package com.huawei.bigdata.om.web.api.service;

import com.galaxmanager.iam.itfc.model.response.OpLogRecordResponse;
import com.huawei.bigdata.om.controller.api.common.conf.lan.LanguageRepository;
import com.huawei.bigdata.om.web.api.controller.SessionController;
import com.huawei.bigdata.om.web.api.exception.InternalServerException;
import com.huawei.bigdata.om.web.auditlog.util.AuditLogUtils;
import com.huawei.bigdata.om.web.constant.MonitorConstants;
import com.huawei.bigdata.om.web.security.ControllerHtttpClient;
import com.huawei.bigdata.om.web.security.iam.constant.IAMException;
import com.huawei.bigdata.om.web.security.iam.util.IAMUtil;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/huawei/bigdata/om/web/api/service/SessionResourceService.class */
public class SessionResourceService extends BaseResourceService {
    private static final Logger LOG = LoggerFactory.getLogger(SessionController.class);
    private static final String LOCKED_USER_ACTION_ADD = "1";
    private static final String LOCKED_USER_ACTION_QUERY = "2";
    private static final String LOCKED_USER_ACTION_DELETE = "3";
    private static final String RESID_OM_USER_LOCKED_SCREEN = "RESID_OM_USER_0063";
    private static final String RESID_OM_USER_LOCKED_USER = "RESID_OM_USER_0070";
    private static final String RESID_OM_USER_UNLOCKED_USER = "RESID_OM_USER_0071";
    private static final String RESID_OM_USER_UNLOCKED_SCREEN = "RESID_OM_USER_0059";
    private static final String UNDERLINE = "_";

    @Autowired
    private SessionResourceService sessionService;

    public void unlockedUser(String str, String str2, String str3) {
        LOG.info("The user account is unlocked.");
        HashMap hashMap = new HashMap();
        hashMap.put(MonitorConstants.DUMP_KEY_USERNAME, str);
        hashMap.put("clientAddress", str2);
        hashMap.put("actionId", str3);
        hashMap.put(MonitorConstants.STR_RESULT, "0");
        hashMap.put("succeedDetails", LanguageRepository.getLanResById("en-us", RESID_OM_USER_UNLOCKED_SCREEN, new Object[]{str}));
        hashMap.put("succeedDetailsCh", LanguageRepository.getLanResById("zh-cn", RESID_OM_USER_UNLOCKED_SCREEN, new Object[]{str}));
        recordAuditlog("user unlock", hashMap);
    }

    public void lockedUser(String str, String str2, String str3) {
        LOG.info("The user account is locked.");
        if (StringUtils.isEmpty(ControllerHtttpClient.doExecute(str, "2"))) {
            if (!StringUtils.isEmpty(ControllerHtttpClient.doExecute(str, "1"))) {
                LOG.info("add user acount was blocked success.");
            }
            HashMap hashMap = new HashMap();
            hashMap.put(MonitorConstants.DUMP_KEY_USERNAME, str);
            hashMap.put("clientAddress", str2);
            hashMap.put("actionId", str3);
            hashMap.put(MonitorConstants.STR_RESULT, "0");
            hashMap.put("succeedDetails", LanguageRepository.getLanResById("en-us", RESID_OM_USER_LOCKED_USER, new Object[]{str}));
            hashMap.put("succeedDetailsCh", LanguageRepository.getLanResById("zh-cn", RESID_OM_USER_LOCKED_USER, new Object[]{str}));
            recordAuditlog("user lock", hashMap);
        }
    }

    public void unlockCurrentUser(String str, String str2) {
        if (StringUtils.isNotEmpty(ControllerHtttpClient.doExecute(str, "2"))) {
            if (StringUtils.isEmpty(ControllerHtttpClient.doExecute(str, "3"))) {
                LOG.info("delete user acount was blocked success.");
            }
            String remoteAddress = this.sessionService.getUserDetails().getRemoteAddress();
            HashMap hashMap = new HashMap();
            hashMap.put(MonitorConstants.DUMP_KEY_USERNAME, str);
            hashMap.put("clientAddress", remoteAddress);
            hashMap.put("actionId", str2);
            hashMap.put(MonitorConstants.STR_RESULT, "0");
            hashMap.put("succeedDetails", LanguageRepository.getLanResById("en-us", RESID_OM_USER_UNLOCKED_USER, new Object[]{str}));
            hashMap.put("succeedDetailsCh", LanguageRepository.getLanResById("zh-cn", RESID_OM_USER_UNLOCKED_USER, new Object[]{str}));
            recordAuditlog("user unlock", hashMap);
        }
    }

    public void lockedScreen(String str, String str2, String str3) {
        LOG.info("The screen is locked.");
        HashMap hashMap = new HashMap();
        hashMap.put(MonitorConstants.DUMP_KEY_USERNAME, str);
        hashMap.put("clientAddress", str2);
        hashMap.put("actionId", str3);
        hashMap.put(MonitorConstants.STR_RESULT, "0");
        hashMap.put("succeedDetails", LanguageRepository.getLanResById("en-us", RESID_OM_USER_LOCKED_SCREEN));
        hashMap.put("succeedDetailsCh", LanguageRepository.getLanResById("zh-cn", RESID_OM_USER_LOCKED_SCREEN));
        recordAuditlog("lock screen", hashMap);
    }

    public String getTokenInfo() {
        StringBuilder sb = new StringBuilder();
        try {
            SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
            for (int i = 0; i < 32; i++) {
                switch (secureRandom.nextInt(3)) {
                    case 0:
                        sb.append(secureRandom.nextInt(10));
                        break;
                    case 1:
                        sb.append((char) (secureRandom.nextInt(26) + 65));
                        break;
                    case 2:
                        sb.append((char) (secureRandom.nextInt(26) + 97));
                        break;
                }
            }
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
            LOG.error("getToken failed!");
        }
        return sb.toString();
    }

    private void recordAuditlog(String str, Map<String, String> map) {
        OpLogRecordResponse recordOperationLog = AuditLogUtils.recordOperationLog(map);
        if (recordOperationLog == null || recordOperationLog.getIntResultCode() != 0) {
            LOG.error("{} record auditlog error.", str);
        } else {
            LOG.info("{} record auditlog success.", str);
        }
    }

    public String getCurrentLoginUsername() {
        try {
            return IAMUtil.getCurrentLoginUsername();
        } catch (IAMException e) {
            LOG.error("Current login userName is null.", e);
            throw new InternalServerException("13-5000001", "RESID_OM_API_SESSION_0010");
        }
    }

    public void checkDownloadPermission(String str) {
        if (getCurrentLoginUsername().equals(StringUtils.substringBeforeLast(StringUtils.substringBeforeLast(str, "_"), "_"))) {
            return;
        }
        LOG.error("Cannot download other user's keytab.");
        throw new InternalServerException("12-5000002", "RESID_OM_API_AUTHORITY_0045");
    }
}
