APP_ID, dynamicObject.getString(FIELD_APP_ID));
        hashMap.put("isc_hub", str);
        hashMap.put("check_content", getCheckContent(dynamicObject, ierpProxyContext, str2, str3));
        ierpProxyContext.invoke(hashMap);
    }

    private static String getCheckContent(DynamicObject dynamicObject, IerpProxyContext ierpProxyContext, String str, String str2) {
        String ierpAccessKey = getIerpAccessKey(dynamicObject);
        String generateEncodeKey = generateEncodeKey(ierpProxyContext, dynamicObject.getString(FIELD_APP_ID), str2);
        HashMap hashMap = new HashMap();
        hashMap.put("h", Hash.md5(str + ierpAccessKey));
        hashMap.put("t", Long.valueOf(System.currentTimeMillis()));
        return Cipher.encrypt(Json.toString(hashMap), generateEncodeKey);
    }

    public static Map<String, InitResult> checkInitState(ConnectionWrapper connectionWrapper, Map<String, Object> map, String str) {
        DynamicObject config = connectionWrapper.getConfig();
        IerpProxyContext ierpProxyContext = new IerpProxyContext(config);
        String string = config.getString(FIELD_APP_ID);
        return (Map) JSON.parseObject(RemoteSystem.checkInitState(ierpProxyContext, encryptData(ierpProxyContext, string, str, map), string), new TypeReference<Map<String, InitResult>>() { // from class: kd.isc.iscb.platform.core.connector.ierp.IerpUtil.1
        }, new Feature[0]);
    }

    public static Map<String, InitResult> initEnv(ConnectionWrapper connectionWrapper, Map<String, Object> map, String str) {
        DynamicObject config = connectionWrapper.getConfig();
        IerpProxyContext ierpProxyContext = new IerpProxyContext(config);
        String string = config.getString(FIELD_APP_ID);
        return (Map) JSON.parseObject(RemoteSystem.initEnv(ierpProxyContext, encryptData(ierpProxyContext, string, str, map), string), new TypeReference<Map<String, InitResult>>() { // from class: kd.isc.iscb.platform.core.connector.ierp.IerpUtil.2
        }, new Feature[0]);
    }

    private static String encryptData(IerpProxyContext ierpProxyContext, String str, String str2, Map<String, Object> map) {
        return Cipher.encrypt(JSON.toJSONString(map, new SerializerFeature[]{SerializerFeature.WriteMapNullValue}), generateEncodeKey(ierpProxyContext, str, str2));
    }
}
