package cn.jdevelops.authentication.sas.server.controller;

import cn.jdevelops.api.result.response.PageResult;
import cn.jdevelops.api.result.response.ResultPageVO;
import cn.jdevelops.api.result.response.ResultVO;
import cn.jdevelops.authentication.sas.server.controller.dto.ClientEditScopes;
import cn.jdevelops.authentication.sas.server.controller.dto.ClientEditSecretExpiresAt;
import cn.jdevelops.authentication.sas.server.controller.dto.ClientPage;
import cn.jdevelops.authentication.sas.server.controller.dto.ClientRegistered;
import cn.jdevelops.authentication.sas.server.controller.specification.ClientSpecification;
import cn.jdevelops.authentication.sas.server.core.config.SasProperties;
import cn.jdevelops.authentication.sas.server.oauth.dao.Oauth2RegisteredClientDao;
import cn.jdevelops.authentication.sas.server.oauth.entity.Oauth2RegisteredClient;
import cn.jdevelops.authentication.sas.server.util.PageUtil;
import cn.jdevelops.util.authorization.error.exception.AuthorizationException;
import java.time.Duration;
import java.time.LocalDate;
import java.time.ZoneId;
import java.util.List;
import java.util.UUID;
import javax.validation.Valid;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClient;
import org.springframework.security.oauth2.server.authorization.client.RegisteredClientRepository;
import org.springframework.security.oauth2.server.authorization.settings.ClientSettings;
import org.springframework.security.oauth2.server.authorization.settings.TokenSettings;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"/oauth/client"})
@RestController
/* loaded from: input_file:cn/jdevelops/authentication/sas/server/controller/ClientController.class */
public class ClientController {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(ClientController.class);
    private final RegisteredClientRepository registeredClientRepository;
    private final PasswordEncoder passwordEncoder;
    private final Oauth2RegisteredClientDao oauth2RegisteredClientDao;
    private final SasProperties sasProperties;

    public ClientController(RegisteredClientRepository registeredClientRepository, PasswordEncoder passwordEncoder, Oauth2RegisteredClientDao oauth2RegisteredClientDao, SasProperties sasProperties) {
        this.registeredClientRepository = registeredClientRepository;
        this.passwordEncoder = passwordEncoder;
        this.oauth2RegisteredClientDao = oauth2RegisteredClientDao;
        this.sasProperties = sasProperties;
    }

    @PostMapping({"/add"})
    public String addClient(@Valid @RequestBody ClientRegistered clientRegistered) {
        RegisteredClient.Builder clientSettings = RegisteredClient.withId(UUID.randomUUID().toString()).clientId(clientRegistered.getClientId()).clientSecret(this.passwordEncoder.encode(clientRegistered.getClientSecret())).clientName(clientRegistered.getClientName()).clientAuthenticationMethods(set -> {
            set.addAll(clientRegistered.getClientAuthenticationMethods());
        }).authorizationGrantTypes(set2 -> {
            set2.addAll(clientRegistered.getAuthorizationGrantTypes());
        }).scopes(set3 -> {
            set3.addAll(clientRegistered.getScopes());
        }).tokenSettings(TokenSettings.builder().accessTokenTimeToLive(Duration.ofHours(this.sasProperties.getToken().getAccessTokenTimeToLive().intValue())).reuseRefreshTokens(this.sasProperties.getToken().getReuseRefreshTokens()).refreshTokenTimeToLive(Duration.ofDays(this.sasProperties.getToken().getRefreshTokenTimeToLive().intValue())).build()).clientSettings(ClientSettings.builder().requireAuthorizationConsent(true).build());
        if (clientRegistered.getRedirectUris() != null) {
            clientSettings.redirectUris(set4 -> {
                set4.addAll(clientRegistered.getRedirectUris());
            });
        }
        if (null != clientRegistered.getClientSecretExpiresAt()) {
            clientSettings.clientSecretExpiresAt(LocalDate.parse(clientRegistered.getClientSecretExpiresAt()).atStartOfDay(ZoneId.systemDefault()).toInstant());
        }
        try {
            this.registeredClientRepository.save(clientSettings.build());
            return "添加客户端信息成功";
        } catch (Exception e) {
            if (e.getMessage().contains("Registered client must be unique")) {
                log.error("客户端已存在不要重复创建");
            }
            throw e;
        }
    }

    @PostMapping({"/delete"})
    @Transactional(rollbackFor = {Exception.class})
    public ResultVO<String> delete(@RequestBody List<String> list) {
        this.oauth2RegisteredClientDao.deleteByClientIdIn(list);
        return ResultVO.successMessage("删除成功");
    }

    @PostMapping({"/edit/scopes"})
    public ResultVO<String> editScopes(@Valid @RequestBody ClientEditScopes clientEditScopes) {
        Oauth2RegisteredClient verifyClient = verifyClient(clientEditScopes.getClientId());
        verifyClient.setScopes(clientEditScopes.getScopes());
        this.oauth2RegisteredClientDao.save(verifyClient);
        return ResultVO.successMessage("修改成功");
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v6, types: [java.time.LocalDateTime] */
    @PostMapping({"/edit/secretExpiresAt"})
    public ResultVO<String> editScopes(@Valid @RequestBody ClientEditSecretExpiresAt clientEditSecretExpiresAt) {
        Oauth2RegisteredClient verifyClient = verifyClient(clientEditSecretExpiresAt.getClientId());
        verifyClient.setClientSecretExpiresAt(LocalDate.parse(clientEditSecretExpiresAt.getClientSecretExpiresAt()).atStartOfDay(ZoneId.systemDefault()).toLocalDateTime());
        this.oauth2RegisteredClientDao.save(verifyClient);
        return ResultVO.successMessage("修改成功");
    }

    @PostMapping({"/page"})
    public ResultPageVO<PageResult<Oauth2RegisteredClient>> page(@RequestBody ClientPage clientPage) {
        return ResultPageVO.success(PageUtil.toPage(this.oauth2RegisteredClientDao.findAll(ClientSpecification.clientNameLike(clientPage.getClientName()).and(ClientSpecification.scopesLike(clientPage.getScopes())).and(ClientSpecification.clientSecretExpiresAtSection(clientPage.getClientSecretExpiresAtSection())), PageUtil.sortPageOf(clientPage.getSortPage()))));
    }

    private Oauth2RegisteredClient verifyClient(String str) {
        return this.oauth2RegisteredClientDao.findByClientId(str).orElseThrow(() -> {
            return AuthorizationException.specialMessage("请检查客户端是否存在");
        });
    }
}
