package com.elitescloud.cloudt.authorization.core;

import com.elitescloud.cloudt.authorization.api.client.AuthenticationClaim;
import com.elitescloud.cloudt.authorization.api.client.config.support.AuthenticationCache;
import com.elitescloud.cloudt.authorization.api.client.config.support.AuthenticationContext;
import com.elitescloud.cloudt.authorization.api.client.token.AbstractCustomAuthenticationToken;
import com.elitescloud.cloudt.authorization.api.client.token.BearerTokenAuthenticationToken;
import com.elitescloud.cloudt.authorization.api.client.token.CommonAuthenticationToken;
import com.elitescloud.cloudt.context.SpringContextHolder;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.lang.NonNull;
import org.springframework.lang.Nullable;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/core/SecurityContextUtil.class */
public class SecurityContextUtil {
    private static final Logger log = LogManager.getLogger(SecurityContextUtil.class);
    private static final ContextBeanHolder CONTEXT_BEAN_HOLDER = new ContextBeanHolder();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/elitescloud/cloudt/authorization/core/SecurityContextUtil$ContextBeanHolder.class */
    public static class ContextBeanHolder {
        private final Map<Class<?>, ObjectProvider<Object>> sharedBeans = new HashMap();

        ContextBeanHolder() {
        }

        public JwtDecoder getJwtDecoder() {
            return (JwtDecoder) getSharedBean(JwtDecoder.class).getIfAvailable();
        }

        public AuthenticationCache getAuthenticationCache() {
            return (AuthenticationCache) getSharedBean(AuthenticationCache.class).getIfAvailable();
        }

        public Iterator<AuthenticationContext> getAuthenticationContext() {
            return getSharedBean(AuthenticationContext.class).iterator();
        }

        /* JADX WARN: Multi-variable type inference failed */
        private <T> ObjectProvider<T> getSharedBean(Class<T> cls) {
            return this.sharedBeans.computeIfAbsent(cls, cls2 -> {
                return SpringContextHolder.getObjectProvider(cls);
            });
        }
    }

    private SecurityContextUtil() {
    }

    @Nullable
    public static Long currentUserId() {
        Long l = (Long) currentUserClaims().get(AuthenticationClaim.USERID);
        return l != null ? l : (Long) currentAuthenticationProperty((v0) -> {
            return v0.getUserId();
        });
    }

    @Nullable
    public static String currentUserName() {
        String str = (String) currentUserClaims().get(AuthenticationClaim.USERNAME);
        return StringUtils.hasText(str) ? str : (String) currentAuthenticationProperty((v0) -> {
            return v0.getUsername();
        });
    }

    @Nullable
    public static Long currentTenantId() {
        Long l = (Long) currentUserClaims().get(AuthenticationClaim.TENANT_ID);
        return l != null ? l : (Long) currentAuthenticationProperty((v0) -> {
            return v0.getTenantId();
        });
    }

    @Nullable
    public static GeneralUserDetails currentUser() {
        return currentUser(false);
    }

    @NonNull
    public static GeneralUserDetails currentUserIfUnauthorizedThrow() {
        return (GeneralUserDetails) Objects.requireNonNull(currentUser(true));
    }

    @Nullable
    public static String currentToken() {
        Jwt currentAuthenticationJwt = currentAuthenticationJwt();
        if (currentAuthenticationJwt == null) {
            return null;
        }
        return currentAuthenticationJwt.getTokenValue();
    }

    public static void updateCurrentUser(@NonNull GeneralUserDetails generalUserDetails) {
        Assert.notNull(generalUserDetails, "用户信息为空");
        Jwt currentAuthenticationJwt = currentAuthenticationJwt();
        if (currentAuthenticationJwt == null) {
            SecurityUtil.throwUnauthorizedException();
            return;
        }
        generalUserDetails.setExtendInfo((Object) null);
        Duration duration = null;
        if (currentAuthenticationJwt.getExpiresAt() != null) {
            duration = Duration.between(LocalDateTime.now(), currentAuthenticationJwt.getExpiresAt());
        }
        CONTEXT_BEAN_HOLDER.getAuthenticationCache().setUserDetail(currentAuthenticationJwt.getTokenValue(), generalUserDetails, duration);
    }

    public static GeneralUserDetails convertToken(String str) {
        return CONTEXT_BEAN_HOLDER.getAuthenticationCache().getUserDetail(str);
    }

    private static GeneralUserDetails currentUser(boolean z) {
        CommonAuthenticationToken authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof CommonAuthenticationToken) {
            return authentication.getUserDetails();
        }
        if (authentication instanceof AbstractCustomAuthenticationToken) {
            return (GeneralUserDetails) authentication.getPrincipal();
        }
        GeneralUserDetails generalUserDetails = null;
        Jwt currentAuthenticationJwt = currentAuthenticationJwt(authentication);
        if (currentAuthenticationJwt != null) {
            generalUserDetails = convertToken(currentAuthenticationJwt.getTokenValue());
        }
        if (generalUserDetails != null) {
            SecurityContextHolder.getContext().setAuthentication(new CommonAuthenticationToken(authentication, generalUserDetails, authentication.getAuthorities()));
            return generalUserDetails;
        }
        log.debug("获取当前用户信息失败，token不存在或已过期");
        if (!z) {
            return null;
        }
        SecurityUtil.throwUnauthorizedException();
        return null;
    }

    private static Map<String, Object> currentUserClaims() {
        Jwt currentAuthenticationJwt = currentAuthenticationJwt();
        return currentAuthenticationJwt == null ? Collections.emptyMap() : currentAuthenticationJwt.getClaims();
    }

    private static Jwt currentAuthenticationJwt() {
        CommonAuthenticationToken authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication instanceof CommonAuthenticationToken ? currentAuthenticationJwt(authentication.getOriginal()) : currentAuthenticationJwt(authentication);
    }

    private static Jwt currentAuthenticationJwt(Authentication authentication) {
        if (authentication == null || (authentication instanceof AnonymousAuthenticationToken)) {
            return null;
        }
        if (authentication instanceof JwtAuthenticationToken) {
            return ((JwtAuthenticationToken) authentication).getToken();
        }
        if (authentication instanceof BearerTokenAuthenticationToken) {
            return CONTEXT_BEAN_HOLDER.getJwtDecoder().decode(((BearerTokenAuthenticationToken) authentication).getToken());
        }
        log.error("未知Authentication类型：{}", authentication.getClass().getName());
        return null;
    }

    private static <T> T currentAuthenticationProperty(Function<AuthenticationContext, T> function) {
        Iterator<AuthenticationContext> authenticationContext = CONTEXT_BEAN_HOLDER.getAuthenticationContext();
        while (authenticationContext.hasNext()) {
            T apply = function.apply(authenticationContext.next());
            if (apply != null) {
                return apply;
            }
        }
        return null;
    }
}
