package com.xingyuv.jushauth.request;

import com.alibaba.fastjson.JSONObject;
import com.xingyuv.http.support.HttpHeader;
import com.xingyuv.http.util.UrlUtil;
import com.xingyuv.jushauth.cache.AuthStateCache;
import com.xingyuv.jushauth.config.AuthConfig;
import com.xingyuv.jushauth.config.AuthDefaultSource;
import com.xingyuv.jushauth.enums.AuthResponseStatus;
import com.xingyuv.jushauth.enums.AuthUserGender;
import com.xingyuv.jushauth.enums.scope.AuthAmazonScope;
import com.xingyuv.jushauth.exception.AuthException;
import com.xingyuv.jushauth.model.AuthCallback;
import com.xingyuv.jushauth.model.AuthResponse;
import com.xingyuv.jushauth.model.AuthToken;
import com.xingyuv.jushauth.model.AuthUser;
import com.xingyuv.jushauth.utils.AuthScopeUtils;
import com.xingyuv.jushauth.utils.HttpUtils;
import com.xingyuv.jushauth.utils.PkceUtil;
import com.xingyuv.jushauth.utils.UrlBuilder;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;

/* loaded from: input_file:com/xingyuv/jushauth/request/AuthAmazonRequest.class */
public class AuthAmazonRequest extends AuthDefaultRequest {
    public AuthAmazonRequest(AuthConfig authConfig) {
        super(authConfig, AuthDefaultSource.AMAZON);
    }

    public AuthAmazonRequest(AuthConfig authConfig, AuthStateCache authStateCache) {
        super(authConfig, AuthDefaultSource.AMAZON, authStateCache);
    }

    @Override // com.xingyuv.jushauth.request.AuthDefaultRequest, com.xingyuv.jushauth.request.AuthRequest
    public String authorize(String str) {
        UrlBuilder queryParam = UrlBuilder.fromBaseUrl(this.source.authorize()).queryParam("client_id", this.config.getClientId()).queryParam("scope", getScopes(" ", true, AuthScopeUtils.getDefaultScopes(AuthAmazonScope.values()))).queryParam("redirect_uri", this.config.getRedirectUri()).queryParam("response_type", "code").queryParam("state", getRealState(str));
        if (this.config.isPkce()) {
            String concat = this.source.getName().concat(":code_verifier:").concat(this.config.getClientId());
            String generateCodeVerifier = PkceUtil.generateCodeVerifier();
            queryParam.queryParam("code_challenge", PkceUtil.generateCodeChallenge("S256", generateCodeVerifier)).queryParam("code_challenge_method", "S256");
            this.authStateCache.cache(concat, generateCodeVerifier, TimeUnit.MINUTES.toMillis(10L));
        }
        return queryParam.build();
    }

    @Override // com.xingyuv.jushauth.request.AuthDefaultRequest
    protected AuthToken getAccessToken(AuthCallback authCallback) {
        HashMap hashMap = new HashMap(9);
        hashMap.put("grant_type", "authorization_code");
        hashMap.put("code", authCallback.getCode());
        hashMap.put("redirect_uri", this.config.getRedirectUri());
        hashMap.put("client_id", this.config.getClientId());
        hashMap.put("client_secret", this.config.getClientSecret());
        if (this.config.isPkce()) {
            hashMap.put("code_verifier", this.authStateCache.get(this.source.getName().concat(":code_verifier:").concat(this.config.getClientId())));
        }
        return getToken(hashMap, this.source.accessToken());
    }

    @Override // com.xingyuv.jushauth.request.AuthRequest
    public AuthResponse refresh(AuthToken authToken) {
        HashMap hashMap = new HashMap(7);
        hashMap.put("grant_type", "refresh_token");
        hashMap.put("refresh_token", authToken.getRefreshToken());
        hashMap.put("client_id", this.config.getClientId());
        hashMap.put("client_secret", this.config.getClientSecret());
        return AuthResponse.builder().code(AuthResponseStatus.SUCCESS.getCode()).data(getToken(hashMap, this.source.refresh())).build();
    }

    private AuthToken getToken(Map<String, String> map, String str) {
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Host", "api.amazon.com");
        httpHeader.add("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
        JSONObject parseObject = JSONObject.parseObject(new HttpUtils(this.config.getHttpConfig()).post(str, map, httpHeader, false).getBody());
        checkResponse(parseObject);
        return AuthToken.builder().accessToken(parseObject.getString("access_token")).tokenType(parseObject.getString("token_type")).expireIn(parseObject.getIntValue("expires_in")).refreshToken(parseObject.getString("refresh_token")).build();
    }

    private void checkResponse(JSONObject jSONObject) {
        if (jSONObject.containsKey("error")) {
            throw new AuthException(jSONObject.getString("error_description").concat(" ") + jSONObject.getString("error_description"));
        }
    }

    @Override // com.xingyuv.jushauth.request.AuthDefaultRequest
    protected AuthUser getUserInfo(AuthToken authToken) {
        String accessToken = authToken.getAccessToken();
        checkToken(accessToken);
        HttpHeader httpHeader = new HttpHeader();
        httpHeader.add("Host", "api.amazon.com");
        httpHeader.add("Authorization", "bearer " + accessToken);
        JSONObject parseObject = JSONObject.parseObject(new HttpUtils(this.config.getHttpConfig()).get(this.source.userInfo(), new HashMap(0), httpHeader, false).getBody());
        checkResponse(parseObject);
        return AuthUser.builder().rawUserInfo(parseObject).uuid(parseObject.getString("user_id")).username(parseObject.getString("name")).nickname(parseObject.getString("name")).email(parseObject.getString("email")).gender(AuthUserGender.UNKNOWN).source(this.source.toString()).token(authToken).build();
    }

    private void checkToken(String str) {
        if (!this.config.getClientId().equals(JSONObject.parseObject(new HttpUtils(this.config.getHttpConfig()).get("https://api.amazon.com/auth/o2/tokeninfo?access_token=" + UrlUtil.urlEncode(str)).getBody()).getString("aud"))) {
            throw new AuthException(AuthResponseStatus.ILLEGAL_TOKEN);
        }
    }

    @Override // com.xingyuv.jushauth.request.AuthDefaultRequest
    protected String userInfoUrl(AuthToken authToken) {
        return UrlBuilder.fromBaseUrl(this.source.userInfo()).queryParam("user_id", authToken.getUserId()).queryParam("screen_name", authToken.getScreenName()).queryParam("include_entities", true).build();
    }
}
