package org.cattleframework.oauth.authorization.service.internal;

import java.time.Duration;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Optional;
import org.apache.commons.collections4.CollectionUtils;
import org.cattleframework.oauth.authorization.client.RegisteredClientRepositoryEnhance;
import org.cattleframework.utils.auxiliary.StringUtils;
import org.cattleframework.utils.redis.RedisTemplateUtils;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import org.springframework.util.Assert;

/* loaded from: input_file:org/cattleframework/oauth/authorization/service/internal/AuthorizationServiceImpl.class */
public class AuthorizationServiceImpl implements OAuth2AuthorizationService {
    private final RegisteredClientRepositoryEnhance registeredClientRepository;
    private final RedisTemplateUtils redisTemplateUtils;

    public AuthorizationServiceImpl(RegisteredClientRepositoryEnhance registeredClientRepositoryEnhance, RedisTemplateUtils redisTemplateUtils) {
        Assert.notNull(registeredClientRepositoryEnhance, "registeredClientRepository不能为空值");
        Assert.notNull(redisTemplateUtils, "redisTemplateUtils不能为空值");
        this.registeredClientRepository = registeredClientRepositoryEnhance;
        this.redisTemplateUtils = redisTemplateUtils;
    }

    public void save(OAuth2Authorization oAuth2Authorization) {
        Assert.notNull(oAuth2Authorization, "authorization不能为空值");
        TokenSettings tokenSettings = this.registeredClientRepository.findById(oAuth2Authorization.getRegisteredClientId()).getTokenSettings();
        Duration authorizationCodeTimeToLive = tokenSettings.getAuthorizationCodeTimeToLive();
        Duration accessTokenTimeToLive = tokenSettings.getAccessTokenTimeToLive();
        Duration refreshTokenTimeToLive = tokenSettings.getRefreshTokenTimeToLive();
        Duration duration = oAuth2Authorization.getRefreshToken() == null ? accessTokenTimeToLive : (Duration) Collections.max(Arrays.asList(accessTokenTimeToLive, refreshTokenTimeToLive));
        String id = oAuth2Authorization.getId();
        this.redisTemplateUtils.set(getTokenKey(id), oAuth2Authorization, duration);
        HashSet hashSet = new HashSet();
        Optional.ofNullable(oAuth2Authorization.getToken(OAuth2AuthorizationCode.class)).ifPresent(token -> {
            String codeKey = getCodeKey(token.getToken().getTokenValue());
            if (token.isActive()) {
                this.redisTemplateUtils.set(codeKey, id, authorizationCodeTimeToLive);
                hashSet.add(codeKey);
            } else {
                this.redisTemplateUtils.del(codeKey);
                this.redisTemplateUtils.srem(getCorrelationKey(id), new Object[]{codeKey});
            }
        });
        Optional.ofNullable(oAuth2Authorization.getAccessToken()).ifPresent(token2 -> {
            String accessKey = getAccessKey(token2.getToken().getTokenValue());
            this.redisTemplateUtils.set(accessKey, id, accessTokenTimeToLive);
            hashSet.add(accessKey);
        });
        Optional.ofNullable(oAuth2Authorization.getRefreshToken()).ifPresent(token3 -> {
            String refreshKey = getRefreshKey(token3.getToken().getTokenValue());
            this.redisTemplateUtils.set(refreshKey, id, refreshTokenTimeToLive);
            hashSet.add(refreshKey);
        });
        Optional.ofNullable(oAuth2Authorization.getToken(OidcIdToken.class)).ifPresent(token4 -> {
            String oidcIdKey = getOidcIdKey(token4.getToken().getTokenValue());
            this.redisTemplateUtils.set(oidcIdKey, id, Duration.ofMinutes(30L));
            hashSet.add(oidcIdKey);
        });
        if (CollectionUtils.isNotEmpty(hashSet)) {
            String correlationKey = getCorrelationKey(id);
            this.redisTemplateUtils.sadd(correlationKey, hashSet.toArray(i -> {
                return new Object[i];
            }));
            this.redisTemplateUtils.expire(correlationKey, duration);
        }
    }

    public void remove(OAuth2Authorization oAuth2Authorization) {
        String id = oAuth2Authorization.getId();
        HashSet hashSet = new HashSet();
        hashSet.add(getTokenKey(id));
        hashSet.add(getCorrelationKey(id));
        Optional.ofNullable(this.redisTemplateUtils.smembers(getCorrelationKey(id))).ifPresent(set -> {
            set.forEach(obj -> {
                hashSet.add((String) obj);
            });
        });
        this.redisTemplateUtils.del(hashSet);
    }

    public OAuth2Authorization findById(String str) {
        return (OAuth2Authorization) Optional.ofNullable((OAuth2Authorization) this.redisTemplateUtils.get(getTokenKey(str))).orElse(null);
    }

    public OAuth2Authorization findByToken(String str, OAuth2TokenType oAuth2TokenType) {
        Assert.hasText(str, "token不能为空值");
        if (oAuth2TokenType == null) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getCodeKey(str))).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getAccessKey(str)));
            }).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getRefreshKey(str)));
            }).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getOidcIdKey(str)));
            }).map(this::findById).orElse(null);
        }
        if ("code".equals(oAuth2TokenType.getValue())) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getCodeKey(str))).map(this::findById).orElse(null);
        }
        if (OAuth2TokenType.ACCESS_TOKEN.equals(oAuth2TokenType)) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getAccessKey(str))).map(this::findById).orElse(null);
        }
        if (OAuth2TokenType.REFRESH_TOKEN.equals(oAuth2TokenType)) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getRefreshKey(str))).map(this::findById).orElse(null);
        }
        if ("id_token".equals(oAuth2TokenType.getValue())) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getOidcIdKey(str))).map(this::findById).orElse(null);
        }
        return null;
    }

    private String getCodeKey(String str) {
        return "SC_OC_" + StringUtils.getHashName(str);
    }

    private String getAccessKey(String str) {
        return "SC_OA_" + StringUtils.getHashName(str);
    }

    private String getRefreshKey(String str) {
        return "SC_OR_" + StringUtils.getHashName(str);
    }

    private String getOidcIdKey(String str) {
        return "SC_OOI_" + StringUtils.getHashName(str);
    }

    private String getCorrelationKey(String str) {
        return "SC_OCT_" + StringUtils.getHashName(str);
    }

    private String getTokenKey(String str) {
        return "SC_OT_" + StringUtils.getHashName(str);
    }
}
