package com.deodar.framework.shiro.realm;

import com.deodar.common.exception.user.CaptchaException;
import com.deodar.common.exception.user.RoleBlockedException;
import com.deodar.common.exception.user.UserBlockedException;
import com.deodar.common.exception.user.UserNotExistsException;
import com.deodar.common.exception.user.UserPasswordNotMatchException;
import com.deodar.common.exception.user.UserPasswordRetryLimitExceedException;
import com.deodar.framework.shiro.service.SysLoginService;
import com.deodar.framework.util.ShiroUtils;
import com.deodar.system.domain.SysUser;
import com.deodar.system.service.ISysMenuService;
import com.deodar.system.service.ISysRoleService;
import java.util.HashSet;
import java.util.Set;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/deodar/framework/shiro/realm/UserRealm.class */
public class UserRealm extends AuthorizingRealm {
    private static final Logger log = LoggerFactory.getLogger(UserRealm.class);

    @Autowired
    private ISysMenuService menuService;

    @Autowired
    private ISysRoleService roleService;

    @Autowired
    private SysLoginService loginService;

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        SysUser sysUser = ShiroUtils.getSysUser();
        new HashSet();
        new HashSet();
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        if (sysUser.isAdmin()) {
            simpleAuthorizationInfo.addRole("admin");
            simpleAuthorizationInfo.addStringPermission("*:*:*");
        } else {
            Set selectRoleKeys = this.roleService.selectRoleKeys(sysUser.getUserId());
            Set selectPermsByUserId = this.menuService.selectPermsByUserId(sysUser.getUserId());
            simpleAuthorizationInfo.setRoles(selectRoleKeys);
            simpleAuthorizationInfo.setStringPermissions(selectPermsByUserId);
        }
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
        String username = usernamePasswordToken.getUsername();
        String str = usernamePasswordToken.getPassword() != null ? new String(usernamePasswordToken.getPassword()) : "";
        try {
            return new SimpleAuthenticationInfo(this.loginService.login(username, str), str, getName());
        } catch (UserPasswordNotMatchException e) {
            throw new IncorrectCredentialsException(e.getMessage(), e);
        } catch (RoleBlockedException e2) {
            throw new LockedAccountException(e2.getMessage(), e2);
        } catch (UserPasswordRetryLimitExceedException e3) {
            throw new ExcessiveAttemptsException(e3.getMessage(), e3);
        } catch (CaptchaException e4) {
            throw new AuthenticationException(e4.getMessage(), e4);
        } catch (Exception e5) {
            log.info("对用户[" + username + "]进行登录验证..验证未通过{}", e5.getMessage());
            throw new AuthenticationException(e5.getMessage(), e5);
        } catch (UserNotExistsException e6) {
            throw new UnknownAccountException(e6.getMessage(), e6);
        } catch (UserBlockedException e7) {
            throw new LockedAccountException(e7.getMessage(), e7);
        }
    }

    public void clearCachedAuthorizationInfo() {
        clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals());
    }
}
