package org.miaixz.bus.oauth.metric.okta;

import com.alibaba.fastjson.JSONObject;
import java.util.HashMap;
import java.util.Map;
import org.miaixz.bus.cache.metric.ExtendCache;
import org.miaixz.bus.core.basic.entity.Message;
import org.miaixz.bus.core.codec.binary.Base64;
import org.miaixz.bus.core.lang.Gender;
import org.miaixz.bus.core.lang.MediaType;
import org.miaixz.bus.core.lang.Symbol;
import org.miaixz.bus.core.lang.exception.AuthorizedException;
import org.miaixz.bus.core.net.HTTP;
import org.miaixz.bus.core.xyz.ObjectKit;
import org.miaixz.bus.gitlab.services.HipChatService;
import org.miaixz.bus.http.Httpx;
import org.miaixz.bus.oauth.Builder;
import org.miaixz.bus.oauth.Context;
import org.miaixz.bus.oauth.Registry;
import org.miaixz.bus.oauth.magic.AccToken;
import org.miaixz.bus.oauth.magic.Callback;
import org.miaixz.bus.oauth.magic.ErrorCode;
import org.miaixz.bus.oauth.magic.Material;
import org.miaixz.bus.oauth.metric.AbstractProvider;
import org.miaixz.bus.setting.magic.Profile;

/* loaded from: input_file:org/miaixz/bus/oauth/metric/okta/OktaProvider.class */
public class OktaProvider extends AbstractProvider {
    public OktaProvider(Context context) {
        super(context, Registry.OKTA);
    }

    public OktaProvider(Context context, ExtendCache extendCache) {
        super(context, Registry.OKTA, extendCache);
    }

    @Override // org.miaixz.bus.oauth.metric.AbstractProvider
    protected AccToken getAccessToken(Callback callback) {
        return getAuthToken(accessTokenUrl(callback.getCode()));
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [org.miaixz.bus.oauth.magic.AccToken$AccTokenBuilder] */
    private AccToken getAuthToken(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("accept", MediaType.APPLICATION_JSON);
        hashMap.put(HTTP.CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED);
        hashMap.put(HTTP.AUTHORIZATION, "Basic " + Base64.encode(this.context.getAppKey().concat(":").concat(this.context.getAppSecret())));
        JSONObject parseObject = JSONObject.parseObject(Httpx.post(str, (Map<String, String>) null, hashMap));
        checkResponse(parseObject);
        return AccToken.builder().accessToken(parseObject.getString("access_token")).tokenType(parseObject.getString("token_type")).expireIn(parseObject.getIntValue("expires_in")).scope(parseObject.getString("scope")).refreshToken(parseObject.getString("refresh_token")).idToken(parseObject.getString("id_token")).build();
    }

    /* JADX WARN: Type inference failed for: r0v4, types: [org.miaixz.bus.core.basic.entity.Message$MessageBuilder] */
    /* JADX WARN: Type inference failed for: r0v8, types: [org.miaixz.bus.core.basic.entity.Message$MessageBuilder] */
    @Override // org.miaixz.bus.oauth.Provider
    public Message refresh(AccToken accToken) {
        if (null == accToken.getRefreshToken()) {
            return Message.builder().errcode(ErrorCode.ILLEGAL_TOKEN.getCode()).errmsg(ErrorCode.ILLEGAL_TOKEN.getDesc()).build();
        }
        return Message.builder().errcode(ErrorCode.SUCCESS.getCode()).data(getAuthToken(refreshTokenUrl(accToken.getRefreshToken()))).build();
    }

    /* JADX WARN: Type inference failed for: r0v12, types: [org.miaixz.bus.oauth.magic.Material$MaterialBuilder] */
    @Override // org.miaixz.bus.oauth.metric.AbstractProvider
    protected Material getUserInfo(AccToken accToken) {
        HashMap hashMap = new HashMap();
        hashMap.put(HTTP.AUTHORIZATION, "Bearer " + accToken.getAccessToken());
        JSONObject parseObject = JSONObject.parseObject(Httpx.post(userInfoUrl(accToken), (Map<String, String>) null, hashMap));
        checkResponse(parseObject);
        JSONObject jSONObject = parseObject.getJSONObject("address");
        return Material.builder().rawJson(parseObject).uuid(parseObject.getString("sub")).username(parseObject.getString("name")).nickname(parseObject.getString("nickname")).email(parseObject.getString("email")).location(null == jSONObject ? null : jSONObject.getString("street_address")).gender(Gender.of(parseObject.getString("sex"))).token(accToken).source(this.complex.toString()).build();
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [org.miaixz.bus.core.basic.entity.Message$MessageBuilder] */
    @Override // org.miaixz.bus.oauth.Provider
    public Message revoke(AccToken accToken) {
        HashMap hashMap = new HashMap(4);
        hashMap.put(HipChatService.TOKEN_PROP, accToken.getAccessToken());
        hashMap.put("token_type_hint", "access_token");
        HashMap hashMap2 = new HashMap();
        hashMap2.put(HTTP.AUTHORIZATION, "Basic " + Base64.encode(this.context.getAppKey().concat(":").concat(this.context.getAppSecret())));
        Httpx.post(revokeUrl(accToken), hashMap, hashMap2);
        ErrorCode errorCode = ErrorCode.SUCCESS;
        return Message.builder().errcode(errorCode.getCode()).errmsg(errorCode.getDesc()).build();
    }

    private void checkResponse(JSONObject jSONObject) {
        if (jSONObject.containsKey("error")) {
            throw new AuthorizedException(jSONObject.getString("error_description"));
        }
    }

    @Override // org.miaixz.bus.oauth.metric.AbstractProvider, org.miaixz.bus.oauth.Provider
    public String authorize(String str) {
        return Builder.fromUrl(String.format(this.complex.authorize(), this.context.getPrefix(), ObjectKit.defaultIfNull(this.context.getUnionId(), Profile.DEFAULT_PROFILE))).queryParam("response_type", "code").queryParam("prompt", "consent").queryParam("client_id", this.context.getAppKey()).queryParam("redirect_uri", this.context.getRedirectUri()).queryParam("scope", getScopes(Symbol.SPACE, true, getDefaultScopes(OktaScope.values()))).queryParam("state", getRealState(str)).build();
    }

    @Override // org.miaixz.bus.oauth.metric.AbstractProvider
    public String accessTokenUrl(String str) {
        return Builder.fromUrl(String.format(this.complex.accessToken(), this.context.getPrefix(), ObjectKit.defaultIfNull(this.context.getUnionId(), Profile.DEFAULT_PROFILE))).queryParam("code", str).queryParam("grant_type", "authorization_code").queryParam("redirect_uri", this.context.getRedirectUri()).build();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.miaixz.bus.oauth.metric.AbstractProvider
    public String refreshTokenUrl(String str) {
        return Builder.fromUrl(String.format(this.complex.refresh(), this.context.getPrefix(), ObjectKit.defaultIfNull(this.context.getUnionId(), Profile.DEFAULT_PROFILE))).queryParam("refresh_token", str).queryParam("grant_type", "refresh_token").build();
    }

    @Override // org.miaixz.bus.oauth.metric.AbstractProvider
    protected String revokeUrl(AccToken accToken) {
        return String.format(this.complex.revoke(), this.context.getPrefix(), ObjectKit.defaultIfNull(this.context.getUnionId(), Profile.DEFAULT_PROFILE));
    }

    @Override // org.miaixz.bus.oauth.metric.AbstractProvider
    public String userInfoUrl(AccToken accToken) {
        return String.format(this.complex.userInfo(), this.context.getPrefix(), ObjectKit.defaultIfNull(this.context.getUnionId(), Profile.DEFAULT_PROFILE));
    }
}
