package org.minbox.framework.on.security.manage.api.authorization.authentication;

import com.fasterxml.jackson.core.JsonProcessingException;
import java.net.ConnectException;
import java.util.Map;
import org.minbox.framework.on.security.core.authorization.AbstractOnSecurityAuthenticationProvider;
import org.minbox.framework.on.security.core.authorization.endpoint.OnSecurityEndpoints;
import org.minbox.framework.on.security.core.authorization.exception.OnSecurityError;
import org.minbox.framework.on.security.core.authorization.exception.OnSecurityErrorCodes;
import org.minbox.framework.on.security.core.authorization.exception.OnSecurityOAuth2AuthenticationException;
import org.minbox.framework.on.security.core.authorization.jackson2.OnSecurityJsonMapper;
import org.minbox.framework.on.security.core.authorization.manage.ManageTokenAccessAuthorization;
import org.minbox.framework.on.security.core.authorization.manage.ManageTokenAuthorizationCache;
import org.minbox.framework.on.security.core.authorization.manage.context.OnSecurityManageContextHolder;
import org.minbox.framework.on.security.core.authorization.manage.context.OnSecurityManageContextImpl;
import org.minbox.framework.on.security.core.authorization.util.OnSecurityThrowErrorUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:BOOT-INF/classes/org/minbox/framework/on/security/manage/api/authorization/authentication/OnSecurityManageTokenAuthorizationProvider.class */
public class OnSecurityManageTokenAuthorizationProvider extends AbstractOnSecurityAuthenticationProvider {
    static Logger logger = LoggerFactory.getLogger((Class<?>) OnSecurityManageTokenAuthorizationProvider.class);
    private static final String ERROR_CODE_RESPONSE_PARAM = "errorCode";
    private String consoleServerAddress;
    private RestTemplate restTemplate;

    public OnSecurityManageTokenAuthorizationProvider(String str, Map<Class<?>, Object> map) {
        super(map);
        this.consoleServerAddress = str;
        this.restTemplate = new RestTemplate();
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        OnSecurityManageTokenAuthorizationRequestToken onSecurityManageTokenAuthorizationRequestToken = (OnSecurityManageTokenAuthorizationRequestToken) authentication;
        ManageTokenAccessAuthorization accessAuthorization = ManageTokenAuthorizationCache.getAccessAuthorization(onSecurityManageTokenAuthorizationRequestToken.getManageToken());
        if (accessAuthorization == null) {
            accessAuthorization = getAccessAuthorizationFromIssuer(onSecurityManageTokenAuthorizationRequestToken.getManageToken());
            ManageTokenAuthorizationCache.setAccessAuthorization(onSecurityManageTokenAuthorizationRequestToken.getManageToken(), accessAuthorization);
        }
        OnSecurityManageContextHolder.setContext(OnSecurityManageContextImpl.withManageToken(onSecurityManageTokenAuthorizationRequestToken.getManageToken()).authorization(accessAuthorization).build());
        return onSecurityManageTokenAuthorizationRequestToken;
    }

    @Override // org.springframework.security.authentication.AuthenticationProvider
    public boolean supports(Class<?> cls) {
        return OnSecurityManageTokenAuthorizationRequestToken.class.isAssignableFrom(cls);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private ManageTokenAccessAuthorization getAccessAuthorizationFromIssuer(String str) {
        try {
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.set("Authorization", str);
            ResponseEntity exchange = this.restTemplate.exchange(this.consoleServerAddress + OnSecurityEndpoints.MANAGE_TOKEN_ACCESS_AUTHORIZATION_ENDPOINT, HttpMethod.POST, new HttpEntity<>(null, httpHeaders), String.class, new Object[0]);
            OnSecurityJsonMapper onSecurityJsonMapper = new OnSecurityJsonMapper();
            if (checkIfHaveError((String) exchange.getBody(), onSecurityJsonMapper)) {
                throw new OnSecurityOAuth2AuthenticationException(new OnSecurityError(OnSecurityErrorCodes.INVALID_MANAGE_TOKEN.getValue(), null, "Failed to obtain manage token authorization，please check the validity of the manage token.", OnSecurityThrowErrorUtils.DEFAULT_HELP_URI));
            }
            return (ManageTokenAccessAuthorization) onSecurityJsonMapper.readValue((String) exchange.getBody(), ManageTokenAccessAuthorization.class);
        } catch (Exception e) {
            logger.error(e.getMessage(), (Throwable) e);
            OnSecurityError onSecurityError = new OnSecurityError(OnSecurityErrorCodes.UNKNOWN_EXCEPTION.getValue(), null, "Unknown exception encountered while obtaining manage token authorization information.", OnSecurityThrowErrorUtils.DEFAULT_HELP_URI);
            if (e.getCause() instanceof ConnectException) {
                onSecurityError = new OnSecurityError(OnSecurityErrorCodes.CONSOLE_SERVICE_CONNECTION_REFUSED.getValue(), null, "The connection to the console service failed and the management token authorization information could not be obtained.", OnSecurityThrowErrorUtils.DEFAULT_HELP_URI);
            }
            throw new OnSecurityOAuth2AuthenticationException(onSecurityError);
        }
    }

    private boolean checkIfHaveError(String str, OnSecurityJsonMapper onSecurityJsonMapper) throws JsonProcessingException {
        return ((Map) onSecurityJsonMapper.readValue(str, Map.class)).containsKey(ERROR_CODE_RESPONSE_PARAM);
    }
}
