package cn.hiauth.client;

import cn.hiauth.client.api.TokenVO;
import cn.hutool.core.codec.Base64;
import cn.webestar.scms.commons.Assert;
import cn.webestar.scms.commons.R;
import cn.webestar.scms.commons.SysCode;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Controller;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.client.RestTemplate;

@RequestMapping({"/"})
@Controller
/* loaded from: input_file:cn/hiauth/client/HiAuthClientController.class */
public class HiAuthClientController {

    @Autowired
    private HiAuthClientProviderProperties hiAuthClientProviderProperties;

    @Autowired
    private HiAuthClientRegistrationProperties hiAuthClientRegistrationProperties;

    @Autowired
    private RestTemplate restTemplate;
    static final /* synthetic */ boolean $assertionsDisabled;

    @GetMapping({"/oauth2/login"})
    public String login() {
        return "redirect:" + (this.hiAuthClientProviderProperties.getAuthorizationUri() + "?response_type=code&client_id=" + this.hiAuthClientRegistrationProperties.getClientId() + "&scope=" + String.join(" ", this.hiAuthClientRegistrationProperties.getScope()) + "&redirect_uri=" + this.hiAuthClientRegistrationProperties.getRedirectUri());
    }

    @GetMapping({"/oauth2/token"})
    @ResponseBody
    public R<TokenVO> getToken(@RequestParam("code") String str) {
        Assert.notEmpty(str, SysCode.biz(1), "code不能为空。");
        Map<?, ?> tokenByOauthServer = getTokenByOauthServer(str);
        if (!$assertionsDisabled && tokenByOauthServer == null) {
            throw new AssertionError();
        }
        Assert.isTrue(tokenByOauthServer.containsKey("access_token"), SysCode.biz(2), "无法获取accessToken。");
        String str2 = (String) tokenByOauthServer.get("access_token");
        String str3 = (String) tokenByOauthServer.get("refresh_token");
        Integer num = (Integer) tokenByOauthServer.get("expires_in");
        Map<?, ?> userInfoByOauthServer = getUserInfoByOauthServer(str2);
        Long valueOf = Long.valueOf(Long.parseLong(userInfoByOauthServer.get("cid").toString()));
        Long valueOf2 = Long.valueOf(Long.parseLong(userInfoByOauthServer.get("userId").toString()));
        Long valueOf3 = Long.valueOf(Long.parseLong(userInfoByOauthServer.get("empId").toString()));
        String str4 = (String) userInfoByOauthServer.get("username");
        String str5 = (String) userInfoByOauthServer.get("phoneNum");
        String str6 = (String) userInfoByOauthServer.get("avatarUrl");
        String str7 = (String) userInfoByOauthServer.get("name");
        List list = (List) userInfoByOauthServer.get("permissions");
        Authentication authentication = new Authentication();
        authentication.setCid(valueOf);
        authentication.setUserId(valueOf2);
        authentication.setUsername(str4);
        authentication.setPhoneNum(str5);
        authentication.setAvatarUrl(str6);
        authentication.setEmpId(valueOf3);
        authentication.setName(str7);
        authentication.setPermissions(new HashSet(list));
        SessionContext auth = SessionContextHolder.auth(authentication, str2, str3, num);
        TokenVO tokenVO = new TokenVO();
        tokenVO.setAccessToken(auth.getAccessToken());
        tokenVO.setRefreshToken(auth.getRefreshToken());
        tokenVO.setExpireIn(num);
        return R.success(tokenVO);
    }

    private Map<?, ?> getTokenByOauthServer(String str) {
        String str2 = this.hiAuthClientRegistrationProperties.getClientId() + ":" + this.hiAuthClientRegistrationProperties.getClientSecret();
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        httpHeaders.add(Constant.TOKEN_HEADER, "Basic " + Base64.encode(str2.getBytes()));
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add("grant_type", "authorization_code");
        linkedMultiValueMap.add("code", str);
        linkedMultiValueMap.add("redirect_uri", this.hiAuthClientRegistrationProperties.getRedirectUri());
        return (Map) this.restTemplate.postForObject(this.hiAuthClientProviderProperties.getTokenUri(), new HttpEntity(linkedMultiValueMap, httpHeaders), Map.class, new Object[0]);
    }

    private Map<?, ?> getUserInfoByOauthServer(String str) {
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        httpHeaders.add(Constant.TOKEN_HEADER, "Bearer " + str);
        return (Map) this.restTemplate.postForObject(this.hiAuthClientProviderProperties.getUserInfoUri(), new HttpEntity(new LinkedMultiValueMap(), httpHeaders), Map.class, new Object[0]);
    }

    static {
        $assertionsDisabled = !HiAuthClientController.class.desiredAssertionStatus();
    }
}
