package org.cattleframework.oauth.authorization.client.internal;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.cattleframework.db.object.spi.DataTable;
import org.cattleframework.db.services.TransactionService;
import org.cattleframework.db.type.descriptor.java.InstantJavaType;
import org.cattleframework.db.type.descriptor.java.StringJavaType;
import org.cattleframework.exception.CattleException;
import org.cattleframework.exception.ExceptionWrapUtils;
import org.cattleframework.form.authorization.service.UserService;
import org.cattleframework.oauth.authorization.AuthorizeServerConstants;
import org.cattleframework.oauth.authorization.client.RegisteredClientRepositoryEnhance;
import org.cattleframework.oauth.authorization.client.SupportedDeviceType;
import org.cattleframework.utils.auxiliary.JacksonUtils;
import org.springframework.beans.factory.ListableBeanFactory;
import org.springframework.security.jackson2.SecurityJackson2Modules;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.ClientAuthenticationMethod;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module;
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
import org.springframework.security.oauth2.server.authorization.settings.ConfigurationSettingNames;
import org.springframework.security.oauth2.server.authorization.settings.OAuth2TokenFormat;
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/cattleframework/oauth/authorization/client/internal/RegisteredClientRepositoryEnhanceImpl.class */
public class RegisteredClientRepositoryEnhanceImpl implements RegisteredClientRepositoryEnhance {
    private final ListableBeanFactory beanFactory;
    private final TransactionService transactionService;
    private final UserService userService;
    private final ObjectMapper objectMapper = new ObjectMapper();

    public RegisteredClientRepositoryEnhanceImpl(ListableBeanFactory listableBeanFactory, TransactionService transactionService, UserService userService) {
        this.beanFactory = listableBeanFactory;
        this.transactionService = transactionService;
        this.userService = userService;
        this.objectMapper.registerModules(SecurityJackson2Modules.getModules(RegisteredClientRepositoryEnhanceImpl.class.getClassLoader()));
        this.objectMapper.registerModule(new OAuth2AuthorizationServerJackson2Module());
    }

    public void save(RegisteredClient registeredClient) {
        ArrayList arrayList = new ArrayList(registeredClient.getClientAuthenticationMethods().size());
        registeredClient.getClientAuthenticationMethods().forEach(clientAuthenticationMethod -> {
            arrayList.add(clientAuthenticationMethod.getValue());
        });
        ArrayList arrayList2 = new ArrayList(registeredClient.getAuthorizationGrantTypes().size());
        registeredClient.getAuthorizationGrantTypes().forEach(authorizationGrantType -> {
            arrayList2.add(authorizationGrantType.getValue());
        });
        String json = registeredClient.getClientSettings().getSettings().containsKey(AuthorizeServerConstants.CLIENT_SUPPORTED_DEVICE_TYPE) ? JacksonUtils.toJson(registeredClient.getClientSettings().getSettings().get(AuthorizeServerConstants.CLIENT_SUPPORTED_DEVICE_TYPE)) : null;
        String str = registeredClient.getClientSettings().getSettings().containsKey(AuthorizeServerConstants.CLIENT_PIC_URI) ? (String) registeredClient.getClientSettings().getSettings().get(AuthorizeServerConstants.CLIENT_PIC_URI) : null;
        HashMap hashMap = new HashMap(0);
        registeredClient.getClientSettings().getSettings().forEach((str2, obj) -> {
            if (AuthorizeServerConstants.CLIENT_SUPPORTED_DEVICE_TYPE.equals(str2) || AuthorizeServerConstants.CLIENT_PIC_URI.equals(str2)) {
                return;
            }
            hashMap.put(str2, obj);
        });
        String writeMap = writeMap(Collections.unmodifiableMap(hashMap));
        String writeMap2 = writeMap(registeredClient.getTokenSettings().getSettings());
        this.transactionService.executeWithoutResult(accessContext -> {
            DataTable select = accessContext.select("S_CLIENT", registeredClient.getId());
            if (!select.first()) {
                Integer num = (Integer) accessContext.querySingleValue(Integer.class, "select count(*) from S_CLIENT where CODE=?", new Object[]{registeredClient.getClientId()});
                if (num != null && num.intValue() > 0) {
                    throw new CattleException("注册的客户必须唯一的,发现重复的客户标识");
                }
                Integer num2 = (Integer) accessContext.querySingleValue(Integer.class, "select count(*) from S_CLIENT where SECRET=?", new Object[]{registeredClient.getClientSecret()});
                if (num2 != null && num2.intValue() > 0) {
                    throw new CattleException("注册的客户必须唯一的,发现重复的客户密钥");
                }
                select.insert(registeredClient.getId());
                Instant clientIdIssuedAt = registeredClient.getClientIdIssuedAt() != null ? registeredClient.getClientIdIssuedAt() : Instant.now();
                select.setString("CODE", registeredClient.getClientId());
                select.setInstant("ISSUED_AT", clientIdIssuedAt);
            } else {
                if (!StringJavaType.INSTANCE.areEqual(select.getString("CODE"), registeredClient.getClientId())) {
                    throw new CattleException("客户标识不能修改");
                }
                if (!InstantJavaType.INSTANCE.areEqual(select.getInstant("ISSUED_AT"), registeredClient.getClientIdIssuedAt())) {
                    throw new CattleException("客户生效时间不能修改");
                }
            }
            select.setString("SECRET", registeredClient.getClientSecret());
            select.setString("NAME", registeredClient.getClientName());
            select.setInstant("SECRET_EXPIRES_AT", registeredClient.getClientSecretExpiresAt());
            select.setString("AUTH_METHODS", StringUtils.collectionToCommaDelimitedString(arrayList));
            select.setString("AUTH_GRANT_TYPES", StringUtils.collectionToCommaDelimitedString(arrayList2));
            select.setString("REDIRECT_URIS", StringUtils.collectionToCommaDelimitedString(registeredClient.getRedirectUris()));
            select.setString("POST_LOGOUT_REDIRECT_URIS", StringUtils.collectionToCommaDelimitedString(registeredClient.getPostLogoutRedirectUris()));
            select.setString("SCOPES", StringUtils.collectionToCommaDelimitedString(registeredClient.getScopes()));
            select.setString("SETTINGS", writeMap);
            select.setString("TOKEN_SETTINGS", writeMap2);
            select.setString("SUPPORTED_DEVICE_TYPE", json);
            select.setString("PIC_URI", str);
            accessContext.save(select);
        });
    }

    public RegisteredClient findById(String str) {
        return findBy("ID=?", str);
    }

    public RegisteredClient findByClientId(String str) {
        return findBy("CODE=?", str);
    }

    private RegisteredClient findBy(String str, Object... objArr) {
        return (RegisteredClient) this.transactionService.execute(accessContext -> {
            DataTable select = accessContext.select("S_CLIENT", (String) null, str, objArr);
            if (!select.first()) {
                return null;
            }
            Set commaDelimitedListToSet = StringUtils.commaDelimitedListToSet(select.getString("AUTH_METHODS"));
            Set commaDelimitedListToSet2 = StringUtils.commaDelimitedListToSet(select.getString("AUTH_GRANT_TYPES"));
            Set commaDelimitedListToSet3 = StringUtils.commaDelimitedListToSet(select.getString("REDIRECT_URIS"));
            Set commaDelimitedListToSet4 = StringUtils.commaDelimitedListToSet(select.getString("POST_LOGOUT_REDIRECT_URIS"));
            Set commaDelimitedListToSet5 = StringUtils.commaDelimitedListToSet(select.getString("SCOPES"));
            RegisteredClient.Builder scopes = RegisteredClient.withId(StringJavaType.INSTANCE.wrap(this.beanFactory, select.getId())).clientId(select.getString("CODE")).clientIdIssuedAt(select.getInstant("ISSUED_AT")).clientSecret(select.getString("SECRET")).clientSecretExpiresAt(select.getInstant("SECRET_EXPIRES_AT")).clientName(select.getString("NAME")).clientAuthenticationMethods(set -> {
                commaDelimitedListToSet.forEach(str2 -> {
                    set.add(resolveClientAuthenticationMethod(str2));
                });
            }).authorizationGrantTypes(set2 -> {
                commaDelimitedListToSet2.forEach(str2 -> {
                    set2.add(resolveAuthorizationGrantType(str2));
                });
            }).redirectUris(set3 -> {
                set3.addAll(commaDelimitedListToSet3);
            }).postLogoutRedirectUris(set4 -> {
                set4.addAll(commaDelimitedListToSet4);
            }).scopes(set5 -> {
                set5.addAll(commaDelimitedListToSet5);
            });
            String string = select.getString("SUPPORTED_DEVICE_TYPE");
            String string2 = select.getString("PIC_URI");
            Map<String, Object> parseMap = parseMap(select.getString("SETTINGS"));
            if (StringUtils.hasText(string) || StringUtils.hasText(string2)) {
                HashMap hashMap = new HashMap(0);
                parseMap.forEach((str2, obj) -> {
                    hashMap.put(str2, obj);
                });
                if (StringUtils.hasText(string)) {
                    hashMap.put(AuthorizeServerConstants.CLIENT_SUPPORTED_DEVICE_TYPE, (List) JacksonUtils.toObject(string, new TypeReference<List<SupportedDeviceType>>() { // from class: org.cattleframework.oauth.authorization.client.internal.RegisteredClientRepositoryEnhanceImpl.1
                    }));
                }
                if (StringUtils.hasText(string2)) {
                    hashMap.put(AuthorizeServerConstants.CLIENT_PIC_URI, string2);
                }
                parseMap = Collections.unmodifiableMap(hashMap);
            }
            scopes.clientSettings(ClientSettings.withSettings(parseMap).build());
            Map<String, Object> parseMap2 = parseMap(select.getString("TOKEN_SETTINGS"));
            TokenSettings.Builder withSettings = TokenSettings.withSettings(parseMap2);
            if (!parseMap2.containsKey(ConfigurationSettingNames.Token.ACCESS_TOKEN_FORMAT)) {
                withSettings.accessTokenFormat(OAuth2TokenFormat.SELF_CONTAINED);
            }
            scopes.tokenSettings(withSettings.build());
            return scopes.build();
        });
    }

    private String writeMap(Map<String, Object> map) {
        try {
            return this.objectMapper.writeValueAsString(map);
        } catch (JsonProcessingException e) {
            throw ExceptionWrapUtils.wrap(e);
        }
    }

    private Map<String, Object> parseMap(String str) {
        try {
            return (Map) this.objectMapper.readValue(str, new TypeReference<Map<String, Object>>() { // from class: org.cattleframework.oauth.authorization.client.internal.RegisteredClientRepositoryEnhanceImpl.2
            });
        } catch (JsonProcessingException e) {
            throw ExceptionWrapUtils.wrap(e);
        }
    }

    private static AuthorizationGrantType resolveAuthorizationGrantType(String str) {
        return AuthorizationGrantType.AUTHORIZATION_CODE.getValue().equals(str) ? AuthorizationGrantType.AUTHORIZATION_CODE : AuthorizationGrantType.CLIENT_CREDENTIALS.getValue().equals(str) ? AuthorizationGrantType.CLIENT_CREDENTIALS : AuthorizationGrantType.REFRESH_TOKEN.getValue().equals(str) ? AuthorizationGrantType.REFRESH_TOKEN : new AuthorizationGrantType(str);
    }

    private static ClientAuthenticationMethod resolveClientAuthenticationMethod(String str) {
        return ClientAuthenticationMethod.CLIENT_SECRET_BASIC.getValue().equals(str) ? ClientAuthenticationMethod.CLIENT_SECRET_BASIC : ClientAuthenticationMethod.CLIENT_SECRET_POST.getValue().equals(str) ? ClientAuthenticationMethod.CLIENT_SECRET_POST : ClientAuthenticationMethod.NONE.getValue().equals(str) ? ClientAuthenticationMethod.NONE : new ClientAuthenticationMethod(str);
    }

    @Override // org.cattleframework.oauth.authorization.client.RegisteredClientRepositoryEnhance
    public Set<RegisteredClient> getRegisteredClients(Object obj) {
        if (this.userService.userExists(obj)) {
            return (Set) this.transactionService.execute(accessContext -> {
                HashSet hashSet = new HashSet();
                DataTable select = accessContext.select("S_USER_CLIENT", (String) null, "USER_ID=?", new Object[]{obj});
                select.beforeFirst();
                while (select.next()) {
                    RegisteredClient findById = findById(select.getString("CLIENT_ID"));
                    if (findById != null) {
                        hashSet.add(findById);
                    }
                }
                return hashSet;
            });
        }
        throw new CattleException(String.format("用户标识'%s'不存在", obj));
    }

    @Override // org.cattleframework.oauth.authorization.client.RegisteredClientRepositoryEnhance
    public void saveUseRegisteredClientByUser(Object obj, String... strArr) {
        if (!this.userService.userExists(obj)) {
            throw new CattleException(String.format("用户标识'%s'不存在", obj));
        }
        this.transactionService.executeWithoutResult(accessContext -> {
            for (String str : strArr) {
                if (!accessContext.select("S_CLIENT", str).first()) {
                    throw new CattleException(String.format("客户标识'%s'不存在", str));
                }
                DataTable select = accessContext.select("S_USER_CLIENT", (String) null, "USER_ID=? and CLIENT_ID=?", new Object[]{obj, str});
                if (!select.first()) {
                    select.insert();
                    select.setObject("USER_ID", obj);
                    select.setString("CLIENT_ID", str);
                    accessContext.save(select);
                }
            }
        });
    }
}
