package org.hswebframework.web.oauth2.server.impl;

import java.time.Duration;
import java.util.UUID;
import org.apache.commons.codec.digest.DigestUtils;
import org.hswebframework.web.authorization.Authentication;
import org.hswebframework.web.authorization.token.AuthenticationUserToken;
import org.hswebframework.web.authorization.token.UserTokenManager;
import org.hswebframework.web.authorization.token.redis.RedisUserTokenManager;
import org.hswebframework.web.oauth2.ErrorType;
import org.hswebframework.web.oauth2.OAuth2Exception;
import org.hswebframework.web.oauth2.server.AccessToken;
import org.hswebframework.web.oauth2.server.AccessTokenManager;
import org.reactivestreams.Publisher;
import org.springframework.data.redis.connection.ReactiveRedisConnectionFactory;
import org.springframework.data.redis.core.ReactiveRedisOperations;
import org.springframework.data.redis.core.ReactiveRedisTemplate;
import org.springframework.data.redis.serializer.RedisSerializationContext;
import org.springframework.data.redis.serializer.RedisSerializer;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/hswebframework/web/oauth2/server/impl/RedisAccessTokenManager.class */
public class RedisAccessTokenManager implements AccessTokenManager {
    private final ReactiveRedisOperations<String, RedisAccessToken> tokenRedis;
    private final UserTokenManager userTokenManager;
    private int tokenExpireIn = 7200;
    private int refreshExpireIn = 2592000;

    public RedisAccessTokenManager(ReactiveRedisOperations<String, RedisAccessToken> reactiveRedisOperations, UserTokenManager userTokenManager) {
        this.tokenRedis = reactiveRedisOperations;
        this.userTokenManager = userTokenManager;
    }

    public RedisAccessTokenManager(ReactiveRedisConnectionFactory reactiveRedisConnectionFactory) {
        ReactiveRedisTemplate reactiveRedisTemplate = new ReactiveRedisTemplate(reactiveRedisConnectionFactory, RedisSerializationContext.newSerializationContext().key(RedisSerializer.string()).value(RedisSerializer.java()).hashKey(RedisSerializer.string()).hashValue(RedisSerializer.java()).build());
        this.tokenRedis = reactiveRedisTemplate;
        this.userTokenManager = new RedisUserTokenManager(reactiveRedisTemplate);
    }

    @Override // org.hswebframework.web.oauth2.server.AccessTokenManager
    public Mono<Authentication> getAuthenticationByToken(String str) {
        return this.userTokenManager.getByToken(str).filter(userToken -> {
            return userToken instanceof AuthenticationUserToken;
        }).map(userToken2 -> {
            return ((AuthenticationUserToken) userToken2).getAuthentication();
        });
    }

    private String createTokenRedisKey(String str, String str2) {
        return "oauth2-token:" + str + ":" + str2;
    }

    private String createUserTokenRedisKey(RedisAccessToken redisAccessToken) {
        return createUserTokenRedisKey(redisAccessToken.getClientId(), redisAccessToken.getAuthentication().getUser().getId());
    }

    private String createUserTokenRedisKey(String str, String str2) {
        return "oauth2-user-tokens:" + str + ":" + str2;
    }

    private String createRefreshTokenRedisKey(String str, String str2) {
        return "oauth2-refresh-token:" + str + ":" + str2;
    }

    private String createSingletonTokenRedisKey(String str) {
        return "oauth2-" + str + "-token";
    }

    private Mono<RedisAccessToken> doCreateAccessToken(String str, Authentication authentication, boolean z) {
        RedisAccessToken redisAccessToken = new RedisAccessToken(str, DigestUtils.md5Hex(UUID.randomUUID().toString()), DigestUtils.md5Hex(UUID.randomUUID().toString()), System.currentTimeMillis(), authentication, z);
        return storeToken(redisAccessToken).thenReturn(redisAccessToken);
    }

    private Mono<Void> storeAuthToken(RedisAccessToken redisAccessToken) {
        return redisAccessToken.storeAuth() ? this.userTokenManager.signIn(redisAccessToken.getAccessToken(), createTokenType(redisAccessToken.getClientId()), redisAccessToken.getAuthentication().getUser().getId(), this.tokenExpireIn * 1000, redisAccessToken.getAuthentication()).then() : this.userTokenManager.signIn(redisAccessToken.getAccessToken(), createTokenType(redisAccessToken.getClientId()), redisAccessToken.getAuthentication().getUser().getId(), this.tokenExpireIn * 1000).then();
    }

    private Mono<Void> storeToken(RedisAccessToken redisAccessToken) {
        return Flux.merge(new Publisher[]{storeAuthToken(redisAccessToken), this.tokenRedis.opsForValue().set(createUserTokenRedisKey(redisAccessToken), redisAccessToken, Duration.ofSeconds(this.tokenExpireIn)), this.tokenRedis.opsForValue().set(createTokenRedisKey(redisAccessToken.getClientId(), redisAccessToken.getAccessToken()), redisAccessToken, Duration.ofSeconds(this.tokenExpireIn)), this.tokenRedis.opsForValue().set(createRefreshTokenRedisKey(redisAccessToken.getClientId(), redisAccessToken.getRefreshToken()), redisAccessToken, Duration.ofSeconds(this.refreshExpireIn))}).then();
    }

    private Mono<AccessToken> doCreateSingletonAccessToken(String str, Authentication authentication) {
        String createSingletonTokenRedisKey = createSingletonTokenRedisKey(str);
        return this.tokenRedis.opsForValue().get(createSingletonTokenRedisKey).flatMap(redisAccessToken -> {
            return this.tokenRedis.getExpire(createSingletonTokenRedisKey).map(duration -> {
                return redisAccessToken.toAccessToken((int) (duration.toMillis() / 1000));
            });
        }).switchIfEmpty(Mono.defer(() -> {
            return doCreateAccessToken(str, authentication, true).flatMap(redisAccessToken2 -> {
                return this.tokenRedis.opsForValue().set(createSingletonTokenRedisKey, redisAccessToken2, Duration.ofSeconds(this.tokenExpireIn)).thenReturn(redisAccessToken2.toAccessToken(this.tokenExpireIn));
            });
        }));
    }

    @Override // org.hswebframework.web.oauth2.server.AccessTokenManager
    public Mono<AccessToken> createAccessToken(String str, Authentication authentication, boolean z) {
        return z ? doCreateSingletonAccessToken(str, authentication) : doCreateAccessToken(str, authentication, false).map(redisAccessToken -> {
            return redisAccessToken.toAccessToken(this.tokenExpireIn);
        });
    }

    @Override // org.hswebframework.web.oauth2.server.AccessTokenManager
    public Mono<AccessToken> refreshAccessToken(String str, String str2) {
        return this.tokenRedis.opsForValue().get(createRefreshTokenRedisKey(str, str2)).switchIfEmpty(Mono.error(() -> {
            return new OAuth2Exception(ErrorType.EXPIRED_REFRESH_TOKEN);
        })).flatMap(redisAccessToken -> {
            if (!redisAccessToken.getClientId().equals(str)) {
                return Mono.error(new OAuth2Exception(ErrorType.ILLEGAL_CLIENT_ID));
            }
            redisAccessToken.setAccessToken(DigestUtils.md5Hex(UUID.randomUUID().toString()));
            redisAccessToken.setCreateTime(System.currentTimeMillis());
            return ((Mono) storeToken(redisAccessToken).as(mono -> {
                return redisAccessToken.isSingleton() ? this.userTokenManager.signOutByToken(redisAccessToken.getAccessToken()).then(this.tokenRedis.opsForValue().set(createSingletonTokenRedisKey(str), redisAccessToken, Duration.ofSeconds(this.tokenExpireIn)).then(mono)) : mono;
            })).thenReturn(redisAccessToken.toAccessToken(this.tokenExpireIn));
        });
    }

    @Override // org.hswebframework.web.oauth2.server.AccessTokenManager
    public Mono<Void> removeToken(String str, String str2) {
        return Flux.merge(new Publisher[]{this.userTokenManager.signOutByToken(str2), this.tokenRedis.delete(new String[]{createSingletonTokenRedisKey(str)}), this.tokenRedis.delete(new String[]{createTokenRedisKey(str, str2)})}).then();
    }

    @Override // org.hswebframework.web.oauth2.server.AccessTokenManager
    public Mono<Void> cancelGrant(String str, String str2) {
        return Flux.merge(new Publisher[]{this.tokenRedis.opsForValue().get(createUserTokenRedisKey(str, str2)).flatMap(redisAccessToken -> {
            return this.tokenRedis.opsForValue().delete(createRefreshTokenRedisKey(redisAccessToken.getClientId(), redisAccessToken.getRefreshToken()));
        }).then(), this.userTokenManager.getByUserId(str2).flatMap(userToken -> {
            return !createTokenType(str).equals(userToken.getType()) ? Mono.empty() : this.tokenRedis.opsForValue().get(createTokenRedisKey(str, userToken.getToken())).flatMap(redisAccessToken2 -> {
                return this.tokenRedis.delete(new String[]{createTokenRedisKey(redisAccessToken2.getClientId(), redisAccessToken2.getAccessToken())}).then(this.tokenRedis.opsForValue().delete(createRefreshTokenRedisKey(redisAccessToken2.getClientId(), redisAccessToken2.getRefreshToken())));
            }).then(this.userTokenManager.signOutByToken(userToken.getToken()));
        }).then()}).then();
    }

    private String createTokenType(String str) {
        return "oauth2-" + str;
    }

    public int getTokenExpireIn() {
        return this.tokenExpireIn;
    }

    public void setTokenExpireIn(int i) {
        this.tokenExpireIn = i;
    }

    public int getRefreshExpireIn() {
        return this.refreshExpireIn;
    }

    public void setRefreshExpireIn(int i) {
        this.refreshExpireIn = i;
    }
}
