package org.iharu.web.security.controller;

import javax.servlet.http.HttpSession;
import org.iharu.authorization.util.AuthorizationUtils;
import org.iharu.proto.web.WebAuthProto;
import org.iharu.proto.web.WebResponseProto;
import org.iharu.type.BaseAuthorizationType;
import org.iharu.type.BaseHttpStatus;
import org.iharu.web.security.BaseSecurityController;
import org.iharu.web.session.entity.SessionEntity;
import org.iharu.web.util.WebResponseUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping(value = {"/oauth", "/OAuth"}, produces = {"application/json;charset=UTF-8"})
@RestController
/* loaded from: input_file:org/iharu/web/security/controller/OAuthController.class */
public class OAuthController extends BaseSecurityController {
    @PostMapping({"/authenticate"})
    public WebResponseProto authenticate(@RequestBody String str, HttpSession httpSession) {
        if (!verifyIdentity(str)) {
            return WebResponseUtils.AuthenticationFailed();
        }
        SessionEntity sessionEntity = new SessionEntity();
        WebAuthProto webAuthProto = new WebAuthProto();
        long currentTimeMillis = System.currentTimeMillis();
        String secretTokenGen = AuthorizationUtils.secretTokenGen();
        sessionEntity.setUid(httpSession.getId());
        sessionEntity.setValid_timestamp(currentTimeMillis);
        sessionEntity.setBasic_auth_type(BaseAuthorizationType.ADMIN);
        sessionEntity.setToken(secretTokenGen);
        sessionEntity.setOauth(true);
        httpSession.setAttribute("session_entity", sessionEntity);
        webAuthProto.setToken(secretTokenGen);
        webAuthProto.setValid_timestamp(currentTimeMillis);
        return WebResponseUtils.GenResponse(BaseHttpStatus.SUCCESS, webAuthProto);
    }

    @PostMapping({"/authorize"})
    public WebResponseProto authorize(@RequestBody String str, HttpSession httpSession) {
        SessionEntity sessionEntity = (SessionEntity) httpSession.getAttribute("session_entity");
        if (sessionEntity == null || !sessionEntity.isOauth()) {
            return WebResponseUtils.AuthorityInsufficient();
        }
        if (!verifyAuthorization(str, sessionEntity)) {
            return WebResponseUtils.AuthorityInsufficient();
        }
        WebAuthProto webAuthProto = new WebAuthProto();
        long currentTimeMillis = System.currentTimeMillis();
        webAuthProto.setVoucher(AuthorizationUtils.tokenGen());
        webAuthProto.setValid_timestamp(currentTimeMillis);
        return WebResponseUtils.GenResponse(BaseHttpStatus.SUCCESS, webAuthProto);
    }
}
