package com.shiro;

/*import com.wyait.manage.dao.UserMapper;
import com.wyait.manage.pojo.Permission;
import com.wyait.manage.pojo.Role;
import com.wyait.manage.pojo.User;
import com.wyait.manage.service.AuthService;
import com.wyait.manage.service.UserServiceImpl;*/

import com.system.user.dao.SysUserDao;
import com.system.user.entity.SysUser;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.lang3.builder.ReflectionToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

import com.pojo.User;

/**
 * @项目名称：wyait-manage
 * @包名：com.wyait.manage.shiro
 * @类描述：
 * @创建人：wyait
 * @创建时间：2017-12-13 13:53
 * @version：V1.0
 */
@Service
public class ShiroRealm extends AuthorizingRealm {

	private static final Logger logger = LoggerFactory
			.getLogger(ShiroRealm.class);

	@Autowired
	private SysUserDao sysUserDao;

	/*@Autowired
	private UserMapper userMapper;
	@Autowired
	private AuthService authService;*/

	/**
	 * 授予角色和权限
	 * @param principalCollection
	 * @return
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(
			PrincipalCollection principalCollection) {
		//授权
		logger.debug("授予角色和权限");
		// 添加权限 和 角色信息
		SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
		// 获取当前登陆用户
		Subject subject = SecurityUtils.getSubject();
		SysUser user = (SysUser) subject.getPrincipal();
//		if (user.getUserMobile().equals("18516596566")) {
        if (user.getFcode().equals("PL032")) {
			// 超级管理员，添加所有角色、添加所有权限
			authorizationInfo.addRole("*");
			authorizationInfo.addStringPermission("*");
		} else {
			// 普通用户，查询用户的角色，根据角色查询权限
//			Long userId = user.getId();
			/*List<Role> roles = this.authService.getRoleByUser(userId);
			if (null != roles && roles.size() > 0) {
				for (Role role : roles) {
					authorizationInfo.addRole(role.getCode());
					// 角色对应的权限数据
					List<Permission> perms = this.authService.findPermsByRoleId(role
							.getId());
					if (null != perms && perms.size() > 0) {
						// 授权角色下所有权限
						for (Permission perm : perms) {
							authorizationInfo.addStringPermission(perm
									.getCode());
						}
					}
				}
			}*/
		}
		return authorizationInfo;
	}

	/**
	 * 登录认证
	 * @param authenticationToken
	 * @return
	 * @throws AuthenticationException
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken authenticationToken)
			throws AuthenticationException {
		//TODO
		//UsernamePasswordToken用于存放提交的登录信息
		UsernamePasswordToken token = (UsernamePasswordToken)authenticationToken;
		logger.info("用户登录认证：验证当前Subject时获取到token为：" + ReflectionToStringBuilder
				.toString(token, ToStringStyle.MULTI_LINE_STYLE));
//		String mobile = token.getUsername();
        String userName = token.getUsername();
		// 调用数据层
		//User user = userMapper.findUserByMobile(mobile);
        //SysUser user = new SysUser();
        SysUser user = sysUserDao.findByFcode(userName);
        SysUser userMD5 = new SysUser();
        try{
            userMD5.setFid("1");
            userMD5.setFcode(user.getFcode());
            userMD5.setFname(user.getFname());
            userMD5.setFpassword(DigestUtils.md5Hex(proPass(user.getFpassword())));
        }catch (Exception e){
            userMD5.setFpassword(DigestUtils.md5Hex("a"));
        }
//        SysUser user = sysUserDao.findByIsDelAndUserCode(0,userName);

		logger.debug("用户登录认证！用户信息user：" + user);
		if (user == null) {
			// 用户不存在
			return null;
		} else {
			// 密码存在
			// 第一个参数 ，登陆后，需要在session保存数据
			// 第二个参数，查询到密码(加密规则要和自定义的HashedCredentialsMatcher中的HashAlgorithmName散列算法一致)
			// 第三个参数 ，realm名字
//			return new SimpleAuthenticationInfo(user, DigestUtils.md5Hex(user.getUserPassword()),
//					getName());
            return new SimpleAuthenticationInfo(userMD5, DigestUtils.md5Hex(userMD5.getFpassword()),
                    getName());
		}
	}

	/**
	 * 清除所有缓存【实测无效】
	 */
	public void clearCachedAuth(){
		this.clearCachedAuthorizationInfo(SecurityUtils.getSubject().getPrincipals());
	}

    //解密算法
    private String proPass(String src) throws Exception {
        String result = "";
        int first = new Integer(src.substring(0, 1)).intValue();
        String src_tem = src.substring(1);
        byte[] b = src_tem.getBytes("iso8859-1");
        byte[] temp = b;
        int i = 0;
        for (; i < b.length; i++) {
            temp[i] = new Integer(new Integer(temp[i]).intValue() ^ (first + 18))
                    .byteValue();
        }
        result = new String(temp);
        return result;
    }
}