package com.litongjava.tio.boot.admin.services;

import com.litongjava.db.activerecord.Db;
import com.litongjava.db.activerecord.Row;
import com.litongjava.jfinal.aop.Aop;
import com.litongjava.model.body.RespBodyVo;
import com.litongjava.model.http.response.ResponseVo;
import com.litongjava.tio.boot.admin.costants.TioBootAdminTableNames;
import com.litongjava.tio.boot.admin.vo.AppUserLoginVo;
import com.litongjava.tio.boot.admin.vo.GoogleJwtPayload;
import com.litongjava.tio.boot.admin.vo.GoogleToken;
import com.litongjava.tio.utils.environment.EnvUtils;
import com.litongjava.tio.utils.http.HttpUtils;
import com.litongjava.tio.utils.json.FastJson2Utils;
import com.litongjava.tio.utils.json.JsonUtils;
import com.litongjava.tio.utils.snowflake.SnowflakeIdUtils;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import okhttp3.FormBody;
import okhttp3.Request;

/* loaded from: input_file:com/litongjava/tio/boot/admin/services/AppUserGoogleService.class */
public class AppUserGoogleService {
    public RespBodyVo login(String str, String str2) {
        String string;
        String str3 = EnvUtils.get("GOOGLE_CLIENT_ID");
        String str4 = EnvUtils.get("GOOGLE_CLIENT_SECRET");
        FormBody.Builder builder = new FormBody.Builder();
        builder.add("code", str).add("redirect_uri", str2).add("grant_type", "authorization_code").add("client_id", str3).add("client_secret", str4);
        ResponseVo call = HttpUtils.call(new Request.Builder().url("https://oauth2.googleapis.com/token").post(builder.build()).build());
        if (!call.isOk()) {
            return RespBodyVo.fail(call.getBodyString());
        }
        GoogleJwtPayload parseGoogleId = parseGoogleId(call.getBodyString());
        Row findFirst = Db.findFirst("SELECT id FROM app_users WHERE google_id = ?", new Object[]{parseGoogleId.getSub()});
        String name = parseGoogleId.getName();
        String picture = parseGoogleId.getPicture();
        String email = parseGoogleId.getEmail();
        if (findFirst == null) {
            Row findFirst2 = Db.findFirst("SELECT id,email FROM app_users WHERE email = ?", new Object[]{email});
            if (findFirst2 == null) {
                string = String.valueOf(SnowflakeIdUtils.id());
                Db.save(TioBootAdminTableNames.app_users, Row.by("id", string).set("email", email).set("display_name", name).set("photo_url", picture));
            } else {
                string = findFirst2.getString("id");
            }
        } else {
            string = findFirst.getString("id");
        }
        Long valueOf = Long.valueOf((System.currentTimeMillis() / 1000) + EnvUtils.getLong("app.token.timeout", 604800L).longValue());
        AppUserService appUserService = (AppUserService) Aop.get(AppUserService.class);
        return RespBodyVo.ok(new AppUserLoginVo(string, name, email, picture, appUserService.createRefreshToken(string), appUserService.createToken(string, valueOf), valueOf.intValue()));
    }

    public GoogleJwtPayload parseGoogleId(String str) {
        String[] split = ((GoogleToken) FastJson2Utils.parse(str, GoogleToken.class)).getId_token().split("\\.");
        if (split.length < 2) {
            throw new IllegalArgumentException("无效的 id_token");
        }
        return (GoogleJwtPayload) JsonUtils.parse(new String(Base64.getUrlDecoder().decode(split[1]), StandardCharsets.UTF_8), GoogleJwtPayload.class);
    }
}
