package com.fujieid.jap.ids.util;

import cn.hutool.core.util.ObjectUtil;
import com.fujieid.jap.http.JapHttpRequest;
import com.fujieid.jap.http.RequestUtil;
import com.fujieid.jap.ids.JapIds;
import com.fujieid.jap.ids.exception.IdsTokenException;
import com.fujieid.jap.ids.exception.InvalidTokenException;
import com.fujieid.jap.ids.model.AccessToken;
import com.fujieid.jap.ids.model.ClientDetail;
import com.fujieid.jap.ids.model.IdsConsts;
import com.fujieid.jap.ids.model.IdsRequestParam;
import com.fujieid.jap.ids.model.UserInfo;
import com.fujieid.jap.ids.model.enums.ErrorResponse;
import com.fujieid.jap.ids.model.enums.TokenAuthMethod;
import com.fujieid.jap.ids.service.IdsTokenService;
import com.xkcoding.json.util.StringUtil;
import java.util.Collections;
import java.util.Date;
import java.util.List;

/* loaded from: input_file:com/fujieid/jap/ids/util/TokenUtil.class */
public class TokenUtil {
    public static String getAccessToken(JapHttpRequest japHttpRequest) {
        String accessTokenFromHeader;
        String accessTokenFromUrl;
        List<TokenAuthMethod> tokenAuthMethods = JapIds.getIdsConfig().getTokenAuthMethods();
        if (ObjectUtil.isEmpty(tokenAuthMethods)) {
            tokenAuthMethods = Collections.singletonList(TokenAuthMethod.ALL);
        }
        if (tokenAuthMethods.contains(TokenAuthMethod.ALL)) {
            String accessTokenFromUrl2 = getAccessTokenFromUrl(japHttpRequest);
            if (StringUtil.isEmpty(accessTokenFromUrl2)) {
                accessTokenFromUrl2 = getAccessTokenFromHeader(japHttpRequest);
                if (StringUtil.isEmpty(accessTokenFromUrl2)) {
                    accessTokenFromUrl2 = getAccessTokenFromCookie(japHttpRequest);
                }
            }
            return accessTokenFromUrl2;
        }
        if (tokenAuthMethods.contains(TokenAuthMethod.TOKEN_URL) && (accessTokenFromUrl = getAccessTokenFromUrl(japHttpRequest)) != null) {
            return accessTokenFromUrl;
        }
        if (tokenAuthMethods.contains(TokenAuthMethod.TOKEN_HEADER) && (accessTokenFromHeader = getAccessTokenFromHeader(japHttpRequest)) != null) {
            return accessTokenFromHeader;
        }
        if (tokenAuthMethods.contains(TokenAuthMethod.TOKEN_COOKIE)) {
            return getAccessTokenFromCookie(japHttpRequest);
        }
        return null;
    }

    private static String getAccessTokenFromUrl(JapHttpRequest japHttpRequest) {
        String param = RequestUtil.getParam(IdsConsts.ACCESS_TOKEN, japHttpRequest);
        if (StringUtil.isNotEmpty(param)) {
            return param;
        }
        return null;
    }

    private static String getAccessTokenFromHeader(JapHttpRequest japHttpRequest) {
        return BearerToken.parse(RequestUtil.getHeader(IdsConsts.AUTHORIZATION_HEADER_NAME, japHttpRequest));
    }

    private static String getAccessTokenFromCookie(JapHttpRequest japHttpRequest) {
        return RequestUtil.getCookieVal(japHttpRequest, IdsConsts.ACCESS_TOKEN);
    }

    public static String createIdToken(ClientDetail clientDetail, UserInfo userInfo, String str, String str2) {
        return JwtUtil.createJwtToken(clientDetail.getClientId(), userInfo, Long.valueOf(OauthUtil.getIdTokenExpiresIn(clientDetail.getIdTokenExpiresIn())), str, str2);
    }

    public static String createIdToken(ClientDetail clientDetail, UserInfo userInfo, IdsRequestParam idsRequestParam, String str) {
        return JwtUtil.createJwtToken(clientDetail.getClientId(), userInfo, Long.valueOf(OauthUtil.getIdTokenExpiresIn(clientDetail.getIdTokenExpiresIn())), idsRequestParam.getNonce(), OauthUtil.convertStrToList(idsRequestParam.getScope()), idsRequestParam.getResponseType(), str);
    }

    public static AccessToken createAccessToken(UserInfo userInfo, ClientDetail clientDetail, String str, String str2, String str3, String str4) {
        String clientId = clientDetail.getClientId();
        long accessTokenExpiresIn = OauthUtil.getAccessTokenExpiresIn(clientDetail.getAccessTokenExpiresIn());
        long refreshTokenExpiresIn = OauthUtil.getRefreshTokenExpiresIn(clientDetail.getRefreshTokenExpiresIn());
        IdsTokenService tokenService = JapIds.getContext().getTokenService();
        if (null == tokenService) {
            throw new IdsTokenException("com.fujieid.jap.ids.service.IdsTokenService has not been injected");
        }
        String createAccessToken = tokenService.createAccessToken(clientId, userInfo, Long.valueOf(accessTokenExpiresIn), str3, str4, null);
        String createRefreshToken = tokenService.createRefreshToken(clientId, OauthUtil.convertStrToList(str2));
        AccessToken accessToken = new AccessToken();
        accessToken.setAccessToken(createAccessToken);
        accessToken.setRefreshToken(createRefreshToken);
        accessToken.setGrantType(str);
        if (null != userInfo) {
            accessToken.setUserName(userInfo.getUsername());
            accessToken.setUserId(userInfo.getId());
        }
        accessToken.setClientId(clientId);
        accessToken.setScope(str2);
        accessToken.setRefreshTokenExpiresIn(Long.valueOf(refreshTokenExpiresIn));
        accessToken.setAccessTokenExpiresIn(Long.valueOf(accessTokenExpiresIn));
        accessToken.setAccessTokenExpiration(OauthUtil.getAccessTokenExpiresAt(Long.valueOf(accessTokenExpiresIn)));
        accessToken.setRefreshTokenExpiration(OauthUtil.getRefreshTokenExpiresAt(Long.valueOf(refreshTokenExpiresIn)));
        String str5 = IdsConsts.OAUTH_ACCESS_TOKEN_CACHE_KEY + createAccessToken;
        String str6 = IdsConsts.OAUTH_REFRESH_TOKEN_CACHE_KEY + createRefreshToken;
        JapIds.getContext().getCache().set(str5, accessToken, accessTokenExpiresIn * 1000);
        JapIds.getContext().getCache().set(str6, accessToken, refreshTokenExpiresIn * 1000);
        return accessToken;
    }

    public static AccessToken refreshAccessToken(UserInfo userInfo, ClientDetail clientDetail, AccessToken accessToken, String str, String str2) {
        String accessToken2 = accessToken.getAccessToken();
        Long valueOf = Long.valueOf(OauthUtil.getAccessTokenExpiresIn(clientDetail.getAccessTokenExpiresIn()));
        IdsTokenService tokenService = JapIds.getContext().getTokenService();
        if (null == tokenService) {
            throw new IdsTokenException("com.fujieid.jap.ids.service.IdsTokenService has not been injected");
        }
        String createAccessToken = tokenService.createAccessToken(clientDetail.getClientId(), userInfo, valueOf, str, str2, null);
        accessToken.setAccessToken(createAccessToken);
        accessToken.setAccessTokenExpiresIn(valueOf);
        accessToken.setAccessTokenExpiration(OauthUtil.getAccessTokenExpiresAt(valueOf));
        JapIds.getContext().getCache().set(IdsConsts.OAUTH_ACCESS_TOKEN_CACHE_KEY + createAccessToken, accessToken, valueOf.longValue() * 1000);
        JapIds.getContext().getCache().removeKey(IdsConsts.OAUTH_ACCESS_TOKEN_CACHE_KEY + accessToken2);
        return accessToken;
    }

    public static AccessToken createClientCredentialsAccessToken(ClientDetail clientDetail, String str, String str2, String str3, String str4) {
        return createAccessToken(null, clientDetail, str, str2, str3, str4);
    }

    public static void invalidateToken(JapHttpRequest japHttpRequest) {
        String accessToken = getAccessToken(japHttpRequest);
        AccessToken byAccessToken = getByAccessToken(accessToken);
        if (null != byAccessToken) {
            String str = IdsConsts.OAUTH_ACCESS_TOKEN_CACHE_KEY + accessToken;
            String str2 = IdsConsts.OAUTH_REFRESH_TOKEN_CACHE_KEY + byAccessToken.getRefreshToken();
            JapIds.getContext().getCache().removeKey(str);
            JapIds.getContext().getCache().removeKey(str2);
        }
    }

    public static void validateAccessToken(String str) {
        AccessToken byAccessToken = getByAccessToken(str);
        if (byAccessToken == null) {
            throw new InvalidTokenException(ErrorResponse.INVALID_TOKEN);
        }
        if (byAccessToken.getAccessTokenExpiration().before(new Date())) {
            throw new InvalidTokenException(ErrorResponse.EXPIRED_TOKEN);
        }
    }

    public static void validateRefreshToken(String str) {
        AccessToken byRefreshToken = getByRefreshToken(str);
        if (byRefreshToken == null) {
            throw new InvalidTokenException(ErrorResponse.INVALID_TOKEN);
        }
        if (byRefreshToken.getRefreshTokenExpiration().before(new Date())) {
            throw new InvalidTokenException(ErrorResponse.EXPIRED_TOKEN);
        }
    }

    public static AccessToken getByAccessToken(String str) {
        if (null == str) {
            return null;
        }
        return (AccessToken) OauthUtil.objToBean(JapIds.getContext().getCache().get(IdsConsts.OAUTH_ACCESS_TOKEN_CACHE_KEY + BearerToken.parse(str)), AccessToken.class);
    }

    public static AccessToken getByRefreshToken(String str) {
        if (null == str) {
            return null;
        }
        return (AccessToken) OauthUtil.objToBean(JapIds.getContext().getCache().get(IdsConsts.OAUTH_REFRESH_TOKEN_CACHE_KEY + str), AccessToken.class);
    }
}
