package com.elitesland.cbpl.infinity.web.security.service.weaver.e9.service;

import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.asymmetric.RSA;
import com.elitesland.cbpl.infinity.server.security.service.InfinitySecurityService;
import com.elitesland.cbpl.infinity.server.security.vo.param.InfinitySecuritySaveParamVO;
import com.elitesland.cbpl.infinity.server.security.vo.resp.InfinitySecurityDetailVO;
import com.elitesland.cbpl.infinity.web.security.service.weaver.convert.WeaverAccountConvert;
import com.elitesland.cbpl.infinity.web.security.service.weaver.domain.WeaverAccountVO;
import com.elitesland.cbpl.infinity.web.security.service.weaver.domain.WeaverRegisterVO;
import com.elitesland.cbpl.infinity.web.security.service.weaver.domain.WeaverTokenVO;
import com.elitesland.cbpl.infinity.web.security.service.weaver.e9.util.WeaverE9Key;
import com.elitesland.cbpl.infinity.web.security.service.weaver.e9.util.WeaverE9Util;
import com.elitesland.cbpl.logging.syslog.util.LogUtil;
import com.elitesland.cbpl.tool.core.bean.BeanUtils;
import com.elitesland.cbpl.tool.redis.util.RedisUtil;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.springframework.web.reactive.function.client.WebClient;

@Service
/* loaded from: input_file:com/elitesland/cbpl/infinity/web/security/service/weaver/e9/service/WeaverE9ServiceImpl.class */
public class WeaverE9ServiceImpl implements WeaverE9Service {
    private static final Logger logger = LoggerFactory.getLogger(WeaverE9ServiceImpl.class);
    private final WebClient webClient;
    private final RedisUtil redisUtil;
    private final InfinitySecurityService securityService;

    @Override // com.elitesland.cbpl.infinity.web.security.service.weaver.e9.service.WeaverE9Service
    public void register(WeaverAccountVO weaverAccountVO) {
        InfinitySecuritySaveParamVO voToSaveParam = WeaverAccountConvert.INSTANCE.voToSaveParam(weaverAccountVO);
        InfinitySecurityDetailVO securityQueryOne = this.securityService.securityQueryOne(voToSaveParam);
        if (ObjectUtil.isNull(securityQueryOne)) {
            createRSA(voToSaveParam, weaverAccountVO);
            return;
        }
        String localPublicKey = securityQueryOne.getLocalPublicKey();
        String localPrivateKey = securityQueryOne.getLocalPrivateKey();
        String serverPublicKey = securityQueryOne.getServerPublicKey();
        String serverSecret = securityQueryOne.getServerSecret();
        if (StrUtil.isBlank(localPublicKey) || StrUtil.isBlank(localPrivateKey)) {
            RSA rsa = new RSA();
            localPublicKey = rsa.getPublicKeyBase64();
            localPrivateKey = rsa.getPrivateKeyBase64();
        }
        if (StrUtil.isBlank(serverPublicKey) || StrUtil.isBlank(serverSecret)) {
            WeaverRegisterVO register = register(weaverAccountVO.getServerUrl(), weaverAccountVO.getAppid(), localPublicKey);
            serverPublicKey = register.getSpk();
            serverSecret = register.getSecret();
        }
        voToSaveParam.setId(securityQueryOne.getId());
        refresh(voToSaveParam, weaverAccountVO.getPrefix(), localPublicKey, localPrivateKey, serverPublicKey, serverSecret);
    }

    @Override // com.elitesland.cbpl.infinity.web.security.service.weaver.e9.service.WeaverE9Service
    public void refreshRegister(WeaverAccountVO weaverAccountVO) {
        InfinitySecuritySaveParamVO voToSaveParam = WeaverAccountConvert.INSTANCE.voToSaveParam(weaverAccountVO);
        InfinitySecurityDetailVO securityQueryOne = this.securityService.securityQueryOne(voToSaveParam);
        if (ObjectUtil.isNull(securityQueryOne)) {
            LogUtil.info("[BPMN][WEAVER-E9] 未注册许可证，不支持刷新");
            throw new RuntimeException("未注册许可证，不支持刷新");
        }
        voToSaveParam.setId(securityQueryOne.getId());
        createRSA(voToSaveParam, weaverAccountVO);
    }

    @Override // com.elitesland.cbpl.infinity.web.security.service.weaver.e9.service.WeaverE9Service
    public String getAccessToken(WeaverAccountVO weaverAccountVO) {
        String str = WeaverE9Util.tokenKey(weaverAccountVO.getAppid());
        String string = this.redisUtil.getString(str);
        if (ObjectUtil.isNotNull(string)) {
            LogUtil.info(str, "[BPMN][WEAVER-E9] 缓存Token: ", string);
            return string;
        }
        String serverPublicKey = WeaverE9Key.getServerPublicKey(weaverAccountVO.getPrefix());
        String serverSecret = WeaverE9Key.getServerSecret(weaverAccountVO.getPrefix());
        if (ObjectUtil.isNull(serverSecret) || ObjectUtil.isNull(serverPublicKey)) {
            register(weaverAccountVO);
            WeaverE9Key.getServerPublicKey(weaverAccountVO.getPrefix());
            serverSecret = WeaverE9Key.getServerSecret(weaverAccountVO.getPrefix());
        }
        String str2 = (String) this.webClient.post().uri(weaverAccountVO.getServerUrl() + "/api/ec/dev/auth/applytoken", new Object[0]).header("appid", new String[]{weaverAccountVO.getAppid()}).header("secret", new String[]{WeaverE9Util.encrypt(weaverAccountVO.getPrefix(), serverSecret)}).header("time", new String[]{weaverAccountVO.getTime()}).exchangeToMono(clientResponse -> {
            return clientResponse.bodyToMono(String.class);
        }).block();
        if (StrUtil.isBlank(str2)) {
            LogUtil.info(str, "[BPMN][WEAVER-E9] 获取新Token失败");
            throw new RuntimeException("[WEAVER] 获取新Token失败");
        }
        WeaverTokenVO weaverTokenVO = (WeaverTokenVO) BeanUtils.toBean(str2, WeaverTokenVO.class);
        if (weaverTokenVO.failed()) {
            LogUtil.info(str, "[BPMN][WEAVER-E9] 认证异常: ", weaverTokenVO.getMsg());
            throw new RuntimeException("Weaver Auth error: " + weaverTokenVO.getMsg());
        }
        LogUtil.info(str, "[BPMN][WEAVER-E9] 获取新Token: ", weaverTokenVO.getToken());
        this.redisUtil.set(str, weaverTokenVO.getToken(), weaverAccountVO.getExpiresIn(), TimeUnit.SECONDS);
        return weaverTokenVO.getToken();
    }

    private void createRSA(InfinitySecuritySaveParamVO infinitySecuritySaveParamVO, WeaverAccountVO weaverAccountVO) {
        RSA rsa = new RSA();
        String publicKeyBase64 = rsa.getPublicKeyBase64();
        String privateKeyBase64 = rsa.getPrivateKeyBase64();
        WeaverRegisterVO register = register(weaverAccountVO.getServerUrl(), weaverAccountVO.getAppid(), publicKeyBase64);
        refresh(infinitySecuritySaveParamVO, weaverAccountVO.getPrefix(), publicKeyBase64, privateKeyBase64, register.getSpk(), register.getSecret());
    }

    private WeaverRegisterVO register(String str, String str2, String str3) {
        String str4 = (String) this.webClient.post().uri(str + "/api/ec/dev/auth/regist", new Object[0]).header("appid", new String[]{str2}).header("cpk", new String[]{str3}).exchangeToMono(clientResponse -> {
            return clientResponse.bodyToMono(String.class);
        }).block();
        if (StrUtil.isBlank(str4)) {
            throw new RuntimeException("[WEAVER] 注册许可失败");
        }
        return (WeaverRegisterVO) BeanUtils.toBean(str4, WeaverRegisterVO.class);
    }

    private void refresh(InfinitySecuritySaveParamVO infinitySecuritySaveParamVO, String str, String str2, String str3, String str4, String str5) {
        infinitySecuritySaveParamVO.setLocalPublicKey(str2);
        infinitySecuritySaveParamVO.setLocalPrivateKey(str3);
        infinitySecuritySaveParamVO.setServerPublicKey(str4);
        infinitySecuritySaveParamVO.setServerSecret(str5);
        this.securityService.save(infinitySecuritySaveParamVO);
        WeaverE9Key.setCache(str, str4, str5);
    }

    public WeaverE9ServiceImpl(WebClient webClient, RedisUtil redisUtil, InfinitySecurityService infinitySecurityService) {
        this.webClient = webClient;
        this.redisUtil = redisUtil;
        this.securityService = infinitySecurityService;
    }
}
