package plus.easydo.starter.oauth.server.service;

import java.util.concurrent.TimeUnit;
import javax.annotation.Resource;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
import org.springframework.security.oauth2.common.util.RandomValueStringGenerator;
import org.springframework.security.oauth2.common.util.SerializationUtils;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import plus.easydo.starter.oauth.server.model.OauthCode;
import plus.easydo.starter.oauth.server.properties.Oauth2ServerProperties;
import plus.easydo.starter.oauth.server.serializer.FastJsonRedisTokenStoreSerializationStrategy;
import plus.easydo.starter.redis.service.RedisService;

@EnableConfigurationProperties({Oauth2ServerProperties.class})
@Configuration
/* loaded from: input_file:plus/easydo/starter/oauth/server/service/CustomizeAuthorizationCodeServices.class */
public class CustomizeAuthorizationCodeServices implements AuthorizationCodeServices {
    private final RandomValueStringGenerator randomValueStringGenerator = new RandomValueStringGenerator(12);
    private final FastJsonRedisTokenStoreSerializationStrategy serializations = new FastJsonRedisTokenStoreSerializationStrategy(OAuth2Authentication.class);

    @Resource
    Oauth2ServerProperties oAuth2Properties;

    @Resource
    RedisService redisService;

    public String createAuthorizationCode(OAuth2Authentication oAuth2Authentication) {
        return saveCode(oAuth2Authentication.getOAuth2Request().getClientId(), oAuth2Authentication);
    }

    public OAuth2Authentication consumeAuthorizationCode(String str) {
        OauthCode oauthCode = (OauthCode) this.redisService.getCacheObject(this.oAuth2Properties.getOauthCodePrefix() + str);
        if (oauthCode == null) {
            throw new InvalidGrantException("授权码无效: " + str);
        }
        remove(str, oauthCode.getClientId());
        return this.oAuth2Properties.isEnableFastJsonSerializer() ? (OAuth2Authentication) this.serializations.deserialize(oauthCode.getAuthentication(), OAuth2Authentication.class) : (OAuth2Authentication) SerializationUtils.deserialize(oauthCode.getAuthentication());
    }

    private String saveCode(String str, OAuth2Authentication oAuth2Authentication) {
        String codeClientPrefix = this.oAuth2Properties.getCodeClientPrefix();
        String oauthCodePrefix = this.oAuth2Properties.getOauthCodePrefix();
        String validatorClientIdCode = validatorClientIdCode(str, codeClientPrefix, oauthCodePrefix);
        if (validatorClientIdCode != null) {
            return validatorClientIdCode;
        }
        String generate = this.randomValueStringGenerator.generate();
        OauthCode oauthCode = new OauthCode();
        oauthCode.setClientId(str);
        oauthCode.setCode(generate);
        if (this.oAuth2Properties.isEnableFastJsonSerializer()) {
            oauthCode.setAuthentication(this.serializations.serialize(oAuth2Authentication));
        } else {
            oauthCode.setAuthentication(SerializationUtils.serialize(oAuth2Authentication));
        }
        this.redisService.setCacheObject(codeClientPrefix + str, generate);
        this.redisService.expire(codeClientPrefix + str, 5L, TimeUnit.MINUTES);
        this.redisService.setCacheObject(oauthCodePrefix + generate, oauthCode);
        this.redisService.expire(oauthCodePrefix + generate, 5L, TimeUnit.MINUTES);
        return generate;
    }

    private void remove(String str, String str2) {
        this.redisService.deleteObject(this.oAuth2Properties.getOauthCodePrefix() + str);
        this.redisService.deleteObject(this.oAuth2Properties.getCodeClientPrefix() + str2);
    }

    private String validatorClientIdCode(String str, String str2, String str3) {
        OauthCode oauthCode;
        String str4 = (String) this.redisService.getCacheObject(str2 + str);
        if (str4 == null || (oauthCode = (OauthCode) this.redisService.getCacheObject(str3 + str4)) == null) {
            return null;
        }
        this.redisService.expire(str2 + str, 5L, TimeUnit.MINUTES);
        this.redisService.expire(str3 + str4, 5L, TimeUnit.MINUTES);
        return oauthCode.getCode();
    }
}
