package cn.herodotus.engine.oauth2.data.jpa.storage;

import cn.herodotus.engine.oauth2.core.jackson2.HerodotusJackson2Module;
import cn.herodotus.engine.oauth2.data.jpa.entity.HerodotusAuthorization;
import cn.herodotus.engine.oauth2.data.jpa.jackson2.OAuth2TokenJackson2Module;
import cn.herodotus.engine.oauth2.data.jpa.service.HerodotusAuthorizationService;
import cn.herodotus.engine.oauth2.data.jpa.utils.OAuth2AuthorizationUtils;
import cn.hutool.core.date.DateUtil;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.Module;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.function.Consumer;
import java.util.stream.Collectors;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.ObjectUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.dao.DataRetrievalFailureException;
import org.springframework.security.jackson2.SecurityJackson2Modules;
import org.springframework.security.oauth2.core.OAuth2AccessToken;
import org.springframework.security.oauth2.core.OAuth2RefreshToken;
import org.springframework.security.oauth2.core.OAuth2Token;
import org.springframework.security.oauth2.core.oidc.OidcIdToken;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationCode;
import org.springframework.security.oauth2.server.authorization.OAuth2AuthorizationService;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.jackson2.OAuth2AuthorizationServerJackson2Module;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:cn/herodotus/engine/oauth2/data/jpa/storage/JpaOAuth2AuthorizationService.class */
public class JpaOAuth2AuthorizationService implements OAuth2AuthorizationService {
    private static final Logger log = LoggerFactory.getLogger(JpaOAuth2AuthorizationService.class);
    private final HerodotusAuthorizationService herodotusAuthorizationService;
    private final RegisteredClientRepository registeredClientRepository;
    private final ObjectMapper objectMapper = new ObjectMapper();

    public JpaOAuth2AuthorizationService(HerodotusAuthorizationService herodotusAuthorizationService, RegisteredClientRepository registeredClientRepository) {
        this.herodotusAuthorizationService = herodotusAuthorizationService;
        this.registeredClientRepository = registeredClientRepository;
        this.objectMapper.registerModules(SecurityJackson2Modules.getModules(JpaOAuth2AuthorizationService.class.getClassLoader()));
        this.objectMapper.registerModule(new OAuth2AuthorizationServerJackson2Module());
        this.objectMapper.registerModules(new Module[]{new HerodotusJackson2Module()});
        this.objectMapper.registerModules(new Module[]{new OAuth2TokenJackson2Module()});
    }

    public void save(OAuth2Authorization oAuth2Authorization) {
        this.herodotusAuthorizationService.saveOrUpdate(toEntity(oAuth2Authorization));
        log.debug("[Herodotus] |- Jpa OAuth2 Authorization Service save entity.");
    }

    @Transactional
    public void remove(OAuth2Authorization oAuth2Authorization) {
        Assert.notNull(oAuth2Authorization, "authorization cannot be null");
        this.herodotusAuthorizationService.deleteById(oAuth2Authorization.getId());
        log.debug("[Herodotus] |- Jpa OAuth2 Authorization Service remove entity.");
        this.herodotusAuthorizationService.clearHistoryToken();
        log.debug("[Herodotus] |- Jpa OAuth2 Authorization Service clear history token.");
    }

    public OAuth2Authorization findById(String str) {
        HerodotusAuthorization herodotusAuthorization = (HerodotusAuthorization) this.herodotusAuthorizationService.findById(str);
        if (!ObjectUtils.isNotEmpty(herodotusAuthorization)) {
            return null;
        }
        log.debug("[Herodotus] |- Jpa OAuth2 Authorization Service findById.");
        return toObject(herodotusAuthorization);
    }

    public int findAuthorizationCount(String str, String str2) {
        int findAuthorizationCount = this.herodotusAuthorizationService.findAuthorizationCount(str, str2);
        log.debug("[Herodotus] |- Jpa OAuth2 Authorization Service findAuthorizationCount.");
        return findAuthorizationCount;
    }

    public List<OAuth2Authorization> findAvailableAuthorizations(String str, String str2) {
        List<HerodotusAuthorization> findAvailableAuthorizations = this.herodotusAuthorizationService.findAvailableAuthorizations(str, str2);
        return CollectionUtils.isNotEmpty(findAvailableAuthorizations) ? (List) findAvailableAuthorizations.stream().map(this::toObject).collect(Collectors.toList()) : new ArrayList();
    }

    public OAuth2Authorization findByToken(String str, OAuth2TokenType oAuth2TokenType) {
        Assert.hasText(str, "token cannot be empty");
        Optional<HerodotusAuthorization> findByStateOrAuthorizationCodeValueOrAccessTokenValueOrRefreshTokenValue = oAuth2TokenType == null ? this.herodotusAuthorizationService.findByStateOrAuthorizationCodeValueOrAccessTokenValueOrRefreshTokenValue(str) : "state".equals(oAuth2TokenType.getValue()) ? this.herodotusAuthorizationService.findByState(str) : "code".equals(oAuth2TokenType.getValue()) ? this.herodotusAuthorizationService.findByAuthorizationCode(str) : "access_token".equals(oAuth2TokenType.getValue()) ? this.herodotusAuthorizationService.findByAccessToken(str) : "refresh_token".equals(oAuth2TokenType.getValue()) ? this.herodotusAuthorizationService.findByRefreshToken(str) : Optional.empty();
        log.debug("[Herodotus] |- Jpa OAuth2 Authorization Service findByToken.");
        return (OAuth2Authorization) findByStateOrAuthorizationCodeValueOrAccessTokenValueOrRefreshTokenValue.map(this::toObject).orElse(null);
    }

    private OAuth2Authorization toObject(HerodotusAuthorization herodotusAuthorization) {
        RegisteredClient findById = this.registeredClientRepository.findById(herodotusAuthorization.getRegisteredClientId());
        if (findById == null) {
            throw new DataRetrievalFailureException("The RegisteredClient with id '" + herodotusAuthorization.getRegisteredClientId() + "' was not found in the RegisteredClientRepository.");
        }
        OAuth2Authorization.Builder attributes = OAuth2Authorization.withRegisteredClient(findById).id(herodotusAuthorization.getId()).principalName(herodotusAuthorization.getPrincipalName()).authorizationGrantType(OAuth2AuthorizationUtils.resolveAuthorizationGrantType(herodotusAuthorization.getAuthorizationGrantType())).authorizedScopes(StringUtils.commaDelimitedListToSet(herodotusAuthorization.getAuthorizedScopes())).attributes(map -> {
            map.putAll(parseMap(herodotusAuthorization.getAttributes()));
        });
        if (herodotusAuthorization.getState() != null) {
            attributes.attribute("state", herodotusAuthorization.getState());
        }
        if (herodotusAuthorization.getAuthorizationCodeValue() != null) {
            attributes.token(new OAuth2AuthorizationCode(herodotusAuthorization.getAuthorizationCodeValue(), DateUtil.toInstant(herodotusAuthorization.getAuthorizationCodeIssuedAt()), DateUtil.toInstant(herodotusAuthorization.getAuthorizationCodeExpiresAt())), map2 -> {
                map2.putAll(parseMap(herodotusAuthorization.getAuthorizationCodeMetadata()));
            });
        }
        if (herodotusAuthorization.getAccessTokenValue() != null) {
            attributes.token(new OAuth2AccessToken(OAuth2AccessToken.TokenType.BEARER, herodotusAuthorization.getAccessTokenValue(), DateUtil.toInstant(herodotusAuthorization.getAccessTokenIssuedAt()), DateUtil.toInstant(herodotusAuthorization.getAccessTokenExpiresAt()), StringUtils.commaDelimitedListToSet(herodotusAuthorization.getAccessTokenScopes())), map3 -> {
                map3.putAll(parseMap(herodotusAuthorization.getAccessTokenMetadata()));
            });
        }
        if (herodotusAuthorization.getRefreshTokenValue() != null) {
            attributes.token(new OAuth2RefreshToken(herodotusAuthorization.getRefreshTokenValue(), DateUtil.toInstant(herodotusAuthorization.getRefreshTokenIssuedAt()), DateUtil.toInstant(herodotusAuthorization.getRefreshTokenExpiresAt())), map4 -> {
                map4.putAll(parseMap(herodotusAuthorization.getRefreshTokenMetadata()));
            });
        }
        if (herodotusAuthorization.getOidcIdTokenValue() != null) {
            attributes.token(new OidcIdToken(herodotusAuthorization.getOidcIdTokenValue(), DateUtil.toInstant(herodotusAuthorization.getOidcIdTokenIssuedAt()), DateUtil.toInstant(herodotusAuthorization.getOidcIdTokenExpiresAt()), parseMap(herodotusAuthorization.getOidcIdTokenClaims())), map5 -> {
                map5.putAll(parseMap(herodotusAuthorization.getOidcIdTokenMetadata()));
            });
        }
        return attributes.build();
    }

    private HerodotusAuthorization toEntity(OAuth2Authorization oAuth2Authorization) {
        HerodotusAuthorization herodotusAuthorization = new HerodotusAuthorization();
        herodotusAuthorization.setId(oAuth2Authorization.getId());
        herodotusAuthorization.setRegisteredClientId(oAuth2Authorization.getRegisteredClientId());
        herodotusAuthorization.setPrincipalName(oAuth2Authorization.getPrincipalName());
        herodotusAuthorization.setAuthorizationGrantType(oAuth2Authorization.getAuthorizationGrantType().getValue());
        herodotusAuthorization.setAuthorizedScopes(StringUtils.collectionToDelimitedString(oAuth2Authorization.getAuthorizedScopes(), ","));
        herodotusAuthorization.setAttributes(writeMap(oAuth2Authorization.getAttributes()));
        herodotusAuthorization.setState((String) oAuth2Authorization.getAttribute("state"));
        OAuth2Authorization.Token<?> token = oAuth2Authorization.getToken(OAuth2AuthorizationCode.class);
        herodotusAuthorization.getClass();
        Consumer<String> consumer = herodotusAuthorization::setAuthorizationCodeValue;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer2 = herodotusAuthorization::setAuthorizationCodeIssuedAt;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer3 = herodotusAuthorization::setAuthorizationCodeExpiresAt;
        herodotusAuthorization.getClass();
        setTokenValues(token, consumer, consumer2, consumer3, herodotusAuthorization::setAuthorizationCodeMetadata);
        OAuth2Authorization.Token<?> token2 = oAuth2Authorization.getToken(OAuth2AccessToken.class);
        herodotusAuthorization.getClass();
        Consumer<String> consumer4 = herodotusAuthorization::setAccessTokenValue;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer5 = herodotusAuthorization::setAccessTokenIssuedAt;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer6 = herodotusAuthorization::setAccessTokenExpiresAt;
        herodotusAuthorization.getClass();
        setTokenValues(token2, consumer4, consumer5, consumer6, herodotusAuthorization::setAccessTokenMetadata);
        if (token2 != null && token2.getToken().getScopes() != null) {
            herodotusAuthorization.setAccessTokenScopes(StringUtils.collectionToDelimitedString(token2.getToken().getScopes(), ","));
        }
        OAuth2Authorization.Token<?> token3 = oAuth2Authorization.getToken(OAuth2RefreshToken.class);
        herodotusAuthorization.getClass();
        Consumer<String> consumer7 = herodotusAuthorization::setRefreshTokenValue;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer8 = herodotusAuthorization::setRefreshTokenIssuedAt;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer9 = herodotusAuthorization::setRefreshTokenExpiresAt;
        herodotusAuthorization.getClass();
        setTokenValues(token3, consumer7, consumer8, consumer9, herodotusAuthorization::setRefreshTokenMetadata);
        OAuth2Authorization.Token<?> token4 = oAuth2Authorization.getToken(OidcIdToken.class);
        herodotusAuthorization.getClass();
        Consumer<String> consumer10 = herodotusAuthorization::setOidcIdTokenValue;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer11 = herodotusAuthorization::setOidcIdTokenIssuedAt;
        herodotusAuthorization.getClass();
        Consumer<LocalDateTime> consumer12 = herodotusAuthorization::setOidcIdTokenExpiresAt;
        herodotusAuthorization.getClass();
        setTokenValues(token4, consumer10, consumer11, consumer12, herodotusAuthorization::setOidcIdTokenMetadata);
        if (token4 != null) {
            herodotusAuthorization.setOidcIdTokenClaims(writeMap(token4.getClaims()));
        }
        return herodotusAuthorization;
    }

    private void setTokenValues(OAuth2Authorization.Token<?> token, Consumer<String> consumer, Consumer<LocalDateTime> consumer2, Consumer<LocalDateTime> consumer3, Consumer<String> consumer4) {
        if (token != null) {
            OAuth2Token token2 = token.getToken();
            consumer.accept(token2.getTokenValue());
            consumer2.accept(DateUtil.toLocalDateTime(token2.getIssuedAt()));
            consumer3.accept(DateUtil.toLocalDateTime(token2.getExpiresAt()));
            consumer4.accept(writeMap(token.getMetadata()));
        }
    }

    private Map<String, Object> parseMap(String str) {
        try {
            return (Map) this.objectMapper.readValue(str, new TypeReference<Map<String, Object>>() { // from class: cn.herodotus.engine.oauth2.data.jpa.storage.JpaOAuth2AuthorizationService.1
            });
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }

    private String writeMap(Map<String, Object> map) {
        try {
            return this.objectMapper.writeValueAsString(map);
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }
}
