package com.elitescloud.cloudt.authorization.api.provider.oauth2.service.impl;

import cn.hutool.core.text.CharSequenceUtil;
import com.elitescloud.cloudt.authorization.api.provider.oauth2.model.entity.OAuth2RegisteredClientDO;
import com.elitescloud.cloudt.authorization.api.provider.oauth2.service.repository.OAuth2RegisteredClientRepo;
import com.elitescloud.cloudt.authorization.api.provider.oauth2.service.repository.OAuth2RegisteredClientRepoProc;
import com.elitescloud.cloudt.core.annotation.TenantTransaction;
import com.elitescloud.cloudt.core.annotation.common.TenantIsolateType;
import com.elitescloud.cloudt.core.provider.IdGenerator;
import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
import java.time.Duration;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
import org.springframework.security.oauth2.server.authorization.settings.ConfigurationSettingNames;
import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat;
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import org.springframework.util.Assert;
import org.springframework.util.CollectionUtils;
import org.springframework.util.StringUtils;

@TenantTransaction(isolateType = TenantIsolateType.DEFAULT)
/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/provider/oauth2/service/impl/JpaRegisteredClientRepository.class */
public class JpaRegisteredClientRepository extends BaseCustomAuthorizationService implements RegisteredClientRepository {
    private static final Logger a = LogManager.getLogger(JpaRegisteredClientRepository.class);
    private final OAuth2RegisteredClientRepo b;
    private final OAuth2RegisteredClientRepoProc c;
    private final Cache<String, RegisteredClient> d = Caffeine.newBuilder().maximumSize(50).expireAfterWrite(Duration.ofHours(2)).build();
    private final Cache<String, RegisteredClient> e = Caffeine.newBuilder().maximumSize(50).expireAfterWrite(Duration.ofHours(2)).build();

    public JpaRegisteredClientRepository(OAuth2RegisteredClientRepo oAuth2RegisteredClientRepo, OAuth2RegisteredClientRepoProc oAuth2RegisteredClientRepoProc) {
        this.b = oAuth2RegisteredClientRepo;
        this.c = oAuth2RegisteredClientRepoProc;
    }

    public void save(RegisteredClient registeredClient) {
        if (registeredClient == null) {
            a.error("保存RegisteredClient为空");
            return;
        }
        Assert.hasText(registeredClient.getClientId(), "clientId为空");
        Assert.isTrue(!this.c.existsClientId(registeredClient.getClientId(), registeredClient.getId()), "clientId已存在");
        this.b.save(a(registeredClient));
        this.d.invalidate(registeredClient.getId());
        this.e.invalidate(registeredClient.getClientId());
    }

    public RegisteredClient findById(String str) {
        if (!StringUtils.hasText(str)) {
            a.error("ID为空");
            return null;
        }
        RegisteredClient registeredClient = (RegisteredClient) this.d.getIfPresent(str);
        if (registeredClient != null) {
            return registeredClient;
        }
        OAuth2RegisteredClientDO oAuth2RegisteredClientDO = (OAuth2RegisteredClientDO) this.b.findById(str).orElse(null);
        if (oAuth2RegisteredClientDO == null) {
            a.warn("RegisteredClient【{}】不存在", str);
            return null;
        }
        RegisteredClient a2 = a(oAuth2RegisteredClientDO);
        this.d.put(str, a2);
        return a2;
    }

    public RegisteredClient findByClientId(String str) {
        if (!StringUtils.hasText(str)) {
            a.error("clientId为空");
            return null;
        }
        RegisteredClient registeredClient = (RegisteredClient) this.e.getIfPresent(str);
        if (registeredClient != null) {
            return registeredClient;
        }
        OAuth2RegisteredClientDO byClientId = this.c.getByClientId(str);
        if (byClientId == null) {
            a.warn("RegisteredClient【{}】不存在", str);
            return null;
        }
        RegisteredClient a2 = a(byClientId);
        this.e.put(str, a2);
        return a2;
    }

    private OAuth2RegisteredClientDO a(RegisteredClient registeredClient) {
        OAuth2RegisteredClientDO oAuth2RegisteredClientDO = new OAuth2RegisteredClientDO();
        oAuth2RegisteredClientDO.setId(CharSequenceUtil.blankToDefault(registeredClient.getId(), IdGenerator.generateLong().toString()));
        oAuth2RegisteredClientDO.setClientId(registeredClient.getClientId());
        oAuth2RegisteredClientDO.setClientIdIssuedAt(toLocalDateTime(registeredClient.getClientIdIssuedAt()));
        oAuth2RegisteredClientDO.setClientSecret(registeredClient.getClientSecret());
        oAuth2RegisteredClientDO.setClientSecretExpiresAt(toLocalDateTime(registeredClient.getClientSecretExpiresAt()));
        oAuth2RegisteredClientDO.setClientName(registeredClient.getClientName());
        if (!CollectionUtils.isEmpty(registeredClient.getClientAuthenticationMethods())) {
            oAuth2RegisteredClientDO.setClientAuthenticationMethods((String) registeredClient.getClientAuthenticationMethods().stream().map((v0) -> {
                return v0.getValue();
            }).collect(Collectors.joining(",")));
        }
        if (!CollectionUtils.isEmpty(registeredClient.getAuthorizationGrantTypes())) {
            oAuth2RegisteredClientDO.setAuthorizationGrantTypes((String) registeredClient.getAuthorizationGrantTypes().stream().map((v0) -> {
                return v0.getValue();
            }).collect(Collectors.joining(",")));
        }
        oAuth2RegisteredClientDO.setRedirectUris(StringUtils.collectionToCommaDelimitedString(registeredClient.getRedirectUris()));
        oAuth2RegisteredClientDO.setScopes(StringUtils.collectionToCommaDelimitedString(registeredClient.getScopes()));
        oAuth2RegisteredClientDO.setClientSettings(toJsonString(registeredClient.getClientSettings().getSettings()));
        oAuth2RegisteredClientDO.setTokenSettings(toJsonString(registeredClient.getTokenSettings().getSettings()));
        return oAuth2RegisteredClientDO;
    }

    private RegisteredClient a(OAuth2RegisteredClientDO oAuth2RegisteredClientDO) {
        Set commaDelimitedListToSet = StringUtils.commaDelimitedListToSet(oAuth2RegisteredClientDO.getClientAuthenticationMethods());
        Set commaDelimitedListToSet2 = StringUtils.commaDelimitedListToSet(oAuth2RegisteredClientDO.getAuthorizationGrantTypes());
        Set commaDelimitedListToSet3 = StringUtils.commaDelimitedListToSet(oAuth2RegisteredClientDO.getRedirectUris());
        Set commaDelimitedListToSet4 = StringUtils.commaDelimitedListToSet(oAuth2RegisteredClientDO.getScopes());
        RegisteredClient.Builder scopes = RegisteredClient.withId(oAuth2RegisteredClientDO.getId()).clientId(oAuth2RegisteredClientDO.getClientId()).clientIdIssuedAt(toInstant(oAuth2RegisteredClientDO.getClientIdIssuedAt())).clientSecret(oAuth2RegisteredClientDO.getClientSecret()).clientSecretExpiresAt(toInstant(oAuth2RegisteredClientDO.getClientSecretExpiresAt())).clientName(oAuth2RegisteredClientDO.getClientName()).clientAuthenticationMethods(set -> {
            commaDelimitedListToSet.forEach(str -> {
                set.add(new ClientAuthenticationMethod(str));
            });
        }).authorizationGrantTypes(set2 -> {
            commaDelimitedListToSet2.forEach(str -> {
                set2.add(new AuthorizationGrantType(str));
            });
        }).redirectUris(set3 -> {
            set3.addAll(commaDelimitedListToSet3);
        }).scopes(set4 -> {
            set4.addAll(commaDelimitedListToSet4);
        });
        scopes.clientSettings(ClientSettings.withSettings((Map) toJsonObj(oAuth2RegisteredClientDO.getClientSettings(), new h(this))).build());
        Map map = (Map) toJsonObj(oAuth2RegisteredClientDO.getTokenSettings(), new i(this));
        TokenSettings.Builder withSettings = TokenSettings.withSettings(map);
        if (!map.containsKey(ConfigurationSettingNames.Token.ACCESS_TOKEN_FORMAT)) {
            withSettings.accessTokenFormat(OAuth2TokenFormat.SELF_CONTAINED);
        }
        scopes.tokenSettings(withSettings.build());
        return scopes.build();
    }
}
