package com.lxzn.auth.security;

import com.lxzn.framework.domain.ucenter.Menu;
import com.lxzn.framework.domain.ucenter.ext.UserExt;
import com.lxzn.ucenter.service.IUserService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.List;

@Service
public class UserDetailsServiceImpl implements UserDetailsService {

    @Autowired
    private IUserService userService;

    @Autowired
    private ClientDetailsService clientDetailsService;

    @Value("${auth.clientId}")
    private String clientId;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        if (StringUtils.isEmpty(username)) {
            return null;
        }
        //取出身份，如果身份为空说明没有认证
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        //没有认证统一采用httpbasic认证，httpbasic中存储了client_id和client_secret，开始认证client_id和client_secret
        if(authentication==null || username.equals(clientId)){
            //return new User(username, BCryptUtil.encode(clientSecret),AuthorityUtils.commaSeparatedStringToAuthorityList(""));
            ClientDetails clientDetails = clientDetailsService.loadClientByClientId(username);
            if(clientDetails != null){
                //密码
                String clientSecret = clientDetails.getClientSecret();
                return new User(username,clientSecret,AuthorityUtils.commaSeparatedStringToAuthorityList(""));
            }
        }

        //远程调用用户中心根据账号查询用户信息
        UserExt userExt = userService.findUserExtByUsername(username);
        if(userExt == null) {
            return null;
        }
        //如果没有任何菜单权限则不允许登陆系统
        if(userExt.getPermissions() == null || userExt.getPermissions().isEmpty())
            return null;
        //userExt.setPermissions(new ArrayList<Menu>());//权限暂时用静态的

        //取出正确密码（hash值）
        String password = userExt.getPassword();
        //用户权限，这里暂时使用静态数据，最终会从数据库读取
        //从数据库获取权限 TODO jwt中的权限设计暂未确定
        List<Menu> permissions = userExt.getPermissions();
        List<String> userPermission = new ArrayList<>();
        List<String> userMenus = new ArrayList<>();
        //permissions.forEach(item-> userPermission.add(item.getPermCode()));
        permissions.forEach(item-> userMenus.add(item.getMenuUrl()));
        String user_permission_string  = StringUtils.join(userPermission.toArray(), ",");
        UserJwt userDetails = new UserJwt(username,
                password,
                AuthorityUtils.commaSeparatedStringToAuthorityList(user_permission_string));
        userDetails.setUserId(userExt.getUserId());
        userDetails.setUserType(userExt.getUserType());//用户类型
        userDetails.setUserPic(userExt.getUserPic());//用户头像
        userDetails.setNickname(userExt.getNickname());
        userDetails.setMenus(userMenus);
        return userDetails;
    }
}