package org.springblade.auth.support;

import java.util.HashMap;
import org.apache.commons.lang.StringUtils;
import org.springblade.auth.endpoint.BladeTokenEndPoint;
import org.springblade.auth.service.BladeUserDetails;
import org.springblade.auth.utils.TokenUtil;
import org.springblade.core.jwt.JwtUtil;
import org.springblade.core.jwt.props.JwtProperties;
import org.springblade.core.tool.utils.Func;
import org.springblade.core.tool.utils.StringUtil;
import org.springblade.system.cache.SysCache;
import org.springblade.system.feign.ISysClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.token.TokenEnhancer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

/* loaded from: input_file:org/springblade/auth/support/BladeJwtTokenEnhancer.class */
public class BladeJwtTokenEnhancer implements TokenEnhancer {

    @Autowired
    JwtAccessTokenConverter jwtAccessTokenConverter;

    @Autowired
    JwtProperties jwtProperties;

    @Autowired
    ISysClient sysClient;

    @Autowired
    BladeTokenEndPoint bladeTokenEndPoint;

    @Autowired
    TokenStore tokenStore;

    public OAuth2AccessToken enhance(OAuth2AccessToken oAuth2AccessToken, OAuth2Authentication oAuth2Authentication) {
        if (oAuth2Authentication != null && oAuth2Authentication.getOAuth2Request() != null && oAuth2Authentication.getOAuth2Request().getGrantType() != null && oAuth2Authentication.getOAuth2Request().getGrantType().equals("client_credentials")) {
            return oAuth2AccessToken;
        }
        BladeUserDetails bladeUserDetails = (BladeUserDetails) oAuth2Authentication.getUserAuthentication().getPrincipal();
        HashMap hashMap = new HashMap(16);
        String clientIdFromHeader = TokenUtil.getClientIdFromHeader();
        hashMap.put(TokenUtil.CLIENT_ID, clientIdFromHeader);
        hashMap.put(TokenUtil.USER_ID, Func.toStr(bladeUserDetails.getUserId()));
        hashMap.put(TokenUtil.DEPT_ID, Func.toStr(bladeUserDetails.getDeptId()));
        hashMap.put(TokenUtil.POST_ID, Func.toStr(bladeUserDetails.getPostId()));
        hashMap.put(TokenUtil.ROLE_ID, Func.toStr(bladeUserDetails.getRoleId()));
        hashMap.put("tenant_id", bladeUserDetails.getTenantId());
        hashMap.put(TokenUtil.ACCOUNT, bladeUserDetails.getAccount());
        hashMap.put(TokenUtil.USER_NAME, bladeUserDetails.getUsername());
        hashMap.put(TokenUtil.NICK_NAME, bladeUserDetails.getName());
        hashMap.put(TokenUtil.REAL_NAME, bladeUserDetails.getRealName());
        hashMap.put(TokenUtil.ROLE_NAME, bladeUserDetails.getRoleName());
        hashMap.put(TokenUtil.AVATAR, bladeUserDetails.getAvatar());
        hashMap.put(TokenUtil.DETAIL, bladeUserDetails.getDetail());
        hashMap.put(TokenUtil.LICENSE, TokenUtil.LICENSE_NAME);
        hashMap.put(TokenUtil.ROLE_ID_NAME, bladeUserDetails.getRoleIdNames());
        ((DefaultOAuth2AccessToken) oAuth2AccessToken).setAdditionalInformation(hashMap);
        if (this.jwtProperties.getState().booleanValue()) {
            String value = this.jwtAccessTokenConverter.enhance(oAuth2AccessToken, oAuth2Authentication).getValue();
            String tenantId = bladeUserDetails.getTenantId();
            String str = Func.toStr(bladeUserDetails.getUserId());
            String str2 = Func.toStr(bladeUserDetails.getRoleId());
            String paramByKey = SysCache.getParamByKey("disallowMultisiteLoginRoles");
            String paramByKey2 = SysCache.getParamByKey("loginTimeout");
            String paramByKey3 = SysCache.getParamByKey("loginTimeoutOpen");
            if (StringUtils.isNotEmpty(paramByKey) && StringUtils.isNotEmpty(str2)) {
                String[] split = str2.split(",");
                int length = split.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (!paramByKey.contains(split[i])) {
                        i++;
                    } else if (!StringUtil.equals("1", paramByKey3) || Integer.parseInt(paramByKey2) <= 0) {
                        JwtUtil.addAccessTokenByUserId(tenantId, clientIdFromHeader, str, value, oAuth2AccessToken.getExpiresIn());
                    } else {
                        JwtUtil.addAccessTokenByUserId(tenantId, clientIdFromHeader, str, value, Integer.parseInt(paramByKey2) * 60);
                    }
                }
            }
            if ("null".equals(JwtUtil.getAccessTokenByUserId(tenantId, clientIdFromHeader, str, value))) {
                if (!StringUtil.equals("1", paramByKey3) || Integer.parseInt(paramByKey2) <= 0) {
                    JwtUtil.addAccessToken(tenantId, clientIdFromHeader, str, value, oAuth2AccessToken.getExpiresIn());
                } else {
                    JwtUtil.addAccessToken(tenantId, clientIdFromHeader, str, value, Integer.parseInt(paramByKey2) * 60);
                }
            }
        }
        return oAuth2AccessToken;
    }
}
