package com.elitesland.cloudt.authorization.api.provider.provider.oauth2.client;

import com.elitesland.cloudt.authorization.api.client.config.AuthorizationProperties;
import com.elitesland.cloudt.authorization.api.client.model.OAuthToken;
import com.elitesland.cloudt.authorization.api.provider.model.bo.OAuth2ClientConfigBO;
import com.elitesland.yst.common.base.ApiResult;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateDeserializer;
import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateSerializer;
import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer;
import java.security.KeyStore;
import java.time.Duration;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.Collections;
import java.util.Map;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.TrustSelfSignedStrategy;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.boot.ApplicationArguments;
import org.springframework.boot.ApplicationRunner;
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.boot.web.client.RestTemplateCustomizer;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.lang.NonNull;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.util.Assert;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:com/elitesland/cloudt/authorization/api/provider/provider/oauth2/client/OAuth2ClientProvider.class */
public class OAuth2ClientProvider implements ApplicationRunner {
    private static final Logger log = LogManager.getLogger(OAuth2ClientProvider.class);
    private final AuthorizationProperties authorizationProperties;
    private OAuth2ClientConfigBO oAuth2ClientConfigBO;
    private RestTemplate restTemplate;

    public OAuth2ClientProvider(AuthorizationProperties authorizationProperties) {
        this.authorizationProperties = authorizationProperties;
    }

    public void run(ApplicationArguments applicationArguments) throws Exception {
        initConfig();
    }

    public OAuth2ClientConfigBO getoAuth2ClientConfigBO() {
        return this.oAuth2ClientConfigBO.copy();
    }

    public ApiResult<OAuthToken> code2AccessToken(@NonNull String str, @NonNull String str2, @NonNull String str3, String str4) {
        OAuth2ClientConfigBO oAuth2ClientConfigBO = getoAuth2ClientConfigBO();
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap(8);
        linkedMultiValueMap.add("client_id", oAuth2ClientConfigBO.getClientId());
        linkedMultiValueMap.add("client_secret", oAuth2ClientConfigBO.getClientSecret());
        linkedMultiValueMap.add("grant_type", AuthorizationGrantType.AUTHORIZATION_CODE.getValue());
        linkedMultiValueMap.add("code", str2);
        linkedMultiValueMap.add("redirect_uri", str3);
        if (StringUtils.hasText(str4)) {
            linkedMultiValueMap.add("code_verifier", str4);
        }
        try {
            ResponseEntity exchange = this.restTemplate.exchange("/oauth2/token", HttpMethod.POST, new HttpEntity(linkedMultiValueMap), new ParameterizedTypeReference<ApiResult<OAuthToken>>() { // from class: com.elitesland.cloudt.authorization.api.provider.provider.oauth2.client.OAuth2ClientProvider.1
            }, new Object[0]);
            if (exchange.getStatusCode().is2xxSuccessful()) {
                return (ApiResult) exchange.getBody();
            }
            log.error("授权码转token失败：{}", exchange.getStatusCode());
            return ApiResult.fail("获取认证token失败");
        } catch (Exception e) {
            log.error("获取认证token失败：", e);
            return ApiResult.fail("获取认证token失败！");
        }
    }

    private void initConfig() {
        AuthorizationProperties.OAuth2Client oauth2Client = this.authorizationProperties.getOauth2Client();
        Assert.hasText(oauth2Client.getClientId(), "客户端ID为空");
        Assert.hasText(oauth2Client.getClientSecret(), "客户端secret为空");
        Assert.hasText(oauth2Client.getServerAddress(), "OAuth2服务端地址为空");
        this.restTemplate = buildRestTemplate();
        OAuth2ClientConfigBO oAuth2ClientConfigBO = new OAuth2ClientConfigBO();
        oAuth2ClientConfigBO.setClientId(oauth2Client.getClientId());
        oAuth2ClientConfigBO.setClientSecret(oauth2Client.getClientSecret());
        Map<String, Object> map = null;
        if (StringUtils.hasText(oauth2Client.getAuthorizeEndpoint())) {
            oAuth2ClientConfigBO.setAuthorizeEndpoint(oauth2Client.getAuthorizeEndpoint());
        } else {
            if (0 == 0) {
                map = queryServerConfig();
            }
            String str = (String) map.get("authorization_endpoint");
            Assert.hasText(str, "OAuth2客户端的authorizeEndpoint未配置");
            oAuth2ClientConfigBO.setAuthorizeEndpoint(str);
        }
        if (StringUtils.hasText(oauth2Client.getTokenEndpoint())) {
            oAuth2ClientConfigBO.setTokenEndpoint(oauth2Client.getTokenEndpoint());
        } else {
            if (map == null) {
                map = queryServerConfig();
            }
            String str2 = (String) map.get("token_endpoint");
            Assert.hasText(str2, "OAuth2客户端的tokenEndpoint未配置");
            oAuth2ClientConfigBO.setTokenEndpoint(str2);
        }
        this.oAuth2ClientConfigBO = oAuth2ClientConfigBO;
    }

    private RestTemplate buildRestTemplate() {
        return new RestTemplateBuilder(new RestTemplateCustomizer[0]).requestFactory(this::getClientHttpRequestFactory).rootUri(this.authorizationProperties.getOauth2Client().getServerAddress()).customizers(new RestTemplateCustomizer[]{restTemplateCustomizer()}).build();
    }

    private RestTemplateCustomizer restTemplateCustomizer() {
        ObjectMapper objectMapper = new ObjectMapper();
        JavaTimeModule javaTimeModule = new JavaTimeModule();
        javaTimeModule.addDeserializer(LocalDateTime.class, new LocalDateTimeDeserializer(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss")));
        javaTimeModule.addSerializer(LocalDateTime.class, new LocalDateTimeSerializer(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss")));
        javaTimeModule.addDeserializer(LocalDate.class, new LocalDateDeserializer(DateTimeFormatter.ofPattern("yyyy-MM-dd")));
        javaTimeModule.addSerializer(LocalDate.class, new LocalDateSerializer(DateTimeFormatter.ofPattern("yyyy-MM-dd")));
        objectMapper.registerModule(javaTimeModule);
        objectMapper.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
        return restTemplate -> {
            for (MappingJackson2HttpMessageConverter mappingJackson2HttpMessageConverter : restTemplate.getMessageConverters()) {
                if (mappingJackson2HttpMessageConverter instanceof MappingJackson2HttpMessageConverter) {
                    mappingJackson2HttpMessageConverter.setObjectMapper(objectMapper);
                    return;
                }
            }
            restTemplate.getMessageConverters().add(new MappingJackson2HttpMessageConverter(objectMapper));
        };
    }

    private ClientHttpRequestFactory getClientHttpRequestFactory() {
        SSLConnectionSocketFactory sSLConnectionSocketFactory = null;
        try {
            SSLContextBuilder sSLContextBuilder = new SSLContextBuilder();
            sSLContextBuilder.loadTrustMaterial((KeyStore) null, new TrustSelfSignedStrategy());
            sSLConnectionSocketFactory = new SSLConnectionSocketFactory(sSLContextBuilder.build(), NoopHostnameVerifier.INSTANCE);
        } catch (Exception e) {
            e.printStackTrace();
        }
        HttpClientBuilder custom = HttpClients.custom();
        custom.setSSLSocketFactory(sSLConnectionSocketFactory);
        HttpComponentsClientHttpRequestFactory httpComponentsClientHttpRequestFactory = new HttpComponentsClientHttpRequestFactory();
        httpComponentsClientHttpRequestFactory.setHttpClient(custom.build());
        httpComponentsClientHttpRequestFactory.setConnectTimeout((int) Duration.ofSeconds(10L).toMillis());
        httpComponentsClientHttpRequestFactory.setReadTimeout((int) Duration.ofSeconds(30L).toMillis());
        return httpComponentsClientHttpRequestFactory;
    }

    private Map<String, Object> queryServerConfig() {
        ResponseEntity exchange;
        try {
            exchange = this.restTemplate.exchange("/.well-known/oauth-authorization-server", HttpMethod.GET, (HttpEntity) null, new ParameterizedTypeReference<Map<String, Object>>() { // from class: com.elitesland.cloudt.authorization.api.provider.provider.oauth2.client.OAuth2ClientProvider.2
            }, new Object[0]);
        } catch (Exception e) {
            log.error("查询OAuth2服务端配置异常", e);
        }
        if (exchange.getStatusCode().is2xxSuccessful()) {
            log.info("查询OAuth2服务端配置成功：{}", exchange.getBody());
            return (Map) exchange.getBody();
        }
        log.warn("查询OAuth2服务端配置失败：{}", exchange.getStatusCode());
        return Collections.emptyMap();
    }
}
