package com.vortex.pinghu.auth.application.rpc;

import com.alibaba.fastjson.JSON;
import com.vortex.pinghu.auth.api.authentication.LocalUsernamePasswordAuthToken;
import com.vortex.pinghu.auth.api.constants.AuthenticationConstants;
import com.vortex.pinghu.auth.api.dto.CommonIdListDTO;
import com.vortex.pinghu.auth.api.rpc.AuthenticationRpc;
import com.vortex.pinghu.auth.application.conf.properties.LocalClientSecretProperties;
import com.vortex.pinghu.auth.application.helper.StaffHelper;
import com.vortex.pinghu.common.api.Result;
import com.vortex.pinghu.usercenter.api.dto.response.StaffInfoDTO;
import com.vortex.pinghu.usercenter.api.rpc.StaffFeignApi;
import io.swagger.annotations.Api;
import java.util.Collections;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.annotation.Resource;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping
@Api(tags = {"认证授权-内部"})
@RestController
/* loaded from: input_file:com/vortex/pinghu/auth/application/rpc/AuthenticationRpcImpl.class */
public class AuthenticationRpcImpl implements AuthenticationRpc {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationRpcImpl.class);

    @Resource
    private LocalClientSecretProperties localClientSecretProperties;

    @Resource(name = "defaultAuthorizationServerTokenServices")
    private AuthorizationServerTokenServices authorizationServerTokenServices;

    @Resource
    private TokenStore tokenStore;

    @Resource
    private RedisTemplate<String, Object> redisTemplate;

    @Resource
    private StaffHelper staffHelper;

    @Resource
    private StaffFeignApi staffFeignApi;

    public Result<Boolean> invalidAuthentication(@RequestBody CommonIdListDTO commonIdListDTO) {
        if (!CollectionUtils.isEmpty(commonIdListDTO.getIds())) {
            commonIdListDTO.getIds().forEach(l -> {
                invalidByStaffId(l, AuthenticationConstants.APP_SCOPE);
                invalidByStaffId(l, AuthenticationConstants.WEB_SCOPE);
            });
        }
        return Result.newSuccess(true);
    }

    private boolean invalidByStaffId(Long l, String str) {
        Result info = this.staffFeignApi.info(l);
        if (!Result.isSuccess(info) || info.getRet() == null) {
            return false;
        }
        LocalUsernamePasswordAuthToken localUsernamePasswordAuthToken = new LocalUsernamePasswordAuthToken(((StaffInfoDTO) info.getRet()).getUserName(), (Object) null);
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        OAuth2AccessToken accessToken = this.authorizationServerTokenServices.getAccessToken(new OAuth2Authentication(new OAuth2Request((Map) null, this.localClientSecretProperties.getClientId(), Collections.EMPTY_SET, true, hashSet, (Set) null, (String) null, (Set) null, (Map) null), localUsernamePasswordAuthToken));
        if (accessToken == null || StringUtils.isEmpty(accessToken.getValue())) {
            return false;
        }
        this.tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(accessToken.getValue()));
        this.redisTemplate.delete(AuthenticationConstants.ACCESS_TOKEN_INFO + accessToken.getValue());
        return true;
    }

    private boolean refreshCacheByStaffId(Long l, String str) {
        Result info = this.staffFeignApi.info(l);
        if (!Result.isSuccess(info) || info.getRet() == null) {
            return false;
        }
        LocalUsernamePasswordAuthToken localUsernamePasswordAuthToken = new LocalUsernamePasswordAuthToken(((StaffInfoDTO) info.getRet()).getUserName(), (Object) null);
        HashSet hashSet = new HashSet();
        hashSet.add(str);
        OAuth2AccessToken accessToken = this.authorizationServerTokenServices.getAccessToken(new OAuth2Authentication(new OAuth2Request((Map) null, this.localClientSecretProperties.getClientId(), Collections.EMPTY_SET, true, hashSet, (Set) null, (String) null, (Set) null, (Map) null), localUsernamePasswordAuthToken));
        if (accessToken == null || StringUtils.isEmpty(accessToken.getValue())) {
            return false;
        }
        this.redisTemplate.opsForValue().set(AuthenticationConstants.ACCESS_TOKEN_INFO + accessToken.getValue(), JSON.toJSONString(info.getRet()), accessToken.getExpiresIn(), TimeUnit.SECONDS);
        return true;
    }

    public Result<Boolean> refreshCache(@RequestBody CommonIdListDTO commonIdListDTO) {
        if (!CollectionUtils.isEmpty(commonIdListDTO.getIds())) {
            commonIdListDTO.getIds().forEach(l -> {
                refreshCacheByStaffId(l, AuthenticationConstants.APP_SCOPE);
                refreshCacheByStaffId(l, AuthenticationConstants.WEB_SCOPE);
            });
        }
        return Result.newSuccess(true);
    }
}
