package com.supwisdom.insititute.token.server.oauth2.client.webapi.controller;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.supwisdom.insititute.token.server.account.domain.entity.Account;
import com.supwisdom.insititute.token.server.core.exception.DefaultErrorException;
import com.supwisdom.insititute.token.server.core.state.State;
import com.supwisdom.insititute.token.server.core.state.StateStore;
import com.supwisdom.insititute.token.server.oauth2.client.domain.oauth2client.OAuth2ClientFactory;
import com.supwisdom.insititute.token.server.oauth2.client.domain.oauth2client.OAuth2ClientUserinfo;
import com.supwisdom.insititute.token.server.security.domain.authentication.OAuth2ClientLoginAuthenticationToken;
import com.supwisdom.insititute.token.server.security.domain.core.userdetails.TokenUser;
import com.supwisdom.insititute.token.server.security.domain.service.AuthService;
import com.supwisdom.insititute.token.server.security.domain.service.TokenService;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:BOOT-INF/lib/token-server-oauth2-client-webapi-1.7.4-RELEASE.jar:com/supwisdom/insititute/token/server/oauth2/client/webapi/controller/OAuth2ClientController.class */
public class OAuth2ClientController {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OAuth2ClientController.class);
    public static final String OAUTH2_CLIENT_ENDPOINT = "/oauth2client/oauth2client";
    public static final String REDIRECT_URI_ENDPOINT = "/oauth2client/oauth2clientRedirectUri";
    public static final String CALLBACK_ENDPOINT = "/oauth2client/oauth2clientCallback";
    public static final String USERINFO_ENDPOINT = "/oauth2client/oauth2clientUserInfo";
    public static final String LOGIN_ENDPOINT = "/oauth2client/oauth2clientLogin";
    private static final String OAUTH2_CLIENT_STATE_KEY_PREFIX = "OAUTH2_CLIENT_STATE";

    @Autowired
    private MessageSourceAccessor messageSourceAccessor;

    @Autowired
    private StateStore redisStateStore;

    @Autowired
    OAuth2ClientFactory oauth2ClientFactory;

    @Autowired
    protected AuthService authService;

    @Autowired
    protected TokenService tokenService;

    @RequestMapping(method = {RequestMethod.GET}, path = {"/oauth2client/oauth2client/{clientName}"})
    public void oauth2client(@PathVariable(name = "clientName") String str, @RequestParam(name = "appId") String str2, @RequestParam(name = "deviceId") String str3, @RequestParam(name = "redirectUri", required = false) String str4, @RequestParam(name = "state") String str5, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        State state = new State();
        state.put("appId", str2);
        state.put("deviceId", str3);
        state.put("redirectUri", str4);
        state.put("state", str5);
        String saveState = this.redisStateStore.saveState(OAUTH2_CLIENT_STATE_KEY_PREFIX, state);
        OAuth2ClientFactory.OAuth2Client oAuth2Client = this.oauth2ClientFactory.getClients().get(str);
        String callbackUri = oAuth2Client.getCallbackUri();
        if (oAuth2Client != null) {
            String authzUrl = oAuth2Client.getService().getAuthzUrl(oAuth2Client, str4, saveState);
            if (oAuth2Client.isAutoRedirect()) {
                httpServletResponse.sendRedirect(authzUrl);
                return;
            }
            JSONObject jSONObject = new JSONObject();
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("nonce", (Object) saveState);
            jSONObject2.put("authorizeUrl", (Object) authzUrl);
            jSONObject2.put("callbackUri", (Object) callbackUri);
            String authzInfo = oAuth2Client.getService().getAuthzInfo(oAuth2Client, saveState);
            if (authzInfo != null) {
                jSONObject2.put("authzInfo", (Object) authzInfo);
            }
            jSONObject.put("code", (Object) 0);
            jSONObject.put("data", (Object) jSONObject2);
            log.debug("result: {}", jSONObject.toJSONString());
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            httpServletResponse.getWriter().write(jSONObject.toJSONString());
        }
    }

    @RequestMapping(method = {RequestMethod.GET, RequestMethod.POST}, path = {"/oauth2client/oauth2clientRedirectUri/{clientName}"})
    public void oauth2clientRedirectUri(@PathVariable(name = "clientName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendRedirect("superapp://oauth2client?" + httpServletRequest.getQueryString());
    }

    @RequestMapping(method = {RequestMethod.GET, RequestMethod.POST}, path = {"/oauth2client/oauth2clientCallback/{clientName}"})
    public void oauth2clientCallback(@PathVariable(name = "clientName") String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("nonce");
        if (parameter == null || parameter.isEmpty()) {
            parameter = httpServletRequest.getParameter("state");
        }
        if (parameter == null || parameter.isEmpty()) {
            throw new DefaultErrorException(500, "exception.oauth2client.callback.parameter.error");
        }
        State loadState = this.redisStateStore.loadState(OAUTH2_CLIENT_STATE_KEY_PREFIX, parameter);
        if (loadState == null) {
            throw new DefaultErrorException(500, "exception.oauth2client.callback.state.invalid");
        }
        log.debug("oauth2clientCallback.stateData is {}", JSON.toJSONString(loadState.getStateData()));
        String valueOf = String.valueOf(loadState.get("state"));
        OAuth2ClientFactory.OAuth2Client oAuth2Client = this.oauth2ClientFactory.getClients().get(str);
        OAuth2ClientUserinfo userinfo = oAuth2Client.getService().getUserinfo(oAuth2Client, httpServletRequest, httpServletResponse);
        if (userinfo == null) {
            throw new DefaultErrorException(500, "exception.oauth2client.callback.code.invalid, or oauth2clientClient error");
        }
        loadState.put("oauth2clientUserInfo", JSONObject.toJSONString(userinfo));
        String saveState = this.redisStateStore.saveState(OAUTH2_CLIENT_STATE_KEY_PREFIX, loadState);
        if (oAuth2Client.isAutoRedirect()) {
            String valueOf2 = String.valueOf(loadState.get("redirectUri"));
            httpServletResponse.sendRedirect(((valueOf2 + (valueOf2.indexOf("?") <= 0 ? "?" : BeanFactory.FACTORY_BEAN_PREFIX)) + "state=" + valueOf) + "&nonce=" + saveState);
            return;
        }
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("state", (Object) valueOf);
        jSONObject2.put("nonce", (Object) saveState);
        jSONObject.put("code", (Object) 0);
        jSONObject.put("data", (Object) jSONObject2);
        log.debug("result: {}", jSONObject.toJSONString());
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.getWriter().write(jSONObject.toJSONString());
    }

    @RequestMapping(method = {RequestMethod.POST}, path = {LOGIN_ENDPOINT}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public String oauth2clientLogin(@RequestParam(name = "appId", required = false) String str, @RequestParam(name = "deviceId", required = false) String str2, @RequestParam(name = "nonce") String str3, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (str3 == null || str3.isEmpty()) {
            throw new DefaultErrorException(500, "exception.oauth2client.login.parameter.error");
        }
        State loadState = this.redisStateStore.loadState(OAUTH2_CLIENT_STATE_KEY_PREFIX, str3);
        if (loadState == null) {
            throw new DefaultErrorException(500, "exception.oauth2client.login.state.invalid");
        }
        log.debug("oauth2clientLogin.stateData is {}", JSON.toJSONString(loadState.getStateData()));
        if (!loadState.containsKey("oauth2clientUserInfo")) {
            throw new DefaultErrorException(500, "exception.oauth2client.login.state.error");
        }
        String string = loadState.getString("oauth2clientUserInfo");
        if (string == null) {
            throw new DefaultErrorException(500, "state data error, oauth2clientUserInfo is null");
        }
        if (((OAuth2ClientUserinfo) JSON.parseObject(string).toJavaObject(OAuth2ClientUserinfo.class)) == null) {
            throw new DefaultErrorException(500, "state data error, oauth2clientUserInfo is null");
        }
        TokenUser tokenUser = null;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof OAuth2ClientLoginAuthenticationToken) {
            OAuth2ClientLoginAuthenticationToken oAuth2ClientLoginAuthenticationToken = (OAuth2ClientLoginAuthenticationToken) authentication;
            if (oAuth2ClientLoginAuthenticationToken.isAuthenticated() && (oAuth2ClientLoginAuthenticationToken.getPrincipal() instanceof TokenUser)) {
                tokenUser = (TokenUser) oAuth2ClientLoginAuthenticationToken.getPrincipal();
            }
        }
        if (tokenUser == null) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("nonce", (Object) str3);
            jSONObject.put("message", (Object) "oauth2client error, oauth2clientId not bind any user");
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("code", (Object) 1001);
            jSONObject2.put("data", (Object) jSONObject);
            log.debug("result: {}", jSONObject2.toJSONString());
            return jSONObject2.toJSONString();
        }
        Map<String, String> requestParamter = this.authService.getRequestParamter(loadState);
        List<Account> accounts = tokenUser.getAccounts();
        if (accounts == null || accounts.isEmpty()) {
            throw new DefaultErrorException(500, "username error, username not exist any account");
        }
        if (accounts != null && accounts.size() > 1) {
            String buildCid = this.authService.buildCid(str, str2, accounts, requestParamter);
            JSONArray convertAccounts = convertAccounts(accounts);
            JSONObject jSONObject3 = new JSONObject();
            jSONObject3.put("cid", (Object) buildCid);
            jSONObject3.put("accounts", (Object) convertAccounts);
            JSONObject jSONObject4 = new JSONObject();
            jSONObject4.put("code", (Object) 100000);
            jSONObject4.put("message", (Object) this.messageSourceAccessor.getMessage("multi.account.choose", "select one account from accounts"));
            jSONObject4.put("data", (Object) jSONObject3);
            return jSONObject4.toJSONString();
        }
        Account account = accounts.get(0);
        this.redisStateStore.expireState(OAUTH2_CLIENT_STATE_KEY_PREFIX, str3);
        JSONObject jSONObject5 = new JSONObject();
        if (!account.getUserNonActivated().booleanValue()) {
            JSONObject generateToken = this.tokenService.generateToken(str, str2, tokenUser, requestParamter);
            String string2 = generateToken.getString("idToken");
            String string3 = generateToken.getString("refreshToken");
            jSONObject5.put("idToken", (Object) string2);
            jSONObject5.put("refreshToken", (Object) string3);
        }
        jSONObject5.put("userNonActivated", (Object) account.getUserNonActivated());
        jSONObject5.put("userNonCompleted", (Object) account.getUserNonCompleted());
        jSONObject5.put("passwordStatus", (Object) 0);
        JSONObject jSONObject6 = new JSONObject();
        jSONObject6.put("code", (Object) 0);
        jSONObject6.put("data", (Object) jSONObject5);
        log.debug("result: {}", jSONObject6.toJSONString());
        return jSONObject6.toJSONString();
    }

    private JSONArray convertAccounts(List<Account> list) {
        JSONArray jSONArray = new JSONArray();
        for (Account account : list) {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("id", (Object) account.getId());
            jSONObject.put("username", (Object) account.getUsername());
            jSONObject.put("name", (Object) account.getName());
            jSONObject.put("identityTypeName", (Object) account.getIdentityTypeName());
            jSONObject.put("organizationName", (Object) account.getOrganizationName());
            jSONObject.put("normal", (Object) Boolean.valueOf(account.isNormal()));
            jSONArray.add(jSONObject);
        }
        return jSONArray;
    }
}
