package org.iplass.mtp.impl.auth.oauth.token.opaque;

import java.util.ArrayList;
import java.util.HashSet;
import org.iplass.mtp.SystemException;
import org.iplass.mtp.auth.oauth.AccessTokenInfo;
import org.iplass.mtp.impl.auth.authenticate.token.AuthToken;
import org.iplass.mtp.impl.auth.oauth.MetaOAuthClient;
import org.iplass.mtp.impl.auth.oauth.token.opaque.RefreshTokenMement;
import org.iplass.mtp.impl.auth.oauth.util.OAuthConstants;
import org.iplass.mtp.impl.core.ExecuteContext;
import org.iplass.mtp.transaction.Transaction;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/iplass/mtp/impl/auth/oauth/token/opaque/SameTokenCreationStrategy.class */
public class SameTokenCreationStrategy implements TokenCreationStrategy {
    private static Logger logger = LoggerFactory.getLogger(SameTokenCreationStrategy.class);
    private long retryIntervalMillis;
    private int retryCount;

    public long getRetryIntervalMillis() {
        return this.retryIntervalMillis;
    }

    public void setRetryIntervalMillis(long j) {
        this.retryIntervalMillis = j;
    }

    public int getRetryCount() {
        return this.retryCount;
    }

    public void setRetryCount(int i) {
        this.retryCount = i;
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.opaque.TokenCreationStrategy
    public AuthToken create(MetaOAuthClient.OAuthClientRuntime oAuthClientRuntime, AccessTokenHandler accessTokenHandler, String str, AccessTokenInfo accessTokenInfo) {
        if (accessTokenHandler.getHashSettings() != null && accessTokenHandler.getHashSettings().size() > 0) {
            throw new SystemException("SameTokenCreationStrategy is not support AuthToken hash setting.");
        }
        int clientTenantId = ExecuteContext.getCurrentContext().getClientTenantId();
        String newSeriesString = accessTokenHandler.newSeriesString(str, null, accessTokenInfo);
        for (int i = 0; i <= this.retryCount; i++) {
            AuthToken authToken = null;
            try {
                authToken = (AuthToken) Transaction.requiresNew(transaction -> {
                    AuthToken authToken2;
                    AuthToken bySeries = accessTokenHandler.authTokenStore().getBySeries(clientTenantId, accessTokenHandler.getType(), newSeriesString);
                    if (bySeries == null) {
                        AuthToken newAuthToken = accessTokenHandler.newAuthToken(str, null, accessTokenInfo);
                        accessTokenHandler.authTokenStore().create(newAuthToken);
                        return newAuthToken;
                    }
                    AccessTokenMement accessTokenMement = (AccessTokenMement) bySeries.getDetails();
                    if (!accessTokenMement.getResouceOwnerId().equals(str) || !oAuthClientRuntime.m47getMetaData().getId().equals(accessTokenMement.getClientMetaDataId())) {
                        throw new SystemException("AccessToken's series hash may have collision: client=" + accessTokenMement.getClientMetaDataId() + " ,series=" + newSeriesString);
                    }
                    if (accessTokenMement.getGrantedScopes() == null || !accessTokenMement.getGrantedScopes().containsAll(accessTokenInfo.getGrantedScopes())) {
                        HashSet hashSet = new HashSet();
                        if (accessTokenMement.getGrantedScopes() != null) {
                            hashSet.addAll(accessTokenMement.getGrantedScopes());
                        }
                        hashSet.addAll(accessTokenInfo.getGrantedScopes());
                        AccessTokenInfo accessTokenInfo2 = new AccessTokenInfo();
                        accessTokenInfo2.setClientName(accessTokenInfo.getClientName());
                        accessTokenInfo2.setGrantedScopes(new ArrayList(hashSet));
                        accessTokenHandler.authTokenStore().deleteBySeries(clientTenantId, accessTokenHandler.getType(), newSeriesString);
                        AuthToken newAuthToken2 = accessTokenHandler.newAuthToken(str, null, accessTokenInfo2);
                        accessTokenHandler.authTokenStore().create(newAuthToken2);
                        return newAuthToken2;
                    }
                    if (accessTokenMement.getExpires() > System.currentTimeMillis()) {
                        authToken2 = bySeries;
                    } else {
                        AccessTokenInfo accessTokenInfo3 = new AccessTokenInfo();
                        accessTokenInfo3.setClientName(oAuthClientRuntime.m47getMetaData().getName());
                        accessTokenInfo3.setGrantedScopes(new ArrayList(accessTokenMement.getGrantedScopes()));
                        AuthToken newAuthToken3 = accessTokenHandler.newAuthToken(str, null, accessTokenInfo3);
                        accessTokenHandler.authTokenStore().update(newAuthToken3, bySeries);
                        authToken2 = newAuthToken3;
                    }
                    AccessTokenMement accessTokenMement2 = (AccessTokenMement) authToken2.getDetails();
                    boolean z = false;
                    if (accessTokenInfo.getGrantedScopes().contains(OAuthConstants.SCOPE_OFFLINE_ACCESS) && oAuthClientRuntime.getAuthorizationServer().getClientPolicy(oAuthClientRuntime.m47getMetaData().getClientType()).isRequireRefreshToken(accessTokenInfo.getGrantedScopes())) {
                        z = true;
                    }
                    if (z && accessTokenMement2.getRefreshToken() == null) {
                        accessTokenMement2.setRefreshToken(accessTokenHandler.refreshTokenHandler().authTokenStore().getBySeries(clientTenantId, accessTokenHandler.refreshTokenHandler().getType(), authToken2.getSeries()));
                    }
                    if (z && (accessTokenMement2.getRefreshToken() == null || ((RefreshTokenMement) accessTokenMement2.getRefreshToken().getDetails()).getExpires() <= System.currentTimeMillis())) {
                        accessTokenHandler.refreshTokenHandler().authTokenStore().deleteBySeries(clientTenantId, accessTokenHandler.refreshTokenHandler().getType(), authToken2.getSeries());
                        AuthToken newAuthToken4 = accessTokenHandler.refreshTokenHandler().newAuthToken(authToken2.getOwnerId(), authToken2.getPolicyName(), new RefreshTokenMement.RefreshTokenInfo(oAuthClientRuntime.m47getMetaData().getName()));
                        accessTokenHandler.refreshTokenHandler().authTokenStore().create(newAuthToken4);
                        accessTokenMement2.setRefreshToken(newAuthToken4);
                    }
                    return authToken2;
                });
            } catch (RuntimeException e) {
                if (i == this.retryCount) {
                    throw e;
                }
                logger.warn("AuthToken:" + newSeriesString + " update failed, do re-try...", e);
            }
            if (authToken != null) {
                return authToken;
            }
            try {
                Thread.sleep(this.retryIntervalMillis);
            } catch (InterruptedException e2) {
                throw new SystemException("thread is interrupted.", e2);
            }
        }
        throw new SystemException("Can not create AuthToken:" + newSeriesString + ". retry count over");
    }

    @Override // org.iplass.mtp.impl.auth.oauth.token.opaque.TokenCreationStrategy
    public AuthToken create(MetaOAuthClient.OAuthClientRuntime oAuthClientRuntime, AccessTokenHandler accessTokenHandler, OpaqueRefreshToken opaqueRefreshToken) {
        int clientTenantId = ExecuteContext.getCurrentContext().getClientTenantId();
        String series = opaqueRefreshToken.getSeries();
        for (int i = 0; i <= this.retryCount; i++) {
            AuthToken authToken = null;
            try {
                authToken = (AuthToken) Transaction.requiresNew(transaction -> {
                    AuthToken bySeries = accessTokenHandler.authTokenStore().getBySeries(clientTenantId, accessTokenHandler.getType(), series);
                    if (bySeries == null) {
                        return null;
                    }
                    AccessTokenMement accessTokenMement = (AccessTokenMement) bySeries.getDetails();
                    if (!oAuthClientRuntime.m47getMetaData().getId().equals(accessTokenMement.getClientMetaDataId())) {
                        throw new SystemException("AccessToken's series hash may have collision: client=" + accessTokenMement.getClientMetaDataId() + " ,series=" + series);
                    }
                    if (accessTokenMement.getExpires() > System.currentTimeMillis()) {
                        return bySeries;
                    }
                    AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
                    accessTokenInfo.setClientName(oAuthClientRuntime.m47getMetaData().getName());
                    accessTokenInfo.setGrantedScopes(new ArrayList(accessTokenMement.getGrantedScopes()));
                    AuthToken newAuthToken = accessTokenHandler.newAuthToken(bySeries.getOwnerId(), null, accessTokenInfo);
                    accessTokenHandler.authTokenStore().update(newAuthToken, bySeries);
                    return newAuthToken;
                });
            } catch (RuntimeException e) {
                if (i == this.retryCount) {
                    throw e;
                }
                logger.warn("AuthToken:" + series + " update failed, do re-try...", e);
            }
            if (authToken != null) {
                return authToken;
            }
            try {
                Thread.sleep(this.retryIntervalMillis);
            } catch (InterruptedException e2) {
                throw new SystemException("thread is interrupted.", e2);
            }
        }
        throw new SystemException("Can not refresh AuthToken:" + series + ". retry count over");
    }
}
