package com.elitescloud.cloudt.authorization.api.client.client.service;

import cn.hutool.core.lang.Assert;
import cn.hutool.core.text.CharSequenceUtil;
import com.elitescloud.cloudt.authorization.api.client.client.common.OAuthClientConstant;
import com.elitescloud.cloudt.authorization.api.client.client.config.OAuthClientProperties;
import com.elitescloud.cloudt.authorization.api.client.common.SecurityConstants;
import com.elitescloud.cloudt.authorization.api.client.model.OAuthToken;
import com.elitescloud.cloudt.authorization.core.AuthorizationUtil;
import com.elitescloud.cloudt.common.base.ApiResult;
import com.elitescloud.cloudt.common.constant.Terminal;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.time.Duration;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.CompletableFuture;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.http.codec.json.Jackson2JsonDecoder;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MimeType;
import org.springframework.web.reactive.function.client.WebClient;
import reactor.core.publisher.Mono;
import reactor.netty.http.client.HttpClient;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/client/client/service/AuthServerRequestHolder.class */
public class AuthServerRequestHolder {
    private static final Logger log = LogManager.getLogger(AuthServerRequestHolder.class);
    private final OAuthClientProperties oauthClientProperties;
    private final ObjectMapper objectMapper;
    private static final String AUTH_SERVER_METADATA_URI = "/.well-known/oauth-authorization-server";
    private Map<String, Object> authServerMetadata = Collections.emptyMap();
    private WebClient webClient;

    public AuthServerRequestHolder(OAuthClientProperties oAuthClientProperties, String str, ObjectMapper objectMapper) {
        this.oauthClientProperties = oAuthClientProperties;
        this.objectMapper = objectMapper;
        init(str);
    }

    public Mono<ApiResult<OAuthToken>> getAccessToken(String str, Terminal terminal) {
        Mono<String> tokenUriOfMetadata = getTokenUriOfMetadata();
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add(OAuthClientConstant.SSO_PARAM_GRANT_TYPE, OAuthClientConstant.SSO_GRANT_TYPE);
        linkedMultiValueMap.add(OAuthClientConstant.SSO_PARAM_USERNAME, str);
        linkedMultiValueMap.add(OAuthClientConstant.SSO_PARAM_SCOPE, OAuthClientConstant.SCOPE_DEFAULT);
        linkedMultiValueMap.add(OAuthClientConstant.SSO_PARAM_TERMINAL, terminal.name());
        String str2 = (String) tokenUriOfMetadata.block();
        if (CharSequenceUtil.isBlank(str2)) {
            return Mono.just(ApiResult.fail("授权服务异常，获取授权接口路径失败！"));
        }
        try {
            return this.webClient.post().uri(str2, new Object[0]).header(SecurityConstants.HEADER_TOKEN, new String[]{AuthorizationUtil.encodeBasicAuth(OAuthClientConstant.CLIENT_ID, OAuthClientConstant.CLIENT_SECRET_DEFAULT)}).bodyValue(linkedMultiValueMap).retrieve().bodyToMono(new ParameterizedTypeReference<ApiResult<OAuthToken>>() { // from class: com.elitescloud.cloudt.authorization.api.client.client.service.AuthServerRequestHolder.1
            }).doOnError(th -> {
                log.error("调用授权服务器生成token异常：", th);
            }).onErrorResume(Throwable.class, th2 -> {
                return Mono.just(ApiResult.fail("认证授权失败"));
            });
        } catch (IOException e) {
            return Mono.just(ApiResult.fail("授权服务异常"));
        }
    }

    private void init(String str) {
        log.info("初始化OAuth服务认证客户端，服务器端地址：{}", Assert.notBlank(str, "未知OAuth服务端地址", new Object[0]));
        createWebClient(str);
        CompletableFuture.runAsync(() -> {
            queryAuthServerMetadata().block();
        });
    }

    private void createWebClient(String str) {
        this.webClient = WebClient.builder().clientConnector(new ReactorClientHttpConnector(HttpClient.create().baseUrl(str).responseTimeout((Duration) Objects.requireNonNullElse(this.oauthClientProperties.getReadTimeout(), Duration.ofSeconds(30L))))).codecs(clientCodecConfigurer -> {
            clientCodecConfigurer.defaultCodecs().jackson2JsonDecoder(new Jackson2JsonDecoder(this.objectMapper, new MimeType[0]));
        }).build();
    }

    private Mono<Map<String, Object>> queryAuthServerMetadata() {
        return this.webClient.get().uri(AUTH_SERVER_METADATA_URI, new Object[0]).retrieve().bodyToMono(new ParameterizedTypeReference<Map<String, Object>>() { // from class: com.elitescloud.cloudt.authorization.api.client.client.service.AuthServerRequestHolder.2
        }).doOnError(th -> {
            log.error("查询OAuth服务元数据失败：", th);
        }).doOnNext(map -> {
            this.authServerMetadata = map;
        });
    }

    private Mono<String> getTokenUriOfMetadata() {
        String str = "token_endpoint";
        if (this.authServerMetadata.isEmpty()) {
            return queryAuthServerMetadata().filter(map -> {
                return !map.isEmpty() && map.containsKey(str);
            }).map(map2 -> {
                return (String) map2.get(str);
            });
        }
        String str2 = (String) this.authServerMetadata.get("token_endpoint");
        return str2 == null ? Mono.empty() : Mono.just(str2);
    }
}
