package org.cattleframework.oauth.authorization.service.internal;

import java.security.Principal;
import java.time.Duration;
import java.util.HashSet;
import java.util.Optional;
import java.util.Set;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.cattleframework.form.authorization.authentication.LoginedAuthenticationToken;
import org.cattleframework.oauth.authorization.client.RegisteredClientRepositoryEnhance;
import org.cattleframework.utils.redis.RedisTemplateUtils;
import org.springframework.security.oauth2.core.AuthorizationGrantType;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2DeviceCode;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.OAuth2UserCode;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import org.springframework.util.Assert;

/* loaded from: input_file:org/cattleframework/oauth/authorization/service/internal/AuthorizationServiceImpl.class */
public class AuthorizationServiceImpl implements OAuth2AuthorizationService {
    private final RegisteredClientRepositoryEnhance registeredClientRepository;
    private final RedisTemplateUtils redisTemplateUtils;

    public AuthorizationServiceImpl(RegisteredClientRepositoryEnhance registeredClientRepositoryEnhance, RedisTemplateUtils redisTemplateUtils) {
        Assert.notNull(registeredClientRepositoryEnhance, "registeredClientRepository不能为空值");
        Assert.notNull(redisTemplateUtils, "redisTemplateUtils不能为空值");
        this.registeredClientRepository = registeredClientRepositoryEnhance;
        this.redisTemplateUtils = redisTemplateUtils;
    }

    public void save(OAuth2Authorization oAuth2Authorization) {
        Duration saveState;
        Assert.notNull(oAuth2Authorization, "authorization不能为空值");
        TokenSettings tokenSettings = this.registeredClientRepository.findById(oAuth2Authorization.getRegisteredClientId()).getTokenSettings();
        Duration authorizationCodeTimeToLive = tokenSettings.getAuthorizationCodeTimeToLive();
        Duration accessTokenTimeToLive = tokenSettings.getAccessTokenTimeToLive();
        Duration refreshTokenTimeToLive = tokenSettings.getRefreshTokenTimeToLive();
        Duration deviceCodeTimeToLive = tokenSettings.getDeviceCodeTimeToLive();
        String id = oAuth2Authorization.getId();
        Duration duration = null;
        HashSet hashSet = new HashSet();
        Duration saveAuthorizationCode = saveAuthorizationCode(id, oAuth2Authorization.getToken(OAuth2AuthorizationCode.class), authorizationCodeTimeToLive, hashSet);
        if (saveAuthorizationCode != null) {
            duration = compareTimeToLive(null, saveAuthorizationCode);
        }
        if (oAuth2Authorization.getAuthorizationGrantType().equals(AuthorizationGrantType.AUTHORIZATION_CODE)) {
            Duration saveState2 = saveState(id, (String) oAuth2Authorization.getAttribute("state"), authorizationCodeTimeToLive, hashSet);
            if (saveState2 != null) {
                duration = compareTimeToLive(duration, saveState2);
            }
        } else if (oAuth2Authorization.getAuthorizationGrantType().equals(AuthorizationGrantType.DEVICE_CODE) && (saveState = saveState(id, (String) oAuth2Authorization.getAttribute("state"), deviceCodeTimeToLive, hashSet)) != null) {
            duration = compareTimeToLive(duration, saveState);
        }
        Duration saveDeviceCode = saveDeviceCode(id, oAuth2Authorization.getToken(OAuth2DeviceCode.class), deviceCodeTimeToLive, hashSet);
        if (saveDeviceCode != null) {
            duration = compareTimeToLive(duration, saveDeviceCode);
        }
        Duration saveUserCode = saveUserCode(id, oAuth2Authorization.getToken(OAuth2UserCode.class), deviceCodeTimeToLive, hashSet);
        if (saveUserCode != null) {
            duration = compareTimeToLive(duration, saveUserCode);
        }
        Duration saveAccessToken = saveAccessToken(id, oAuth2Authorization.getAccessToken(), accessTokenTimeToLive, hashSet);
        if (saveAccessToken != null) {
            duration = compareTimeToLive(duration, saveAccessToken);
        }
        Duration saveRefreshToken = saveRefreshToken(id, oAuth2Authorization.getRefreshToken(), refreshTokenTimeToLive, hashSet);
        if (saveRefreshToken != null) {
            duration = compareTimeToLive(duration, saveRefreshToken);
        }
        Duration saveOidcIdToken = saveOidcIdToken(id, oAuth2Authorization.getToken(OidcIdToken.class), hashSet);
        if (saveOidcIdToken != null) {
            duration = compareTimeToLive(duration, saveOidcIdToken);
        }
        if (duration != null) {
            saveTokenMappingUserSession(id, oAuth2Authorization.getAttribute(Principal.class.getName()), duration, hashSet);
            this.redisTemplateUtils.set(getTokenKey(id), oAuth2Authorization, duration);
        }
        if (CollectionUtils.isNotEmpty(hashSet)) {
            String correlationKey = getCorrelationKey(id);
            this.redisTemplateUtils.sadd(correlationKey, hashSet.toArray(i -> {
                return new Object[i];
            }));
            this.redisTemplateUtils.expire(correlationKey, duration);
        }
    }

    private Duration saveDeviceCode(String str, OAuth2Authorization.Token<OAuth2DeviceCode> token, Duration duration, Set<String> set) {
        if (token == null || !token.isActive()) {
            return null;
        }
        String deviceCodeKey = getDeviceCodeKey(token.getToken().getTokenValue());
        this.redisTemplateUtils.set(deviceCodeKey, str, duration);
        set.add(deviceCodeKey);
        return duration;
    }

    private Duration saveUserCode(String str, OAuth2Authorization.Token<OAuth2UserCode> token, Duration duration, Set<String> set) {
        if (token == null || !token.isActive()) {
            return null;
        }
        String userCodeKey = getUserCodeKey(token.getToken().getTokenValue());
        this.redisTemplateUtils.set(userCodeKey, str, duration);
        set.add(userCodeKey);
        return duration;
    }

    private void saveTokenMappingUserSession(String str, Object obj, Duration duration, Set<String> set) {
        if (obj == null || !LoginedAuthenticationToken.class.isAssignableFrom(obj.getClass())) {
            return;
        }
        String sessionKey = getSessionKey(str);
        this.redisTemplateUtils.set(sessionKey, new TokenMappingUserSession(str, ((LoginedAuthenticationToken) obj).getUserSessionIdentity()), duration);
        set.add(sessionKey);
    }

    private Duration saveOidcIdToken(String str, OAuth2Authorization.Token<OidcIdToken> token, Set<String> set) {
        if (token == null || !token.isActive()) {
            return null;
        }
        Duration ofMinutes = Duration.ofMinutes(30L);
        String oidcIdKey = getOidcIdKey(token.getToken().getTokenValue());
        this.redisTemplateUtils.set(oidcIdKey, str, ofMinutes);
        set.add(oidcIdKey);
        return ofMinutes;
    }

    private Duration saveRefreshToken(String str, OAuth2Authorization.Token<OAuth2RefreshToken> token, Duration duration, Set<String> set) {
        if (token == null || !token.isActive()) {
            return null;
        }
        String refreshKey = getRefreshKey(token.getToken().getTokenValue());
        this.redisTemplateUtils.set(refreshKey, str, duration);
        set.add(refreshKey);
        return duration;
    }

    private Duration saveAccessToken(String str, OAuth2Authorization.Token<OAuth2AccessToken> token, Duration duration, Set<String> set) {
        if (token == null || !token.isActive()) {
            return null;
        }
        String accessKey = getAccessKey(token.getToken().getTokenValue());
        this.redisTemplateUtils.set(accessKey, str, duration);
        set.add(accessKey);
        return duration;
    }

    private Duration saveState(String str, String str2, Duration duration, Set<String> set) {
        if (StringUtils.isBlank(str2)) {
            return null;
        }
        String stateKey = getStateKey(str2);
        this.redisTemplateUtils.set(stateKey, str, duration);
        set.add(stateKey);
        return duration;
    }

    private Duration saveAuthorizationCode(String str, OAuth2Authorization.Token<OAuth2AuthorizationCode> token, Duration duration, Set<String> set) {
        if (token == null || !token.isActive()) {
            return null;
        }
        String codeKey = getCodeKey(token.getToken().getTokenValue());
        this.redisTemplateUtils.set(codeKey, str, duration);
        set.add(codeKey);
        return duration;
    }

    private Duration compareTimeToLive(Duration duration, Duration duration2) {
        if (duration != null && duration.compareTo(duration2) != -1) {
            return duration;
        }
        return duration2;
    }

    public void remove(OAuth2Authorization oAuth2Authorization) {
        String id = oAuth2Authorization.getId();
        HashSet hashSet = new HashSet();
        hashSet.add(getTokenKey(id));
        hashSet.add(getSessionKey(id));
        Optional.ofNullable(this.redisTemplateUtils.smembers(getCorrelationKey(id))).ifPresent(set -> {
            set.forEach(obj -> {
                hashSet.add((String) obj);
            });
        });
        hashSet.add(getCorrelationKey(id));
        this.redisTemplateUtils.del(hashSet);
    }

    public OAuth2Authorization findById(String str) {
        return (OAuth2Authorization) Optional.ofNullable((OAuth2Authorization) this.redisTemplateUtils.get(getTokenKey(str))).orElse(null);
    }

    public OAuth2Authorization findByToken(String str, OAuth2TokenType oAuth2TokenType) {
        Assert.hasText(str, "token不能为空值");
        if (oAuth2TokenType == null) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getCodeKey(str))).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getAccessKey(str)));
            }).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getRefreshKey(str)));
            }).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getOidcIdKey(str)));
            }).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getStateKey(str)));
            }).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getUserCodeKey(str)));
            }).or(() -> {
                return Optional.ofNullable((String) this.redisTemplateUtils.get(getDeviceCodeKey(str)));
            }).map(this::findById).orElse(null);
        }
        if ("code".equals(oAuth2TokenType.getValue())) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getCodeKey(str))).map(this::findById).orElse(null);
        }
        if (OAuth2TokenType.ACCESS_TOKEN.equals(oAuth2TokenType)) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getAccessKey(str))).map(this::findById).orElse(null);
        }
        if (OAuth2TokenType.REFRESH_TOKEN.equals(oAuth2TokenType)) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getRefreshKey(str))).map(this::findById).orElse(null);
        }
        if ("id_token".equals(oAuth2TokenType.getValue())) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getOidcIdKey(str))).map(this::findById).orElse(null);
        }
        if ("state".equals(oAuth2TokenType.getValue())) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getStateKey(str))).map(this::findById).orElse(null);
        }
        if ("user_code".equals(oAuth2TokenType.getValue())) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getUserCodeKey(str))).map(this::findById).orElse(null);
        }
        if ("device_code".equals(oAuth2TokenType.getValue())) {
            return (OAuth2Authorization) Optional.ofNullable((String) this.redisTemplateUtils.get(getDeviceCodeKey(str))).map(this::findById).orElse(null);
        }
        return null;
    }

    private String getCodeKey(String str) {
        return "SC_OC_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getAccessKey(String str) {
        return "SC_OA_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getRefreshKey(String str) {
        return "SC_OR_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getOidcIdKey(String str) {
        return "SC_OOI_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getCorrelationKey(String str) {
        return "SC_OCT_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getTokenKey(String str) {
        return "SC_OT_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getSessionKey(String str) {
        return "SC_OSID_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getDeviceCodeKey(String str) {
        return "SC_ODC_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getUserCodeKey(String str) {
        return "SC_OUC_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }

    private String getStateKey(String str) {
        return "SC_OS_" + org.cattleframework.utils.auxiliary.StringUtils.getHashName(str);
    }
}
