package com.jxdinfo.hussar.support.security.plugin.oauth2.logic;

import com.jxdinfo.hussar.support.security.core.context.SecurityHolder;
import com.jxdinfo.hussar.support.security.core.context.model.SecurityRequest;
import com.jxdinfo.hussar.support.security.core.context.model.SecurityResponse;
import com.jxdinfo.hussar.support.security.core.stp.SecurityUtil;
import com.jxdinfo.hussar.support.security.core.util.SecurityResult;
import com.jxdinfo.hussar.support.security.plugin.oauth2.SecurityOAuth2Manager;
import com.jxdinfo.hussar.support.security.plugin.oauth2.config.SecurityOAuth2Config;
import com.jxdinfo.hussar.support.security.plugin.oauth2.exception.SecurityOAuth2Exception;
import com.jxdinfo.hussar.support.security.plugin.oauth2.logic.SecurityOAuth2Consts;
import com.jxdinfo.hussar.support.security.plugin.oauth2.model.RequestAuthModel;

/* loaded from: input_file:com/jxdinfo/hussar/support/security/plugin/oauth2/logic/SecurityOAuth2Handle.class */
public class SecurityOAuth2Handle {
    public static Object serverRequest() {
        SecurityRequest request = SecurityHolder.getRequest();
        SecurityResponse response = SecurityHolder.getResponse();
        SecurityOAuth2Config config = SecurityOAuth2Manager.getConfig();
        return (request.isPath(SecurityOAuth2Consts.Api.authorize) && request.isParam(SecurityOAuth2Consts.Param.response_type, SecurityOAuth2Consts.ResponseType.code) && config.isCode.booleanValue()) ? authorize(request, response, config) : (request.isPath(SecurityOAuth2Consts.Api.token) && request.isParam(SecurityOAuth2Consts.Param.grant_type, SecurityOAuth2Consts.GrantType.authorization_code)) ? token(request, response, config) : (request.isPath(SecurityOAuth2Consts.Api.refresh) && request.isParam(SecurityOAuth2Consts.Param.grant_type, SecurityOAuth2Consts.GrantType.refresh_token)) ? refreshToken(request) : request.isPath(SecurityOAuth2Consts.Api.revoke) ? revokeToken(request) : request.isPath(SecurityOAuth2Consts.Api.doLogin) ? doLogin(request, response, config) : request.isPath(SecurityOAuth2Consts.Api.doConfirm) ? doConfirm(request) : (request.isPath(SecurityOAuth2Consts.Api.authorize) && request.isParam(SecurityOAuth2Consts.Param.response_type, SecurityOAuth2Consts.ResponseType.token) && config.isImplicit.booleanValue()) ? authorize(request, response, config) : (request.isPath(SecurityOAuth2Consts.Api.token) && request.isParam(SecurityOAuth2Consts.Param.grant_type, SecurityOAuth2Consts.GrantType.password) && config.isPassword.booleanValue()) ? password(request, response, config) : (request.isPath(SecurityOAuth2Consts.Api.client_token) && request.isParam(SecurityOAuth2Consts.Param.grant_type, SecurityOAuth2Consts.GrantType.client_credentials) && config.isClient.booleanValue()) ? clientToken(request, response, config) : SecurityOAuth2Consts.NOT_HANDLE;
    }

    public static Object authorize(SecurityRequest securityRequest, SecurityResponse securityResponse, SecurityOAuth2Config securityOAuth2Config) {
        if (!SecurityUtil.isLogin()) {
            return securityOAuth2Config.notLoginView.get();
        }
        RequestAuthModel generateRequestAuth = SecurityOAuth2Util.generateRequestAuth(securityRequest, SecurityUtil.getLoginId());
        SecurityOAuth2Util.checkRightUrl(generateRequestAuth.clientId, generateRequestAuth.redirectUri);
        SecurityOAuth2Util.checkContract(generateRequestAuth.clientId, generateRequestAuth.scope);
        if (!SecurityOAuth2Util.isGrant(generateRequestAuth.loginId, generateRequestAuth.clientId, generateRequestAuth.scope)) {
            return securityOAuth2Config.confirmView.apply(generateRequestAuth.clientId, generateRequestAuth.scope);
        }
        if (SecurityOAuth2Consts.ResponseType.code.equals(generateRequestAuth.responseType)) {
            return securityResponse.redirect(SecurityOAuth2Util.buildRedirectUri(generateRequestAuth.redirectUri, SecurityOAuth2Util.generateCode(generateRequestAuth).code, generateRequestAuth.state));
        }
        if (!SecurityOAuth2Consts.ResponseType.token.equals(generateRequestAuth.responseType)) {
            throw new SecurityOAuth2Exception("无效response_type: " + generateRequestAuth.responseType);
        }
        return securityResponse.redirect(SecurityOAuth2Util.buildImplicitRedirectUri(generateRequestAuth.redirectUri, SecurityOAuth2Util.generateAccessToken(generateRequestAuth, false).accessToken, generateRequestAuth.state));
    }

    public static Object token(SecurityRequest securityRequest, SecurityResponse securityResponse, SecurityOAuth2Config securityOAuth2Config) {
        String paramNotNull = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.code);
        SecurityOAuth2Util.checkGainTokenParam(paramNotNull, securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_id), securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_secret), securityRequest.getParam(SecurityOAuth2Consts.Param.redirect_uri));
        return SecurityResult.data(SecurityOAuth2Util.generateAccessToken(paramNotNull).toLineMap());
    }

    public static Object refreshToken(SecurityRequest securityRequest) {
        String paramNotNull = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_id);
        String paramNotNull2 = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_secret);
        String paramNotNull3 = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.refresh_token);
        SecurityOAuth2Util.checkRefreshTokenParam(paramNotNull, paramNotNull2, paramNotNull3);
        return SecurityResult.data(SecurityOAuth2Util.refreshAccessToken(paramNotNull3).toLineMap());
    }

    public static Object revokeToken(SecurityRequest securityRequest) {
        String paramNotNull = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_id);
        String paramNotNull2 = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_secret);
        String paramNotNull3 = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.access_token);
        if (SecurityOAuth2Util.getAccessToken(paramNotNull3) == null) {
            return SecurityResult.ok("access_token不存在：" + paramNotNull3);
        }
        SecurityOAuth2Util.checkAccessTokenParam(paramNotNull, paramNotNull2, paramNotNull3);
        SecurityOAuth2Util.revokeAccessToken(paramNotNull3);
        return SecurityResult.ok();
    }

    public static Object doLogin(SecurityRequest securityRequest, SecurityResponse securityResponse, SecurityOAuth2Config securityOAuth2Config) {
        return securityOAuth2Config.doLoginHandle.apply(securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.name), securityRequest.getParamNotNull("pwd"));
    }

    public static Object doConfirm(SecurityRequest securityRequest) {
        SecurityOAuth2Util.saveGrantScope(securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_id), SecurityUtil.getLoginId(), securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.scope));
        return SecurityResult.ok();
    }

    public static Object password(SecurityRequest securityRequest, SecurityResponse securityResponse, SecurityOAuth2Config securityOAuth2Config) {
        String paramNotNull = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.username);
        String paramNotNull2 = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.password);
        String paramNotNull3 = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_id);
        SecurityOAuth2Util.checkClientModel(paramNotNull3);
        SecurityHolder.getStorage().set(SecurityUtil.securityLogic.splicingKeyJustCreatedSave(), "no-token");
        Object apply = securityOAuth2Config.doLoginHandle.apply(paramNotNull, paramNotNull2);
        if (!SecurityUtil.isLogin()) {
            return apply;
        }
        RequestAuthModel requestAuthModel = new RequestAuthModel();
        requestAuthModel.clientId = paramNotNull3;
        requestAuthModel.loginId = SecurityUtil.getLoginId();
        requestAuthModel.scope = securityRequest.getParam(SecurityOAuth2Consts.Param.scope, "");
        return SecurityResult.data(SecurityOAuth2Util.generateAccessToken(requestAuthModel, true).toLineMap());
    }

    public static Object clientToken(SecurityRequest securityRequest, SecurityResponse securityResponse, SecurityOAuth2Config securityOAuth2Config) {
        String paramNotNull = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_id);
        String paramNotNull2 = securityRequest.getParamNotNull(SecurityOAuth2Consts.Param.client_secret);
        String param = securityRequest.getParam(SecurityOAuth2Consts.Param.scope);
        SecurityOAuth2Util.checkClientSecret(paramNotNull, paramNotNull2);
        return SecurityResult.data(SecurityOAuth2Util.generateClientToken(paramNotNull, param).toLineMap());
    }
}
