package com.gw.comp.oauth2.mini.client;

import com.gw.comp.oauth2.mini.core.user.GacOAuth2User;
import com.gw.comp.oauth2.mini.core.user.GacOAuth2UserAuthority;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import com.nimbusds.oauth2.sdk.AuthorizationCode;
import com.nimbusds.oauth2.sdk.AuthorizationCodeGrant;
import com.nimbusds.oauth2.sdk.AuthorizationRequest;
import com.nimbusds.oauth2.sdk.GrantType;
import com.nimbusds.oauth2.sdk.ResponseType;
import com.nimbusds.oauth2.sdk.Scope;
import com.nimbusds.oauth2.sdk.TokenRequest;
import com.nimbusds.oauth2.sdk.TokenResponse;
import com.nimbusds.oauth2.sdk.auth.ClientSecretBasic;
import com.nimbusds.oauth2.sdk.auth.Secret;
import com.nimbusds.oauth2.sdk.id.ClientID;
import com.nimbusds.oauth2.sdk.id.State;
import com.nimbusds.oauth2.sdk.token.Tokens;
import java.net.URI;
import java.util.ArrayList;
import java.util.Set;

/* loaded from: input_file:com/gw/comp/oauth2/mini/client/GacOauth2ClientRegistrationAuthorizationCode.class */
public class GacOauth2ClientRegistrationAuthorizationCode extends GacOauth2ClientRegistration {
    public GacOauth2ClientRegistrationAuthorizationCode(String str, String str2, Set<String> set, String str3) {
        super(str, str2, "client_secret_basic", "authorization_code", set, str3);
    }

    public GacOAuth2User getOAuth2User(String str) {
        OAuth2AuthorizedClient oAuth2AuthorizedClient = getOAuth2AuthorizedClient(str);
        if (oAuth2AuthorizedClient == null) {
            return null;
        }
        try {
            JWTClaimsSet jWTClaimsSet = SignedJWT.parse(oAuth2AuthorizedClient.getAccessToken().getValue()).getJWTClaimsSet();
            String[] stringArrayClaim = jWTClaimsSet.getStringArrayClaim("scope");
            ArrayList arrayList = new ArrayList();
            for (String str2 : stringArrayClaim) {
                arrayList.add(new GacOAuth2UserAuthority(str2));
            }
            return new GacOAuth2User(arrayList, jWTClaimsSet.getClaims(), "sub");
        } catch (Exception e) {
            throw new RuntimeException("AccessToken转换GacOAuth2User发生错误", e);
        }
    }

    public URI getAuthorizationRequestURI(String str) throws Exception {
        return new AuthorizationRequest.Builder(new ResponseType(new ResponseType.Value[]{ResponseType.Value.CODE}), new ClientID(getClientId())).scope(Scope.parse(getScope())).state(new State()).redirectionURI(new URI(getRedirectUri())).endpointURI(getAuthorizationEndpointURI()).build().toURI();
    }

    public OAuth2AuthorizedClient authentication(String str, String str2, String str3) throws Exception {
        GrantType.parse(getAuthorizationGrantType());
        Scope parse = Scope.parse(getScope());
        TokenResponse parse2 = TokenResponse.parse(new TokenRequest(getTokenEndpointURI(), new ClientSecretBasic(new ClientID(getClientId()), new Secret(getClientSecret())), new AuthorizationCodeGrant(new AuthorizationCode(str2), new URI(getRedirectUri())), parse).toHTTPRequest().send());
        if (!parse2.indicatesSuccess()) {
            throw new RuntimeException("code码模式返回错误结果:" + parse2.toErrorResponse().toJSONObject().toJSONString());
        }
        Tokens tokens = parse2.toSuccessResponse().getTokens();
        OAuth2AuthorizedClient oAuth2AuthorizedClient = new OAuth2AuthorizedClient(getRegistrationId(), str, tokens.getAccessToken(), tokens.getRefreshToken());
        getAuthorizedClientService().saveAuthorizedClient(oAuth2AuthorizedClient, str);
        return oAuth2AuthorizedClient;
    }
}
