package com.elitescloud.cloudt.authorization.api.provider.config.servlet.oauth2.handler;

import com.elitescloud.cloudt.authorization.sdk.model.OAuthToken;
import java.io.IOException;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.endpoint.OAuth2AccessTokenResponse;
import org.springframework.security.oauth2.server.authorization.authentication.OAuth2AccessTokenAuthenticationToken;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/provider/config/servlet/oauth2/handler/OAuth2AccessTokenResponseHandler.class */
public class OAuth2AccessTokenResponseHandler extends AbstractOAuth2ServerHandler implements AuthenticationSuccessHandler {
    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
        OAuth2AccessTokenAuthenticationToken oAuth2AccessTokenAuthenticationToken = (OAuth2AccessTokenAuthenticationToken) authentication;
        OAuth2AccessToken accessToken = oAuth2AccessTokenAuthenticationToken.getAccessToken();
        OAuth2RefreshToken refreshToken = oAuth2AccessTokenAuthenticationToken.getRefreshToken();
        Map additionalParameters = oAuth2AccessTokenAuthenticationToken.getAdditionalParameters();
        OAuth2AccessTokenResponse.Builder scopes = OAuth2AccessTokenResponse.withToken(accessToken.getTokenValue()).tokenType(accessToken.getTokenType()).scopes(accessToken.getScopes());
        if (accessToken.getIssuedAt() != null && accessToken.getExpiresAt() != null) {
            scopes.expiresIn(ChronoUnit.SECONDS.between(accessToken.getIssuedAt(), accessToken.getExpiresAt()));
        }
        if (refreshToken != null) {
            scopes.refreshToken(refreshToken.getTokenValue());
        }
        if (!CollectionUtils.isEmpty(additionalParameters)) {
            scopes.additionalParameters(additionalParameters);
        }
        writeResponse(httpServletResponse, convertOAuth2AccessToken(scopes.build()));
    }

    private static OAuthToken convertOAuth2AccessToken(OAuth2AccessTokenResponse oAuth2AccessTokenResponse) {
        OAuthToken oAuthToken = new OAuthToken();
        oAuthToken.setAccessToken(oAuth2AccessTokenResponse.getAccessToken().getTokenValue());
        oAuthToken.setTokenType(oAuth2AccessTokenResponse.getAccessToken().getTokenType().getValue());
        oAuthToken.setExpiresIn(Long.valueOf(getExpiresIn(oAuth2AccessTokenResponse)));
        oAuthToken.setScope((Set) Objects.requireNonNullElse(oAuth2AccessTokenResponse.getAccessToken().getScopes(), Collections.emptySet()));
        OAuth2RefreshToken refreshToken = oAuth2AccessTokenResponse.getRefreshToken();
        if (refreshToken != null) {
            oAuthToken.setRefreshToken(refreshToken.getTokenValue());
        }
        String str = (String) oAuth2AccessTokenResponse.getAdditionalParameters().get("id_token");
        if (StringUtils.hasText(str)) {
            oAuthToken.setIdToken(str);
        }
        return oAuthToken;
    }

    private static long getExpiresIn(OAuth2AccessTokenResponse oAuth2AccessTokenResponse) {
        if (oAuth2AccessTokenResponse.getAccessToken().getExpiresAt() != null) {
            return ChronoUnit.SECONDS.between(Instant.now(), oAuth2AccessTokenResponse.getAccessToken().getExpiresAt());
        }
        return -1L;
    }
}
