package com.elitescloud.cloudt.authorization.api.provider.service.impl;

import cn.hutool.core.text.CharSequenceUtil;
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.ObjectUtil;
import com.elitescloud.cloudt.authorization.api.provider.model.entity.OAuth2AuthorizationDO;
import com.elitescloud.cloudt.authorization.api.provider.service.repository.OAuth2AuthenticationRepo;
import com.elitescloud.cloudt.authorization.api.provider.service.repository.OAuth2AuthenticationRepoProc;
import com.elitescloud.cloudt.core.annotation.TenantTransaction;
import com.elitescloud.cloudt.core.annotation.common.TenantIsolateType;
import com.fasterxml.jackson.core.type.TypeReference;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2AuthorizationCode;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.OAuth2TokenType;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

@TenantTransaction(isolateType = TenantIsolateType.DEFAULT)
/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/provider/service/impl/JpaOAuth2AuthorizationService.class */
public class JpaOAuth2AuthorizationService extends BaseCustomAuthorizationService implements OAuth2AuthorizationService {
    private static final Logger log = LogManager.getLogger(JpaOAuth2AuthorizationService.class);
    private final RegisteredClientRepository registeredClientRepository;
    private final OAuth2AuthenticationRepo oAuth2AuthenticationRepo;
    private final OAuth2AuthenticationRepoProc oAuth2AuthenticationRepoProc;

    public JpaOAuth2AuthorizationService(RegisteredClientRepository registeredClientRepository, OAuth2AuthenticationRepo oAuth2AuthenticationRepo, OAuth2AuthenticationRepoProc oAuth2AuthenticationRepoProc) {
        this.registeredClientRepository = registeredClientRepository;
        this.oAuth2AuthenticationRepo = oAuth2AuthenticationRepo;
        this.oAuth2AuthenticationRepoProc = oAuth2AuthenticationRepoProc;
    }

    public void save(OAuth2Authorization oAuth2Authorization) {
        if (oAuth2Authorization == null) {
            log.error("authorization为空");
        } else {
            this.oAuth2AuthenticationRepo.save(toDo(oAuth2Authorization));
        }
    }

    public void remove(OAuth2Authorization oAuth2Authorization) {
        if (oAuth2Authorization == null || !StringUtils.hasText(oAuth2Authorization.getId())) {
            log.error("删除authorization失败");
        } else {
            this.oAuth2AuthenticationRepoProc.delete(oAuth2Authorization.getId());
        }
    }

    public OAuth2Authorization findById(String str) {
        if (StringUtils.hasText(str)) {
            return toBo((OAuth2AuthorizationDO) this.oAuth2AuthenticationRepo.findById(str).orElse(null));
        }
        log.error("查询authorization失败，ID为空");
        return null;
    }

    public OAuth2Authorization findByToken(String str, OAuth2TokenType oAuth2TokenType) {
        Assert.hasText(str, "token为空");
        return toBo(this.oAuth2AuthenticationRepoProc.getByToken(str, oAuth2TokenType));
    }

    private OAuth2AuthorizationDO toDo(OAuth2Authorization oAuth2Authorization) {
        OAuth2AuthorizationDO oAuth2AuthorizationDO = new OAuth2AuthorizationDO();
        oAuth2AuthorizationDO.setId(CharSequenceUtil.blankToDefault(oAuth2Authorization.getId(), IdUtil.fastSimpleUUID()));
        oAuth2AuthorizationDO.setRegisteredClientId(oAuth2Authorization.getRegisteredClientId());
        oAuth2AuthorizationDO.setPrincipalName(oAuth2Authorization.getPrincipalName());
        if (oAuth2Authorization.getAuthorizationGrantType() != null) {
            oAuth2AuthorizationDO.setAuthorizationGrantType(oAuth2Authorization.getAuthorizationGrantType().getValue());
        }
        oAuth2AuthorizationDO.setAttributes(toJsonString(oAuth2Authorization.getAttributes()));
        oAuth2AuthorizationDO.setState((String) oAuth2Authorization.getAttribute("state"));
        OAuth2Authorization.Token token = oAuth2Authorization.getToken(OAuth2AuthorizationCode.class);
        if (token != null) {
            OAuth2AuthorizationCode token2 = token.getToken();
            if (token2 != null) {
                oAuth2AuthorizationDO.setAuthorizationCodeValue(token2.getTokenValue());
                oAuth2AuthorizationDO.setAuthorizationCodeIssuedAt(toLocalDateTime(token2.getIssuedAt()));
                oAuth2AuthorizationDO.setAuthorizationCodeExpiresAt(toLocalDateTime(token2.getExpiresAt()));
            }
            oAuth2AuthorizationDO.setAuthorizationCodeMetadata(toJsonString(token.getMetadata()));
        }
        OAuth2Authorization.Token token3 = oAuth2Authorization.getToken(OAuth2AccessToken.class);
        if (token3 != null) {
            OAuth2AccessToken token4 = token3.getToken();
            if (token4 != null) {
                oAuth2AuthorizationDO.setAccessTokenValue(token4.getTokenValue());
                oAuth2AuthorizationDO.setAccessTokenIssuedAt(toLocalDateTime(token4.getIssuedAt()));
                oAuth2AuthorizationDO.setAccessTokenExpiresAt(toLocalDateTime(token4.getExpiresAt()));
                if (token4.getTokenType() != null) {
                    oAuth2AuthorizationDO.setAccessTokenType(token4.getTokenType().getValue());
                }
                oAuth2AuthorizationDO.setAccessTokenScopes(toJsonString(token4.getScopes()));
            }
            oAuth2AuthorizationDO.setAccessTokenMetadata(toJsonString(token3.getMetadata()));
        }
        OAuth2Authorization.Token token5 = oAuth2Authorization.getToken(OidcIdToken.class);
        if (token5 != null) {
            OidcIdToken token6 = token5.getToken();
            if (token6 != null) {
                oAuth2AuthorizationDO.setOidcIdTokenValue(token6.getTokenValue());
                oAuth2AuthorizationDO.setOidcIdTokenIssuedAt(toLocalDateTime(token6.getIssuedAt()));
                oAuth2AuthorizationDO.setOidcIdTokenExpiresAt(toLocalDateTime(token6.getExpiresAt()));
            }
            oAuth2AuthorizationDO.setOidcIdTokenMetadata(toJsonString(token5.getMetadata()));
        }
        OAuth2Authorization.Token refreshToken = oAuth2Authorization.getRefreshToken();
        if (refreshToken != null) {
            OAuth2RefreshToken token7 = refreshToken.getToken();
            if (token7 != null) {
                oAuth2AuthorizationDO.setRefreshTokenValue(token7.getTokenValue());
                oAuth2AuthorizationDO.setRefreshTokenIssuedAt(toLocalDateTime(token7.getIssuedAt()));
                oAuth2AuthorizationDO.setRefreshTokenExpiresAt(toLocalDateTime(token7.getExpiresAt()));
            }
            oAuth2AuthorizationDO.setRefreshTokenMetadata(toJsonString(refreshToken.getMetadata()));
        }
        return oAuth2AuthorizationDO;
    }

    public OAuth2Authorization toBo(OAuth2AuthorizationDO oAuth2AuthorizationDO) {
        if (oAuth2AuthorizationDO == null) {
            return null;
        }
        String registeredClientId = oAuth2AuthorizationDO.getRegisteredClientId();
        Assert.hasText(registeredClientId, "未知token的clientId");
        RegisteredClient findById = this.registeredClientRepository.findById(registeredClientId);
        Assert.notNull(findById, "客户端不存在");
        OAuth2Authorization.Builder withRegisteredClient = OAuth2Authorization.withRegisteredClient(findById);
        withRegisteredClient.id(oAuth2AuthorizationDO.getId());
        withRegisteredClient.principalName(oAuth2AuthorizationDO.getPrincipalName());
        if (StringUtils.hasText(oAuth2AuthorizationDO.getAuthorizationGrantType())) {
            withRegisteredClient.authorizationGrantType(new AuthorizationGrantType(oAuth2AuthorizationDO.getAuthorizationGrantType()));
        }
        Map map = (Map) toJsonObj(oAuth2AuthorizationDO.getAttributes(), new TypeReference<Map<String, Object>>() { // from class: com.elitescloud.cloudt.authorization.api.provider.service.impl.JpaOAuth2AuthorizationService.1
        });
        if (!CollectionUtils.isEmpty(map)) {
            withRegisteredClient.attributes(map2 -> {
                map2.putAll(map);
            });
            if (StringUtils.hasText(oAuth2AuthorizationDO.getState())) {
                withRegisteredClient.attribute("state", oAuth2AuthorizationDO.getState());
            }
        }
        if (ArrayUtil.isNotEmpty(oAuth2AuthorizationDO.getAuthorizationCodeValue())) {
            String authorizationCodeValue = oAuth2AuthorizationDO.getAuthorizationCodeValue();
            Map map3 = (Map) toJsonObj(oAuth2AuthorizationDO.getAuthorizationCodeMetadata(), new TypeReference<Map<String, Object>>() { // from class: com.elitescloud.cloudt.authorization.api.provider.service.impl.JpaOAuth2AuthorizationService.2
            });
            withRegisteredClient.token(new OAuth2AuthorizationCode(authorizationCodeValue, toInstant(oAuth2AuthorizationDO.getAuthorizationCodeIssuedAt()), toInstant(oAuth2AuthorizationDO.getAuthorizationCodeExpiresAt())), map4 -> {
                map4.putAll((Map) ObjectUtil.defaultIfNull(map3, Collections.emptyMap()));
            });
        }
        if (ArrayUtil.isNotEmpty(oAuth2AuthorizationDO.getAccessTokenValue())) {
            String accessTokenValue = oAuth2AuthorizationDO.getAccessTokenValue();
            Map map5 = (Map) toJsonObj(oAuth2AuthorizationDO.getAccessTokenMetadata(), new TypeReference<Map<String, Object>>() { // from class: com.elitescloud.cloudt.authorization.api.provider.service.impl.JpaOAuth2AuthorizationService.3
            });
            OAuth2AccessToken.TokenType tokenType = null;
            if (OAuth2AccessToken.TokenType.BEARER.getValue().equalsIgnoreCase(oAuth2AuthorizationDO.getAccessTokenType())) {
                tokenType = OAuth2AccessToken.TokenType.BEARER;
            }
            withRegisteredClient.token(new OAuth2AccessToken(tokenType, accessTokenValue, toInstant(oAuth2AuthorizationDO.getAccessTokenIssuedAt()), toInstant(oAuth2AuthorizationDO.getAccessTokenExpiresAt()), (Set) toJsonObj(oAuth2AuthorizationDO.getAccessTokenScopes(), new TypeReference<Set<String>>() { // from class: com.elitescloud.cloudt.authorization.api.provider.service.impl.JpaOAuth2AuthorizationService.4
            })), map6 -> {
                map6.putAll((Map) ObjectUtil.defaultIfNull(map5, Collections.emptyMap()));
            });
        }
        if (ArrayUtil.isNotEmpty(oAuth2AuthorizationDO.getOidcIdTokenValue())) {
            String oidcIdTokenValue = oAuth2AuthorizationDO.getOidcIdTokenValue();
            Map map7 = (Map) toJsonObj(oAuth2AuthorizationDO.getOidcIdTokenMetadata(), new TypeReference<Map<String, Object>>() { // from class: com.elitescloud.cloudt.authorization.api.provider.service.impl.JpaOAuth2AuthorizationService.5
            });
            withRegisteredClient.token(new OidcIdToken(oidcIdTokenValue, toInstant(oAuth2AuthorizationDO.getOidcIdTokenIssuedAt()), toInstant(oAuth2AuthorizationDO.getOidcIdTokenExpiresAt()), map7 == null ? null : (Map) map7.get(OAuth2Authorization.Token.CLAIMS_METADATA_NAME)), map8 -> {
                map8.putAll((Map) ObjectUtil.defaultIfNull(map7, Collections.emptyMap()));
            });
        }
        if (ArrayUtil.isNotEmpty(oAuth2AuthorizationDO.getRefreshTokenValue())) {
            String refreshTokenValue = oAuth2AuthorizationDO.getRefreshTokenValue();
            Map map9 = (Map) toJsonObj(oAuth2AuthorizationDO.getRefreshTokenMetadata(), new TypeReference<Map<String, Object>>() { // from class: com.elitescloud.cloudt.authorization.api.provider.service.impl.JpaOAuth2AuthorizationService.6
            });
            withRegisteredClient.token(new OAuth2RefreshToken(refreshTokenValue, toInstant(oAuth2AuthorizationDO.getRefreshTokenIssuedAt()), toInstant(oAuth2AuthorizationDO.getRefreshTokenExpiresAt())), map10 -> {
                map10.putAll((Map) ObjectUtil.defaultIfNull(map9, Collections.emptyMap()));
            });
        }
        return withRegisteredClient.build();
    }
}
