package com.avocado.boot.starter.oauth.domain.service.impl;

import com.avocado.boot.starter.core.exception.BusinessException;
import com.avocado.boot.starter.oauth.application.dto.OauthParameter;
import com.avocado.boot.starter.oauth.domain.OauthClient;
import com.avocado.boot.starter.oauth.domain.UserDetails;
import com.avocado.boot.starter.oauth.domain.repository.OauthClientRepository;
import com.avocado.boot.starter.oauth.domain.service.IGrantService;
import com.avocado.boot.starter.oauth.domain.service.IUserDetailsService;
import com.avocado.boot.starter.oauth.infrastructure.enums.GrantType;
import com.avocado.boot.starter.oauth.infrastructure.enums.OauthErrorType;
import com.avocado.boot.starter.security.bean.Authentication;
import org.springframework.stereotype.Component;
import org.springframework.util.DigestUtils;

@Component
/* loaded from: input_file:com/avocado/boot/starter/oauth/domain/service/impl/PasswordIGrantService.class */
public class PasswordIGrantService implements IGrantService {
    private final IUserDetailsService IUserDetailsService;
    private final OauthClientRepository oauthClientRepository;

    public PasswordIGrantService(IUserDetailsService iUserDetailsService, OauthClientRepository oauthClientRepository) {
        this.IUserDetailsService = iUserDetailsService;
        this.oauthClientRepository = oauthClientRepository;
    }

    @Override // com.avocado.boot.starter.oauth.domain.service.IGrantService
    public Authentication grant(OauthParameter oauthParameter) {
        OauthClient oauthClient = (OauthClient) this.oauthClientRepository.getById(oauthParameter.getClientId());
        BusinessException.isNull(oauthClient, OauthErrorType.INVALID_CLIENT_ID_ERROR);
        oauthClient.checkClientId(oauthParameter.getClientId());
        oauthClient.checkClientSecret(oauthParameter.getClientSecret());
        UserDetails loadUserByUsername = this.IUserDetailsService.loadUserByUsername(oauthParameter.getUsername());
        BusinessException.isFalse(loadUserByUsername.getPassword().equals(DigestUtils.md5DigestAsHex(loadUserByUsername.getPassword().getBytes())), OauthErrorType.PASSWORD_ERROR);
        BusinessException.isTrue(loadUserByUsername.isEnabled(), OauthErrorType.NON_ENABLE_ERROR);
        BusinessException.isTrue(loadUserByUsername.isAccountNonExpired(), OauthErrorType.NON_EXPIRED_ERROR);
        BusinessException.isTrue(loadUserByUsername.isAccountNonLocked(), OauthErrorType.NON_LOCKED_ERROR);
        BusinessException.isTrue(loadUserByUsername.isCredentialsNonExpired(), OauthErrorType.NON_CREDENTIALS_EXPIRED_ERROR);
        return new Authentication(loadUserByUsername.getUserId(), loadUserByUsername.getAuthorities());
    }

    @Override // com.avocado.boot.starter.oauth.domain.service.IGrantService
    public GrantType getGrantType() {
        return GrantType.password;
    }
}
