package club.zhcs.lina.oidc.service;

import club.zhcs.lina.auth.AuthorizationException;
import club.zhcs.lina.auth.service.AuthService;
import club.zhcs.lina.auth.service.AuthUser;
import club.zhcs.lina.auth.service.UserDetailService;
import club.zhcs.lina.oidc.service.TokenRefreshableRiemannAuthService;
import club.zhcs.lina.oidc.service.jwt.JwtDecoder;
import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.concurrent.TimeUnit;
import lombok.Generated;
import org.nutz.lang.Lang;
import org.nutz.lang.Strings;

/* loaded from: input_file:club/zhcs/lina/oidc/service/CacheableOpenidConnectionAuthService.class */
public class CacheableOpenidConnectionAuthService implements AuthService {
    private final JwtDecoder jwtDecoder;
    private final TokenRefreshableRiemannAuthService.CookieSettings cookieSettings;
    private final HttpServletRequest request;
    private final HttpServletResponse response;
    private final UserDetailService userDetailService;
    private static final String TOKEN_EXPIRED = "Token已过期!";

    public void login(AuthUser authUser) {
        this.userDetailService.save(authUser);
        addCookie(this.cookieSettings.getTokenCookieName(), authUser.getToken(), this.cookieSettings.getTokenMinutes());
        addCookie(this.cookieSettings.getRefreshTokenCookieName(), authUser.getRefreshToken(), this.cookieSettings.getRefreshTokenMinutes());
    }

    private AuthUser subject2User(String str) {
        return this.userDetailService.userByName(str);
    }

    public AuthUser user() {
        String str = token();
        String refreshToken = refreshToken();
        if (Strings.isBlank(str) && Strings.isBlank(refreshToken)) {
            throw Lang.makeThrow(AuthorizationException.class, "用户未登录!", new Object[0]);
        }
        String subject = this.jwtDecoder.subject(str);
        return Strings.isBlank(subject) ? tryRefreshToken(refreshToken) : subject2User(subject);
    }

    private AuthUser tryRefreshToken(String str) {
        String subject = this.jwtDecoder.subject(str);
        if (Strings.isBlank(subject)) {
            throw Lang.makeThrow(AuthorizationException.class, TOKEN_EXPIRED, new Object[0]);
        }
        AuthUser subject2User = subject2User(subject);
        addCookie(this.cookieSettings.getTokenCookieName(), subject2User.getToken(), this.cookieSettings.getTokenMinutes());
        addCookie(this.cookieSettings.getRefreshTokenCookieName(), subject2User.getRefreshToken(), this.cookieSettings.getRefreshTokenMinutes());
        return subject2User;
    }

    public HttpServletRequest getRequest() {
        return this.request;
    }

    public String authorizationHeaderKey() {
        return "Authorization";
    }

    public String tokenKey() {
        return this.cookieSettings.getTokenCookieName();
    }

    public String refreshTokenKey() {
        return this.cookieSettings.getRefreshTokenCookieName();
    }

    public void logout() {
        addCookie(this.cookieSettings.getTokenCookieName(), null, 0);
        addCookie(this.cookieSettings.getRefreshTokenCookieName(), null, 0);
    }

    private void addCookie(String str, String str2, int i) {
        Cookie cookie = new Cookie(str, str2);
        if (Strings.isNotBlank(this.cookieSettings.getPath())) {
            cookie.setPath(this.cookieSettings.getPath());
        }
        if (Strings.isNotBlank(this.cookieSettings.getDomain())) {
            cookie.setDomain(this.cookieSettings.getDomain());
        }
        if (this.cookieSettings.isSecure()) {
            cookie.setSecure(true);
        }
        if (this.cookieSettings.isHttpOnly()) {
            cookie.setHttpOnly(true);
        }
        cookie.setMaxAge((int) TimeUnit.MINUTES.toMillis(i));
        this.response.addCookie(cookie);
    }

    @Generated
    public CacheableOpenidConnectionAuthService(JwtDecoder jwtDecoder, TokenRefreshableRiemannAuthService.CookieSettings cookieSettings, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, UserDetailService userDetailService) {
        this.jwtDecoder = jwtDecoder;
        this.cookieSettings = cookieSettings;
        this.request = httpServletRequest;
        this.response = httpServletResponse;
        this.userDetailService = userDetailService;
    }
}
