package com.bcxin.ins.service.oauth;

import com.alibaba.fastjson.JSON;
import com.bcxin.ins.dto.Result;
import com.bcxin.ins.dto.oauth.AccessToken;
import com.bcxin.ins.dto.oauth.OAuthTokenxRequest;
import com.bcxin.ins.service.user.ClientUserService;
import com.bcxin.ins.spring.util.JedisUtils;
import com.bcxin.ins.util.AESUtil;
import com.bcxin.ins.util.MathUtil;
import com.bcxin.ins.vo.ClientUserVo;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.lang3.StringUtils;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

@Transactional
@Service
/* loaded from: input_file:com/bcxin/ins/service/oauth/OAuthServiceImpl.class */
public class OAuthServiceImpl implements OAuthService {
    private static Logger logger = LoggerFactory.getLogger(OAuthServiceImpl.class);

    @Autowired
    private ClientUserService userService;

    @Override // com.bcxin.ins.service.oauth.OAuthService
    public Result saveDispatch(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws Exception {
        Map<Boolean, OAuthResponse> handle = handle(new OAuthTokenxRequest(httpServletRequest), str);
        if (handle.containsKey(true)) {
            return Result.success("操作成功！", handle.get(true) == null ? null : JSON.parse(handle.get(true).getBody()));
        }
        return Result.fail(handle.get(false) == null ? "参数错误！" : JSON.parseObject(handle.get(false).getBody()).getString("error_description"));
    }

    private Map<Boolean, OAuthResponse> handle(OAuthTokenxRequest oAuthTokenxRequest, String str) throws OAuthProblemException, OAuthSystemException {
        HashMap hashMap = new HashMap();
        String username = oAuthTokenxRequest.getUsername();
        String password = oAuthTokenxRequest.getPassword();
        String publicKey = oAuthTokenxRequest.getPublicKey();
        if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password) || StringUtils.isEmpty(publicKey)) {
            hashMap.put(false, OAuthResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("参数错误").buildJSONMessage());
            return hashMap;
        }
        try {
            byte[] bytes = publicKey.getBytes();
            byte[] decodeHex = Hex.decodeHex(password.toCharArray());
            byte[] bArr = new byte[0];
            if (!username.equals(new String(AESUtil.AES_CBC_Decrypt(decodeHex, bytes, bytes)))) {
                hashMap.put(false, OAuthResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("用户或者密码错误").buildJSONMessage());
                return hashMap;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        ClientUserVo clientUserVo = this.userService.getClientUserVo(username, MathUtil.getType(username));
        if (clientUserVo == null) {
            hashMap.put(false, OAuthResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("用户不存在").buildJSONMessage());
            return hashMap;
        }
        hashMap.put(true, handleAfterValidation(oAuthTokenxRequest.getRedirectURI(), str, clientUserVo));
        return hashMap;
    }

    private OAuthResponse handleAfterValidation(String str, String str2, ClientUserVo clientUserVo) throws OAuthProblemException, OAuthSystemException {
        return createTokenResponse(str, retrieveAccessToken(str2, clientUserVo));
    }

    private OAuthResponse createTokenResponse(String str, AccessToken accessToken) throws OAuthSystemException {
        OAuthASResponse.OAuthTokenResponseBuilder tokenType = OAuthASResponse.tokenResponse(200).location(str).setAccessToken(accessToken.getTokenId()).setExpiresIn(String.valueOf(accessToken.currentTokenExpiredSeconds())).setTokenType(accessToken.getTokenType());
        String refreshToken = accessToken.getRefreshToken();
        if (StringUtils.isNotEmpty(refreshToken)) {
            tokenType.setRefreshToken(refreshToken);
        }
        if (StringUtils.isNotEmpty(str)) {
            tokenType.setParam("redirect_uri", str);
        }
        return tokenType.buildJSONMessage();
    }

    @Override // com.bcxin.ins.service.oauth.OAuthService
    public AccessToken getAccessToken(String str, ClientUserVo clientUserVo, String str2) throws OAuthSystemException {
        AccessToken accessToken;
        String str3 = JedisUtils.get("BLB:CACHE:UIP-" + clientUserVo.getOid());
        return (!StringUtils.isNotEmpty(str3) || (accessToken = (AccessToken) JedisUtils.getObject(new StringBuilder().append("BLB:CACHE:BLB-REQ-TOKEN-").append(str3).toString())) == null) ? createAccessToken(clientUserVo, str, str2) : accessToken;
    }

    private AccessToken retrieveAccessToken(String str, ClientUserVo clientUserVo) throws OAuthSystemException {
        AccessToken accessToken;
        String oid = clientUserVo.getOid();
        String str2 = JedisUtils.get("BLB:CACHE:UIP-" + oid);
        if (StringUtils.isNotEmpty(str2) && (accessToken = (AccessToken) JedisUtils.getObject("BLB:CACHE:BLB-REQ-TOKEN-" + str2)) != null) {
            JedisUtils.del(oid);
            JedisUtils.delObject("BLB:CACHE:BLB-REQ-TOKEN-" + accessToken.getTokenId());
        }
        return createAccessToken(clientUserVo, str, "");
    }

    private AccessToken createAccessToken(ClientUserVo clientUserVo, String str, String str2) throws OAuthSystemException {
        OAuthIssuerImpl oAuthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
        String accessToken = oAuthIssuerImpl.accessToken();
        if (StringUtils.isNotEmpty(str2)) {
            accessToken = str2;
        }
        AccessToken accessToken2 = new AccessToken();
        accessToken2.setWebId(clientUserVo.getWeb_id());
        accessToken2.setWebType(clientUserVo.getWeb_type());
        accessToken2.setUserId(clientUserVo.getOid());
        accessToken2.setName(clientUserVo.getReal_name());
        accessToken2.setLoginName(clientUserVo.getLogin_name());
        accessToken2.setTokenId(accessToken);
        accessToken2.setTokenExpiredSeconds(86400);
        accessToken2.setRefreshToken(oAuthIssuerImpl.refreshToken());
        accessToken2.setUserVo(clientUserVo);
        JedisUtils.set("BLB:CACHE:UIP-" + clientUserVo.getOid(), accessToken, 86400);
        JedisUtils.setObject("BLB:CACHE:BLB-REQ-TOKEN-" + accessToken, accessToken2, 86400);
        return accessToken2;
    }

    @Override // com.bcxin.ins.service.oauth.OAuthService
    public AccessToken getAccessToken(String str) {
        AccessToken accessToken = (AccessToken) JedisUtils.getObject("BLB:CACHE:BLB-REQ-TOKEN-" + str);
        if (accessToken != null && accessToken.tokenExpired()) {
            accessToken = null;
        }
        return accessToken;
    }

    public static void main(String[] strArr) throws Exception {
        if (StringUtils.isNotEmpty("wdMFAbNpSmRJEmOl")) {
            byte[] bytes = "wdMFAbNpSmRJEmOl".getBytes();
            System.out.println(new String(AESUtil.AES_CBC_Decrypt(Hex.decodeHex("86b955d41be7a1ce4b8db67da688103e".toCharArray()), bytes, bytes)));
        }
    }
}
