package com.elitesland.cloudt.authorization.api.provider.provider.sso.impl;

import com.elitesland.cloudt.authorization.api.client.common.AuthorizationException;
import com.elitesland.cloudt.authorization.api.client.config.security.resolver.BearerTokenResolver;
import com.elitesland.cloudt.authorization.api.client.config.security.resolver.impl.DefaultBearerTokenResolver;
import com.elitesland.cloudt.authorization.api.client.config.support.AuthenticationCache;
import com.elitesland.cloudt.authorization.api.client.model.OAuthToken;
import com.elitesland.cloudt.authorization.api.client.token.CommonAuthenticationToken;
import com.elitesland.cloudt.authorization.api.client.tool.RedisHelper;
import com.elitesland.cloudt.authorization.api.provider.provider.user.UserDetailManager;
import com.elitesland.cloudt.authorization.api.provider.security.generator.token.TokenGenerator;
import com.elitesland.cloudt.authorization.sdk.model.UserInfoDTO;
import com.elitesland.cloudt.authorization.sdk.sso.SsoProvider;
import com.elitesland.yst.security.entity.GeneralUserDetails;
import java.io.Serializable;
import java.util.Collections;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.core.Authentication;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitesland/cloudt/authorization/api/provider/provider/sso/impl/CloudtSsoProviderImpl.class */
public class CloudtSsoProviderImpl implements SsoProvider {
    private static final Logger log = LogManager.getLogger(CloudtSsoProviderImpl.class);
    private final TokenGenerator tokenGenerator;
    private final AuthenticationCache authenticationCache;
    private final UserDetailManager userDetailManager;
    private final RedisHelper redisHelper;
    private BearerTokenResolver bearerTokenResolver = new DefaultBearerTokenResolver();

    public CloudtSsoProviderImpl(TokenGenerator tokenGenerator, AuthenticationCache authenticationCache, UserDetailManager userDetailManager, RedisHelper redisHelper) {
        this.tokenGenerator = tokenGenerator;
        this.authenticationCache = authenticationCache;
        this.userDetailManager = userDetailManager;
        this.redisHelper = redisHelper;
    }

    public boolean isAuthenticated(HttpServletRequest httpServletRequest) {
        return this.authenticationCache.getUserDetail(this.bearerTokenResolver.resolve(httpServletRequest)) != null;
    }

    public <T extends Serializable> T generateToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, UserInfoDTO userInfoDTO) {
        OAuthToken generate = this.tokenGenerator.generate(buildAuthentication(userInfoDTO));
        try {
            this.redisHelper.execute(redisUtils -> {
                redisUtils.set("cloudt:token:sso:" + str, generate.getAccessToken());
                return null;
            });
            return generate;
        } catch (Exception e) {
            log.error("单点登录保存token与ticket关联失败", e);
            throw new IllegalStateException("生成token失败", e);
        }
    }

    public void clearToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        try {
            String str2 = (String) this.redisHelper.execute(redisUtils -> {
                return redisUtils.get("cloudt:token:sso:" + str);
            });
            if (StringUtils.hasText(str2)) {
                try {
                    this.redisHelper.execute(redisUtils2 -> {
                        redisUtils2.del(new String[]{"cloudt:token:sso:" + str});
                        return null;
                    });
                } catch (Exception e) {
                    log.error("单点登录获取token与ticket关联失败", e);
                }
                try {
                    this.authenticationCache.removeUserDetail(str2);
                } catch (Exception e2) {
                    log.error("删除用户token失败", e2);
                }
            }
        } catch (Exception e3) {
            log.error("单点登录获取token与ticket关联失败", e3);
            throw new IllegalStateException("获取token失败", e3);
        }
    }

    private CommonAuthenticationToken buildAuthentication(UserInfoDTO userInfoDTO) {
        GeneralUserDetails generalUserDetails = null;
        if (StringUtils.hasText(userInfoDTO.getUserId())) {
            generalUserDetails = this.userDetailManager.loadUserById(userInfoDTO.getUserId());
        } else if (StringUtils.hasText(userInfoDTO.getUsername())) {
            generalUserDetails = this.userDetailManager.loadUserByUsername(userInfoDTO.getUsername());
        } else if (StringUtils.hasText(userInfoDTO.getMobile())) {
            generalUserDetails = this.userDetailManager.loadUserByMobile(userInfoDTO.getMobile());
        } else if (StringUtils.hasText(userInfoDTO.getEmail())) {
            generalUserDetails = this.userDetailManager.loadUserByEmail(userInfoDTO.getEmail());
        }
        if (generalUserDetails == null) {
            throw new AuthorizationException("用户不存在");
        }
        return new CommonAuthenticationToken((Authentication) null, generalUserDetails, Collections.emptyList());
    }
}
