package com.dtflys.forest.lifecycles.authorization;

import com.alibaba.druid.pool.DruidDataSourceFactory;
import com.dtflys.forest.converter.ForestConverter;
import com.dtflys.forest.exceptions.ForestRuntimeException;
import com.dtflys.forest.extensions.OAuth2;
import com.dtflys.forest.handler.OAuth2DefinitionHandler;
import com.dtflys.forest.http.ForestRequest;
import com.dtflys.forest.http.ForestResponse;
import com.dtflys.forest.lifecycles.MethodAnnotationLifeCycle;
import com.dtflys.forest.reflection.ForestMethod;
import com.dtflys.forest.utils.ForestDataType;
import com.dtflys.forest.utils.StringUtils;
import java.time.Duration;
import java.time.LocalDateTime;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.annotation.Nonnull;

/* loaded from: input_file:BOOT-INF/lib/forest-core-1.5.26.jar:com/dtflys/forest/lifecycles/authorization/OAuth2LifeCycle.class */
public class OAuth2LifeCycle implements MethodAnnotationLifeCycle<OAuth2, Object> {
    private final byte[] lock = new byte[0];
    private final Map<String, TokenCache> cache = new LinkedHashMap();
    private OAuth2Client oAuth2Client;

    /* loaded from: input_file:BOOT-INF/lib/forest-core-1.5.26.jar:com/dtflys/forest/lifecycles/authorization/OAuth2LifeCycle$TokenCache.class */
    public static class TokenCache {
        private final String clientId;
        private final String accessToken;
        private final String refreshToken;

        @Deprecated
        private final String tokenType;
        private final LocalDateTime expiresAt;

        public TokenCache(String str, OAuth2Token oAuth2Token) {
            if (oAuth2Token.hasError()) {
                throw new ForestRuntimeException("OAuth2 request Token failure, response: " + oAuth2Token.getErrorMessage());
            }
            this.clientId = str;
            this.accessToken = oAuth2Token.getAccess_token();
            this.refreshToken = oAuth2Token.getRefresh_token();
            this.tokenType = oAuth2Token.getToken_type();
            Long expires_in = oAuth2Token.getExpires_in();
            this.expiresAt = LocalDateTime.now().plusSeconds((expires_in == null ? 0L : expires_in).longValue());
        }

        public boolean isNoExpires() {
            return LocalDateTime.now().isBefore(this.expiresAt);
        }

        public long getExpiresIn() {
            return Duration.between(LocalDateTime.now(), this.expiresAt).getSeconds();
        }

        public String getClientId() {
            return this.clientId;
        }

        public String getAccessToken() {
            return this.accessToken;
        }

        public String getTokenType() {
            return this.tokenType;
        }

        public String getRefreshToken() {
            return this.refreshToken;
        }

        public LocalDateTime getExpiresAt() {
            return this.expiresAt;
        }
    }

    @Override // com.dtflys.forest.lifecycles.MethodAnnotationLifeCycle
    public void onMethodInitialized(ForestMethod forestMethod, OAuth2 oAuth2) {
        this.oAuth2Client = (OAuth2Client) forestMethod.getConfiguration().createInstance(OAuth2Client.class);
    }

    @Override // com.dtflys.forest.interceptor.Interceptor
    public boolean beforeExecute(ForestRequest forestRequest) {
        TokenCache tokenCache = getTokenCache(forestRequest);
        OAuth2.TokenAt tokenAt = (OAuth2.TokenAt) getAttribute(forestRequest, "tokenAt");
        String tokenVariable = tokenAt.getTokenVariable(getAttributeAsString(forestRequest, "tokenVariable"));
        String tokenValue = tokenAt.getTokenValue(getAttributeAsString(forestRequest, "tokenPrefix"), tokenCache.getAccessToken());
        if (tokenAt == OAuth2.TokenAt.HEADER) {
            forestRequest.addHeader(tokenVariable, tokenValue);
            return true;
        }
        forestRequest.addQuery(tokenVariable, tokenValue);
        return true;
    }

    private String getCacheId(ForestRequest forestRequest) {
        String attributeAsString = getAttributeAsString(forestRequest, "cacheId");
        if (StringUtils.isNotBlank(attributeAsString)) {
            return attributeAsString;
        }
        return getAttributeAsString(forestRequest, "tokenUri") + ":" + getAttributeAsString(forestRequest, "clientId") + ":" + getAttribute(forestRequest, "grantType") + ":" + getAttributeAsString(forestRequest, "scope") + ":" + getAttributeAsString(forestRequest, DruidDataSourceFactory.PROP_USERNAME);
    }

    private TokenCache getTokenCache(ForestRequest forestRequest) {
        String cacheId = getCacheId(forestRequest);
        TokenCache tokenCache = this.cache.get(cacheId);
        return tokenCache == null ? obtainTokenCache(forestRequest, cacheId, null) : obtainRefreshTokenCache(forestRequest, cacheId, obtainTokenCache(forestRequest, cacheId, tokenCache));
    }

    @Nonnull
    private TokenCache obtainTokenCache(ForestRequest forestRequest, String str, TokenCache tokenCache) {
        if (tokenCache != null && tokenCache.getExpiresIn() > 0) {
            return tokenCache;
        }
        synchronized (this.lock) {
            TokenCache tokenCache2 = this.cache.get(str);
            if (tokenCache2 != null && tokenCache2.getExpiresIn() > 0) {
                return tokenCache2;
            }
            TokenCache requestToken = requestToken(forestRequest);
            this.cache.put(str, requestToken);
            return requestToken;
        }
    }

    @Nonnull
    private TokenCache obtainRefreshTokenCache(ForestRequest forestRequest, String str, @Nonnull TokenCache tokenCache) {
        int intValue = getAttributeAsInteger(forestRequest, "refreshAtExpiresBefore").intValue();
        if (tokenCache.getExpiresIn() > intValue) {
            return tokenCache;
        }
        synchronized (this.lock) {
            TokenCache tokenCache2 = this.cache.get(str);
            if (tokenCache2.getExpiresIn() > intValue) {
                return tokenCache2;
            }
            TokenCache requestToken = StringUtils.isBlank(tokenCache2.getRefreshToken()) ? requestToken(forestRequest) : requestRefreshToken(forestRequest, tokenCache2);
            this.cache.put(str, requestToken);
            return requestToken;
        }
    }

    @Nonnull
    private TokenCache requestToken(ForestRequest forestRequest) {
        String attributeAsString = getAttributeAsString(forestRequest, "clientId");
        return executeRequestToken(forestRequest, attributeAsString, createRequestBody(attributeAsString, forestRequest, true));
    }

    private TokenCache requestRefreshToken(ForestRequest forestRequest, TokenCache tokenCache) {
        String attributeAsString = getAttributeAsString(forestRequest, "clientId");
        Map<String, Object> createRequestBody = createRequestBody(attributeAsString, forestRequest, false);
        createRequestBody.put("grant_type", "refresh_token");
        createRequestBody.put("refresh_token", tokenCache.getRefreshToken());
        return executeRequestToken(forestRequest, attributeAsString, createRequestBody);
    }

    private TokenCache executeRequestToken(ForestRequest forestRequest, String str, Map<String, Object> map) {
        map.putAll(kv2map((String[]) getAttribute(forestRequest, "body")));
        Map<String, Object> kv2map = kv2map((String[]) getAttribute(forestRequest, "query"));
        Class cls = (Class) getAttribute(forestRequest, "OAuth2TokenHandler", Class.class);
        ForestResponse<String> forestResponse = this.oAuth2Client.token(getAttributeAsString(forestRequest, "tokenUri"), kv2map, map);
        try {
            OAuth2Token oAuth2Token = ((OAuth2DefinitionHandler) cls.newInstance()).getOAuth2Token(forestResponse, (Map) forestRequest.getConfiguration().getConverter(ForestDataType.AUTO).convertToJavaObject((ForestConverter) forestResponse.getContent(), Map.class));
            if (oAuth2Token == null) {
                throw new ForestRuntimeException("OAuth2 request OAuth2Token is empty");
            }
            return new TokenCache(str, oAuth2Token);
        } catch (IllegalAccessException | InstantiationException e) {
            throw new ForestRuntimeException("OAuth2 request OAuth2DefinitionHandler error" + e.getMessage());
        }
    }

    private Map<String, Object> kv2map(String[] strArr) {
        HashMap hashMap = new HashMap();
        for (String str : strArr) {
            int indexOf = str.indexOf(":");
            hashMap.put(str.substring(0, indexOf), StringUtils.trimBegin(str.substring(indexOf + 1)));
        }
        return hashMap;
    }

    private Map<String, Object> createRequestBody(String str, ForestRequest forestRequest, boolean z) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("client_id", str);
        linkedHashMap.put("client_secret", getAttributeAsString(forestRequest, "clientSecret"));
        linkedHashMap.put("scope", getAttributeAsString(forestRequest, "scope"));
        OAuth2.GrantType grantType = (OAuth2.GrantType) getAttribute(forestRequest, "grantType");
        linkedHashMap.put("grant_type", grantType.getValue(getAttributeAsString(forestRequest, "grantTypeValue")));
        if (z && grantType == OAuth2.GrantType.PASSWORD) {
            linkedHashMap.put(DruidDataSourceFactory.PROP_USERNAME, getAttributeAsString(forestRequest, DruidDataSourceFactory.PROP_USERNAME));
            linkedHashMap.put(DruidDataSourceFactory.PROP_PASSWORD, getAttributeAsString(forestRequest, DruidDataSourceFactory.PROP_PASSWORD));
        }
        return linkedHashMap;
    }
}
