package com.bizvane.openapi.authentication;

import com.bizvane.openapi.authentication.consts.CodeMessageConsts;
import com.bizvane.openapi.authentication.vo.Client;
import com.bizvane.openapi.authentication.vo.Token;
import com.bizvane.openapi.common.utils.Assert;
import com.bizvane.openapi.common.utils.GeneratorUtils;
import com.bizvane.openapi.common.utils.SignatureUtils;
import java.time.Duration;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import org.apache.commons.lang3.ArrayUtils;
import org.redisson.RedissonMapCache;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.CacheManager;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:BOOT-INF/lib/openapi-auth-server-1.0.5.1-SNAPSHOT.jar:com/bizvane/openapi/authentication/AuthenticationServiceImpl.class */
public class AuthenticationServiceImpl implements AuthenticationService {
    static final String CACHE_CLIENT_DETAIL = "client_detail";
    static final String CACHE_ACCESS_TOKEN = "access_token";
    static final String CACHE_ACCESS_TOKEN_CLIENT = "access_token_client";
    static final String CACHE_REFRESH_TOKEN = "refresh_token";
    static final String CACHE_CLIENT_TOKEN = "client_token";
    static final String CACHE_REFRESH_TOKEN_CLIENT = "refresh_token_client";
    static final String EXPIRESIN_EL = "${spring.cache.redis.caches.access_token.ttl:${spring.cache.redis.timeToLive:-1}}";

    @Autowired
    private CacheManager cacheManager;

    @Value(EXPIRESIN_EL)
    private Duration expiresIn;

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public <T extends Client> void cacheClient(T t) {
        this.cacheManager.getCache(CACHE_CLIENT_DETAIL).put(t.getAppKey(), t);
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public Client getClient(String str) {
        return (Client) this.cacheManager.getCache(CACHE_ACCESS_TOKEN_CLIENT).get(str, Client.class);
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public Client getClientWithAppKey(String str) {
        Assert.hasText(str, CodeMessageConsts.Authentication.APP_KEY_EMPTY);
        return (Client) this.cacheManager.getCache(CACHE_CLIENT_DETAIL).get(str, Client.class);
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public Token accessToken(String str, String str2) {
        Assert.hasText(str, CodeMessageConsts.Authentication.APP_KEY_EMPTY);
        Assert.hasText(str2, CodeMessageConsts.Authentication.APP_SECRET_EMPTY);
        Client clientWithAppKey = getClientWithAppKey(str);
        Assert.notNull(clientWithAppKey, CodeMessageConsts.Authentication.INVALID_APP_KEY);
        Assert.hasText(clientWithAppKey.getAppSecret(), CodeMessageConsts.Authentication.INVALID_APP_KEY);
        Assert.isTrue(str2.equals(clientWithAppKey.getAppSecret()), CodeMessageConsts.Authentication.APPKEY_APPSECRET_MISMATCH);
        return (Token) Optional.ofNullable(getClientToken(str)).orElseGet(() -> {
            return generateTokenAndCache(clientWithAppKey);
        });
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public Token accessToken(Client client) {
        Assert.notNull(client, CodeMessageConsts.Authentication.APP_KEY_EMPTY);
        Assert.hasText(client.getAppKey(), CodeMessageConsts.Authentication.APP_KEY_EMPTY);
        Assert.hasText(client.getAppSecret(), CodeMessageConsts.Authentication.APP_SECRET_EMPTY);
        Token clientToken = getClientToken(client.getAppKey());
        return clientToken == null ? generateTokenAndCache(client) : clientToken;
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public Token refreshToken(String str, String str2) {
        Assert.hasText(str, CodeMessageConsts.Authentication.APP_KEY_EMPTY);
        Client client = (Client) this.cacheManager.getCache(CACHE_REFRESH_TOKEN_CLIENT).get(str2, Client.class);
        Assert.notNull(client, CodeMessageConsts.Authentication.INVALID_REFRESH_TOKEN);
        Assert.isTrue(str.equals(client.getAppKey()), CodeMessageConsts.Authentication.INVALID_APP_KEY);
        Token token = (Token) this.cacheManager.getCache(CACHE_REFRESH_TOKEN).get(str2, Token.class);
        if (token != null) {
            Object nativeCache = this.cacheManager.getCache(CACHE_ACCESS_TOKEN).getNativeCache();
            if (nativeCache instanceof RedissonMapCache) {
                ((RedissonMapCache) nativeCache).put(token.getAccessToken(), token, 60L, TimeUnit.SECONDS);
            }
            Object nativeCache2 = this.cacheManager.getCache(CACHE_ACCESS_TOKEN_CLIENT).getNativeCache();
            if (nativeCache2 instanceof RedissonMapCache) {
                ((RedissonMapCache) nativeCache2).put(token.getAccessToken(), client, 60L, TimeUnit.SECONDS);
            }
        }
        cacheEvict(str2, CACHE_REFRESH_TOKEN_CLIENT, CACHE_REFRESH_TOKEN);
        return generateTokenAndCache(client);
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public boolean verifySignature(String str, String str2, Map<String, Object> map) {
        Assert.hasText(str2, CodeMessageConsts.Authentication.INVALID_ACCESS_TOKEN);
        Assert.hasText(str, CodeMessageConsts.Authentication.SIGNATRUE_EMPTY);
        Assert.notEmpty(map, CodeMessageConsts.Authentication.PARAMS_EMPTY);
        Client client = (Client) this.cacheManager.getCache(CACHE_ACCESS_TOKEN_CLIENT).get(str2, Client.class);
        Assert.notNull(client, CodeMessageConsts.Authentication.INVALID_ACCESS_TOKEN);
        return SignatureUtils.verifySign(client.getAppSecret(), map, str);
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public String signature(String str, Map<String, Object> map) {
        Assert.hasText(str, CodeMessageConsts.Authentication.APP_KEY_EMPTY);
        Client client = (Client) this.cacheManager.getCache(CACHE_CLIENT_DETAIL).get(str, Client.class);
        Assert.notNull(client, CodeMessageConsts.Authentication.INVALID_APP_KEY);
        return SignatureUtils.sign(client.getAppSecret(), map);
    }

    private void cacheToken(Token token, Client client) {
        this.cacheManager.getCache(CACHE_ACCESS_TOKEN).put(token.getAccessToken(), token);
        this.cacheManager.getCache(CACHE_ACCESS_TOKEN_CLIENT).put(token.getAccessToken(), client);
        this.cacheManager.getCache(CACHE_REFRESH_TOKEN).put(token.getRefreshToken(), token);
        this.cacheManager.getCache(CACHE_REFRESH_TOKEN_CLIENT).put(token.getRefreshToken(), client);
    }

    private Token generateTokenAndCache(Client client) {
        Token generateToken = generateToken(client.getAppKey(), client.getAppSecret());
        cacheToken(generateToken, client);
        cacheClientToken(client.getAppKey(), generateToken);
        return generateToken;
    }

    private Token getClientToken(String str) {
        Token token = (Token) this.cacheManager.getCache(CACHE_CLIENT_TOKEN).get(str, Token.class);
        if (token == null) {
            return null;
        }
        Object nativeCache = this.cacheManager.getCache(CACHE_CLIENT_TOKEN).getNativeCache();
        if (nativeCache instanceof RedissonMapCache) {
            token.setExpiresIn(Math.abs(((RedissonMapCache) nativeCache).remainTimeToLive(str)) / 1000);
        }
        return token;
    }

    private void cacheClientToken(String str, Token token) {
        this.cacheManager.getCache(CACHE_CLIENT_TOKEN).put(str, token);
    }

    private void cacheEvict(String str, String... strArr) {
        if (ArrayUtils.isEmpty(strArr)) {
            return;
        }
        for (String str2 : strArr) {
            this.cacheManager.getCache(str2).evict(str);
        }
    }

    @Override // com.bizvane.openapi.authentication.AuthenticationService
    public Client generateClient() {
        String uuid = GeneratorUtils.uuid();
        return new Client(uuid, GeneratorUtils.md5DigestAsHex(uuid));
    }

    private Token generateToken(String str, String str2) {
        String uuid = GeneratorUtils.uuid();
        String md5DigestAsHex = GeneratorUtils.md5DigestAsHex(uuid);
        Token token = new Token();
        token.setAccessToken(uuid);
        token.setRefreshToken(md5DigestAsHex);
        token.setExpiresIn(this.expiresIn.getSeconds());
        return token;
    }
}
