package com.feingto.cloud.security;

import com.fasterxml.jackson.databind.JsonNode;
import com.feingto.cloud.core.http.ClientRequest;
import com.feingto.cloud.core.http.ClientResponse;
import com.feingto.cloud.core.http.OKHttpClient;
import com.feingto.cloud.domain.enums.GrantType;
import com.feingto.cloud.dto.oauth.TokenRequest;
import com.feingto.cloud.exception.ClientException;
import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.entity.ContentType;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.oauth2.common.util.JsonParser;
import org.springframework.security.oauth2.common.util.JsonParserFactory;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.util.Assert;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.StringUtils;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:com/feingto/cloud/security/TokenProvider.class */
public class TokenProvider {
    private static final String HTTP_AUTH_USER = "feingto";
    private static final String HTTP_AUTH_PASSWORD = "feing10537";
    private static final JsonParser objectMapper = JsonParserFactory.create();
    private static final Map<String, String> authHeader = new HashMap();
    private static RestTemplate restTemplate;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.feingto.cloud.security.TokenProvider$1, reason: invalid class name */
    /* loaded from: input_file:com/feingto/cloud/security/TokenProvider$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$feingto$cloud$domain$enums$GrantType = new int[GrantType.values().length];

        static {
            try {
                $SwitchMap$com$feingto$cloud$domain$enums$GrantType[GrantType.password.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$feingto$cloud$domain$enums$GrantType[GrantType.client_credentials.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$com$feingto$cloud$domain$enums$GrantType[GrantType.authorization_code.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$com$feingto$cloud$domain$enums$GrantType[GrantType.refresh_token.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public TokenProvider(RestTemplate restTemplate2) {
        restTemplate = restTemplate2;
    }

    public static Map<String, String> getAuthHeader() {
        authHeader.put("Authorization", getAuthHeader(HTTP_AUTH_USER, HTTP_AUTH_PASSWORD));
        return authHeader;
    }

    public static String getAuthHeader(String str, String str2) {
        return "Basic " + new String(Base64.encodeBase64((str + ":" + str2).getBytes(Charset.forName("US-ASCII"))));
    }

    public static JsonNode getToken(TokenRequest tokenRequest) {
        return getToken(tokenRequest, false);
    }

    public static JsonNode getToken(TokenRequest tokenRequest, boolean z) {
        Assert.notNull(tokenRequest.accessTokenUri(), "参数\"accessTokenUri\"不能为空");
        Assert.notNull(tokenRequest.appKey(), "参数\"clientId\"不能为空");
        Assert.notNull(tokenRequest.appSecret(), "参数\"clientSecret\"不能为空");
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Content-Type", ContentType.APPLICATION_FORM_URLENCODED.toString());
        httpHeaders.add("Accept", ContentType.APPLICATION_JSON.toString());
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add("grant_type", tokenRequest.grantType().name().toLowerCase());
        linkedMultiValueMap.add("client_id", tokenRequest.appKey());
        linkedMultiValueMap.add("client_secret", tokenRequest.appSecret());
        switch (AnonymousClass1.$SwitchMap$com$feingto$cloud$domain$enums$GrantType[tokenRequest.grantType().ordinal()]) {
            case 1:
                Assert.notNull(tokenRequest.username(), "参数\"username\"不能为空");
                Assert.notNull(tokenRequest.password(), "参数\"password\"不能为空");
                linkedMultiValueMap.add("username", tokenRequest.username());
                linkedMultiValueMap.add("password", tokenRequest.password());
                break;
            case 3:
                Assert.notNull(tokenRequest.code(), "参数\"code\"不能为空");
                Assert.notNull(tokenRequest.redirectUri(), "参数\"redirectUri\"不能为空");
                linkedMultiValueMap.add(ClientResponse.STATUS_CODE_KEY, tokenRequest.code());
                linkedMultiValueMap.add("redirect_uri", tokenRequest.redirectUri());
                break;
            case 4:
                Assert.notNull(tokenRequest.refreshToken(), "参数\"refreshToken\"不能为空");
                linkedMultiValueMap.add("refresh_token", tokenRequest.refreshToken());
                break;
        }
        JsonNode jsonNode = z ? OKHttpClient.getInstance().syncInvoke(new ClientRequest().path(tokenRequest.accessTokenUri()).method(HttpMethod.POST).headers(httpHeaders.toSingleValueMap()).queries(linkedMultiValueMap.toSingleValueMap())).getJsonNode() : (JsonNode) restTemplate.exchange(tokenRequest.accessTokenUri(), HttpMethod.POST, new HttpEntity(linkedMultiValueMap, httpHeaders), JsonNode.class, new Object[0]).getBody();
        if (Objects.nonNull(jsonNode) && jsonNode.has("error")) {
            throw new ClientException(jsonNode.get(ClientResponse.MESSAGE_KEY).asText());
        }
        return jsonNode;
    }

    public static JsonNode getUserInfo(TokenRequest tokenRequest) {
        Assert.notNull(tokenRequest.userInfoUri(), "参数\"userInfoUri\"不能为空");
        Assert.notNull(tokenRequest.accessToken(), "参数\"accessToken\"不能为空");
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add("Authorization", "Bearer " + tokenRequest.accessToken());
        return (JsonNode) restTemplate.exchange(tokenRequest.userInfoUri(), HttpMethod.GET, new HttpEntity(httpHeaders), JsonNode.class, new Object[0]).getBody();
    }

    public static String getUsername() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (Objects.isNull(authentication) || Objects.isNull(authentication.getPrincipal())) ? "anonymousUser" : authentication.getPrincipal() instanceof UserDetails ? ((UserDetails) authentication.getPrincipal()).getUsername() : authentication.getPrincipal().toString();
    }

    public static boolean isGranted(String str) {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (Objects.isNull(authentication) || Objects.isNull(authentication.getPrincipal())) {
            return false;
        }
        String str2 = "ROLE_" + str;
        return authentication.getAuthorities().stream().anyMatch(grantedAuthority -> {
            return str2.equals(grantedAuthority.getAuthority());
        });
    }

    public static String getAppKey() {
        return getClaims().getOrDefault("client_id", "").toString();
    }

    private static Map<String, Object> getClaims() {
        String contextToken = getContextToken();
        return StringUtils.hasText(contextToken) ? objectMapper.parseMap(JwtHelper.decode(contextToken).getClaims()) : new HashMap();
    }

    public static String getContextToken() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if ((authentication instanceof OAuth2Authentication) && (authentication.getDetails() instanceof OAuth2AuthenticationDetails)) {
            return ((OAuth2AuthenticationDetails) authentication.getDetails()).getTokenValue();
        }
        return null;
    }
}
