package com.elitescloud.cloudt.authorization.core;

import com.elitescloud.cloudt.authorization.api.client.AuthenticationClaim;
import com.elitescloud.cloudt.authorization.api.client.config.support.AuthenticationCache;
import com.elitescloud.cloudt.authorization.api.client.config.support.AuthenticationContext;
import com.elitescloud.cloudt.authorization.api.client.principal.AuthorizedClient;
import com.elitescloud.cloudt.authorization.api.client.token.BearerTokenAuthenticationToken;
import com.elitescloud.cloudt.authorization.api.client.token.CommonAuthenticationToken;
import com.elitescloud.cloudt.context.SpringContextHolder;
import com.elitescloud.cloudt.security.entity.GeneralUserDetails;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import java.util.function.Function;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.ObjectProvider;
import org.springframework.lang.NonNull;
import org.springframework.lang.Nullable;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/core/SecurityContextUtil.class */
public class SecurityContextUtil {
    private static final Logger a = LogManager.getLogger(SecurityContextUtil.class);
    private static final a b = new a();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/elitescloud/cloudt/authorization/core/SecurityContextUtil$a.class */
    public static class a {
        private final Map<Class<?>, ObjectProvider<Object>> a = new HashMap();

        a() {
        }

        public JwtDecoder a() {
            return (JwtDecoder) a(JwtDecoder.class).getIfAvailable();
        }

        public AuthenticationCache b() {
            return (AuthenticationCache) a(AuthenticationCache.class).getIfAvailable();
        }

        public Iterator<AuthenticationContext> c() {
            return a(AuthenticationContext.class).iterator();
        }

        /* JADX WARN: Multi-variable type inference failed */
        private <T> ObjectProvider<T> a(Class<T> cls) {
            return this.a.computeIfAbsent(cls, cls2 -> {
                return SpringContextHolder.getObjectProvider(cls);
            });
        }
    }

    private SecurityContextUtil() {
    }

    @Nullable
    public static Long currentUserId() {
        Long l = (Long) a().get(AuthenticationClaim.KEY_USERID);
        return l != null ? l : (Long) a((v0) -> {
            return v0.getUserId();
        });
    }

    @Nullable
    public static String currentUserName() {
        String str = (String) a().get(AuthenticationClaim.KEY_USERNAME);
        return StringUtils.hasText(str) ? str : (String) a((v0) -> {
            return v0.getUsername();
        });
    }

    @Nullable
    public static Long currentTenantId() {
        Long l = (Long) a().get(AuthenticationClaim.KEY_TENANT_ID);
        return l != null ? l : (Long) a((v0) -> {
            return v0.getTenantId();
        });
    }

    @Nullable
    public static GeneralUserDetails currentUser() {
        return a(false);
    }

    @NonNull
    public static GeneralUserDetails currentUserIfUnauthorizedThrow() {
        return (GeneralUserDetails) Objects.requireNonNull(a(true));
    }

    @Nullable
    public static String currentToken() {
        Jwt b2 = b();
        if (b2 == null) {
            return null;
        }
        return b2.getTokenValue();
    }

    public static void updateCurrentUser(@NonNull GeneralUserDetails generalUserDetails) {
        Assert.notNull(generalUserDetails, "用户信息为空");
        Jwt b2 = b();
        if (b2 == null) {
            SecurityUtil.throwUnauthorizedException();
            return;
        }
        generalUserDetails.setExtendInfo((Object) null);
        Duration duration = null;
        if (b2.getExpiresAt() != null) {
            duration = Duration.between(LocalDateTime.now(), b2.getExpiresAt());
        }
        b.b().setUserDetail(b2.getTokenValue(), generalUserDetails, duration);
    }

    public static GeneralUserDetails convertToken(String str) {
        return b.b().getUserDetail(str);
    }

    public static AuthorizedClient currentAuthorizedClient() {
        return b(false);
    }

    public static AuthorizedClient currentAuthorizedClientIfUnauthorizedThrow() {
        return b(true);
    }

    private static GeneralUserDetails a(boolean z) {
        CommonAuthenticationToken authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof CommonAuthenticationToken) {
            GeneralUserDetails userDetails = authentication.getUserDetails();
            if (z && userDetails == null) {
                SecurityUtil.throwUnauthorizedException();
            }
            return userDetails;
        }
        if ((authentication instanceof BearerTokenAuthenticationToken) && (authentication.getPrincipal() instanceof GeneralUserDetails)) {
            GeneralUserDetails generalUserDetails = (GeneralUserDetails) authentication.getPrincipal();
            if (z && generalUserDetails == null) {
                SecurityUtil.throwUnauthorizedException();
            }
        }
        GeneralUserDetails generalUserDetails2 = null;
        AuthorizedClient authorizedClient = null;
        Jwt a2 = a((Authentication) authentication);
        if (a2 != null) {
            generalUserDetails2 = convertToken(a2.getTokenValue());
            authorizedClient = AuthorizedClient.buildByJwt(a2);
        }
        if (generalUserDetails2 != null) {
            CommonAuthenticationToken commonAuthenticationToken = new CommonAuthenticationToken(authentication, generalUserDetails2, authentication.getAuthorities());
            commonAuthenticationToken.setAuthorizedClient(authorizedClient);
            SecurityContextHolder.getContext().setAuthentication(commonAuthenticationToken);
            return generalUserDetails2;
        }
        a.debug("获取当前用户信息失败，token不存在或已过期");
        if (!z) {
            return null;
        }
        SecurityUtil.throwUnauthorizedException();
        return null;
    }

    private static AuthorizedClient b(boolean z) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof CommonAuthenticationToken) {
            AuthorizedClient authorizedClient = ((CommonAuthenticationToken) authentication).getAuthorizedClient();
            if (z && authorizedClient == null) {
                SecurityUtil.throwUnauthorizedException();
            }
            return authorizedClient;
        }
        if (authentication instanceof BearerTokenAuthenticationToken) {
            AuthorizedClient authorizedClient2 = ((BearerTokenAuthenticationToken) authentication).getAuthorizedClient();
            if (z && authorizedClient2 == null) {
                SecurityUtil.throwUnauthorizedException();
            }
            return authorizedClient2;
        }
        GeneralUserDetails generalUserDetails = null;
        AuthorizedClient authorizedClient3 = null;
        Jwt a2 = a(authentication);
        if (a2 != null) {
            generalUserDetails = convertToken(a2.getTokenValue());
            authorizedClient3 = AuthorizedClient.buildByJwt(a2);
        }
        CommonAuthenticationToken commonAuthenticationToken = new CommonAuthenticationToken(authentication, generalUserDetails, authentication.getAuthorities());
        commonAuthenticationToken.setAuthorizedClient(authorizedClient3);
        SecurityContextHolder.getContext().setAuthentication(commonAuthenticationToken);
        if (z && authorizedClient3 == null) {
            SecurityUtil.throwUnauthorizedException();
        }
        return authorizedClient3;
    }

    private static Map<String, Object> a() {
        Jwt b2 = b();
        return b2 == null ? Collections.emptyMap() : b2.getClaims();
    }

    private static Jwt b() {
        CommonAuthenticationToken authentication = SecurityContextHolder.getContext().getAuthentication();
        return authentication instanceof CommonAuthenticationToken ? a(authentication.getOriginal()) : a((Authentication) authentication);
    }

    private static Jwt a(Authentication authentication) {
        if (authentication == null || (authentication instanceof AnonymousAuthenticationToken)) {
            return null;
        }
        if (authentication instanceof JwtAuthenticationToken) {
            return ((JwtAuthenticationToken) authentication).getToken();
        }
        if (authentication instanceof BearerTokenAuthenticationToken) {
            return b.a().decode(((BearerTokenAuthenticationToken) authentication).getToken());
        }
        a.debug("暂不支持的Authentication类型：{}", authentication.getClass().getName());
        return null;
    }

    private static <T> T a(Function<AuthenticationContext, T> function) {
        Iterator<AuthenticationContext> c = b.c();
        while (c.hasNext()) {
            T apply = function.apply(c.next());
            if (apply != null) {
                return apply;
            }
        }
        return null;
    }
}
