package com.xforceplus.delivery.cloud.gateway.configuration;

import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.xforceplus.delivery.cloud.common.api.ViewResult;
import com.xforceplus.delivery.cloud.common.client.ExternalRestClient;
import com.xforceplus.delivery.cloud.common.util.StringUtils;
import com.xforceplus.delivery.cloud.gateway.component.ISsoTokenUrlHandler;
import com.xforceplus.delivery.cloud.gateway.component.ISsoUserInfoHandler;
import com.xforceplus.delivery.cloud.gateway.webflux.DefaultSsoCallbackFailureHandler;
import com.xforceplus.delivery.cloud.gateway.webflux.SsoCallbackFailureHandler;
import com.xforceplus.delivery.cloud.secure.properties.SsoOAuth2Properties;
import java.nio.charset.StandardCharsets;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.util.UriComponentsBuilder;

@Configuration
/* loaded from: input_file:com/xforceplus/delivery/cloud/gateway/configuration/SsoCallbackConfiguration.class */
public class SsoCallbackConfiguration {
    private static final Logger log = LoggerFactory.getLogger(SsoCallbackConfiguration.class);

    @Autowired
    private SsoOAuth2Properties ssoOAuth2Properties;

    @Autowired
    private ExternalRestClient externalRestClient;

    @ConditionalOnMissingBean
    @Bean
    public SsoCallbackFailureHandler ssoCallbackFailureHandler() {
        return new DefaultSsoCallbackFailureHandler();
    }

    @ConditionalOnMissingBean
    @Bean
    public ISsoTokenUrlHandler ssoTokenUrlHandler() {
        return str -> {
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
            LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
            linkedMultiValueMap.add("client_id", this.ssoOAuth2Properties.getClientId());
            linkedMultiValueMap.add("client_secret", this.ssoOAuth2Properties.getClientSecret());
            linkedMultiValueMap.add("grant_type", this.ssoOAuth2Properties.getGrantType());
            linkedMultiValueMap.add("code", str);
            ViewResult postForObject = this.externalRestClient.postForObject(this.ssoOAuth2Properties.getTokenUrl(), new HttpEntity(linkedMultiValueMap, httpHeaders), JSONObject.class, new Object[0]);
            log.debug("获取授权接口 -> [{}]{}", str, postForObject);
            if (!postForObject.isOk()) {
                return postForObject.map();
            }
            JSONObject jSONObject = (JSONObject) postForObject.getData();
            String string = jSONObject.getString("access_token");
            return StringUtils.isBlank(string) ? ViewResult.failed(jSONObject.getString("msg")) : ViewResult.success().data(string);
        };
    }

    @ConditionalOnMissingBean
    @Bean
    public ISsoUserInfoHandler ssoUserInfoHandler() {
        return str -> {
            ViewResult forObject = this.externalRestClient.getForObject(UriComponentsBuilder.fromHttpUrl(this.ssoOAuth2Properties.getUserInfoUrl()).queryParam("access_token", new Object[]{str}).queryParam("client_id", new Object[]{this.ssoOAuth2Properties.getClientId()}).encode(StandardCharsets.UTF_8).build().toUriString(), JSONObject.class, new Object[0]);
            log.debug("获取用户信息接口 -> {}", forObject);
            if (!forObject.isOk()) {
                return forObject.map();
            }
            JSONArray jSONArray = ((JSONObject) forObject.getData()).getJSONArray("spRoleList");
            if (jSONArray.isEmpty()) {
                return ViewResult.failed("登录账号没有权限");
            }
            String string = jSONArray.getString(0);
            return StringUtils.isBlank(string) ? ViewResult.failed("登录账号没有权限") : ViewResult.success().data(string);
        };
    }
}
