package cn.dev33.satoken.oauth2.logic;

import cn.dev33.satoken.SaTokenManager;
import cn.dev33.satoken.exception.SaTokenException;
import cn.dev33.satoken.oauth2.SaOAuth2Manager;
import cn.dev33.satoken.oauth2.model.AccessTokenModel;
import cn.dev33.satoken.oauth2.model.CodeModel;
import cn.dev33.satoken.oauth2.model.RequestAuthModel;
import cn.dev33.satoken.oauth2.util.SaOAuth2Consts;
import cn.dev33.satoken.oauth2.util.SaOAuth2InsideUtil;
import cn.dev33.satoken.util.SaTokenInsideUtil;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Arrays;
import java.util.List;

/* loaded from: input_file:cn/dev33/satoken/oauth2/logic/SaOAuth2Interface.class */
public interface SaOAuth2Interface {
    default List<String> getAppScopeList() {
        return Arrays.asList("userinfo");
    }

    default List<String> getClientScopeList(String str) {
        return getAppScopeList();
    }

    default List<String> getGrantScopeList(Object obj, String str) {
        return Arrays.asList(new String[0]);
    }

    default String getClientDomain(String str) {
        return SaOAuth2Consts.UNLIMITED_DOMAIN;
    }

    default String getClientSecret(String str) {
        return null;
    }

    default String getOpenid(String str, Object obj) {
        return null;
    }

    default Object getLoginId(String str, String str2) {
        return null;
    }

    default void checkContract(String str, String str2) {
        if (!getClientScopeList(str).containsAll(Arrays.asList(str2.split(",")))) {
            throw new SaTokenException("请求授权范围超出或无效");
        }
    }

    default boolean isGrant(Object obj, String str, String str2) {
        return getGrantScopeList(obj, str).containsAll(convertStringToList(str2));
    }

    default void checkRightUrl(String str, String str2) {
        if (!SaOAuth2InsideUtil.isUrl(str2)) {
            throw new SaTokenException("url格式错误");
        }
        String clientDomain = getClientDomain(str);
        if (clientDomain == null || "".equals(clientDomain)) {
            throw new SaTokenException("重定向地址无效");
        }
        if (SaOAuth2Consts.UNLIMITED_DOMAIN.equals(clientDomain)) {
            return;
        }
        try {
            if (convertStringToList(clientDomain).contains(new URL(str2).getHost())) {
            } else {
                throw new SaTokenException("重定向地址不在列表中");
            }
        } catch (MalformedURLException e) {
            throw new SaTokenException("url格式错误", e);
        }
    }

    default CodeModel checkCodeIdSecret(String str, String str2, String str3) {
        CodeModel code = getCode(str);
        if (code == null) {
            throw new SaTokenException("无效code");
        }
        if (!code.getClientId().equals(str2)) {
            throw new SaTokenException("无效client_id");
        }
        String clientSecret = getClientSecret(str2);
        System.out.println(clientSecret);
        System.out.println(str3);
        if (clientSecret == null || !clientSecret.equals(str3)) {
            throw new SaTokenException("无效client_secret");
        }
        return code;
    }

    default AccessTokenModel checkTokenIdSecret(String str, String str2, String str3) {
        AccessTokenModel accessToken = getAccessToken(str);
        if (accessToken == null) {
            throw new SaTokenException("无效access_token");
        }
        if (!accessToken.getClientId().equals(str2)) {
            throw new SaTokenException("无效client_id");
        }
        String clientSecret = getClientSecret(str2);
        if (clientSecret == null || clientSecret.equals(str3)) {
            throw new SaTokenException("无效client_secret");
        }
        return accessToken;
    }

    default CodeModel generateCode(RequestAuthModel requestAuthModel) {
        String clientId = requestAuthModel.getClientId();
        String scope = requestAuthModel.getScope();
        Object loginId = requestAuthModel.getLoginId();
        String redirectUri = requestAuthModel.getRedirectUri();
        String state = requestAuthModel.getState();
        checkContract(clientId, scope);
        checkRightUrl(clientId, redirectUri);
        String createCode = createCode(clientId, scope, loginId);
        CodeModel codeModel = new CodeModel(createCode, clientId, scope, loginId);
        String splicingParame = splicingParame(redirectUri, "code=" + createCode);
        if (state != null) {
            splicingParame = splicingParame(splicingParame, "state=" + state);
        }
        codeModel.setRedirectUri(splicingParame);
        codeModel.setRejectUri(splicingParame(redirectUri, "handle=reject"));
        codeModel.setIsConfirm(Boolean.valueOf(isGrant(loginId, clientId, scope)));
        long codeTimeout = SaOAuth2Manager.getConfig().getCodeTimeout();
        SaTokenManager.getSaTokenDao().setObject(getKeyCodeModel(createCode), codeModel, codeTimeout);
        String keyClientLoginId = getKeyClientLoginId(loginId, clientId);
        SaTokenManager.getSaTokenDao().delete(keyClientLoginId);
        SaTokenManager.getSaTokenDao().set(keyClientLoginId, createCode, codeTimeout);
        return codeModel;
    }

    default CodeModel getCode(String str) {
        return (CodeModel) SaTokenManager.getSaTokenDao().getObject(getKeyCodeModel(str));
    }

    default void updateCode(String str, CodeModel codeModel) {
        SaTokenManager.getSaTokenDao().updateObject(getKeyCodeModel(str), codeModel);
    }

    default void confirmCode(String str) {
        CodeModel code = getCode(str);
        if (code.getIsConfirm().booleanValue()) {
            return;
        }
        code.setIsConfirm(true);
        updateCode(str, code);
    }

    default void deleteCode(String str) {
        SaTokenManager.getSaTokenDao().deleteObject(getKeyCodeModel(str));
    }

    default AccessTokenModel generateAccessToken(CodeModel codeModel) {
        if (codeModel == null) {
            throw new SaTokenException("无效code");
        }
        if (!codeModel.getIsConfirm().booleanValue()) {
            throw new SaTokenException("该code尚未授权");
        }
        AccessTokenModel converCodeToAccessToken = converCodeToAccessToken(codeModel);
        SaTokenManager.getSaTokenDao().setObject(getKeyAccessToken(converCodeToAccessToken.getAccessToken()), converCodeToAccessToken, SaOAuth2Manager.getConfig().getAccessTokenTimeout());
        SaTokenManager.getSaTokenDao().setObject(getKeyRefreshToken(converCodeToAccessToken.getRefreshToken()), codeModel, SaOAuth2Manager.getConfig().getRefreshTokenTimeout());
        return converCodeToAccessToken;
    }

    default AccessTokenModel getAccessToken(String str) {
        return (AccessTokenModel) SaTokenManager.getSaTokenDao().getObject(getKeyAccessToken(str));
    }

    default AccessTokenModel refreshAccessToken(String str) {
        CodeModel refreshToken = getRefreshToken(str);
        if (refreshToken == null) {
            throw new SaTokenException("无效refresh_token");
        }
        AccessTokenModel converCodeToAccessToken = converCodeToAccessToken(refreshToken);
        converCodeToAccessToken.setRefreshToken(str);
        SaTokenManager.getSaTokenDao().setObject(getKeyAccessToken(converCodeToAccessToken.getAccessToken()), converCodeToAccessToken, SaOAuth2Manager.getConfig().getAccessTokenTimeout());
        return converCodeToAccessToken;
    }

    default CodeModel getRefreshToken(String str) {
        return (CodeModel) SaTokenManager.getSaTokenDao().getObject(getKeyRefreshToken(str));
    }

    default long getAccessTokenExpiresIn(String str) {
        return SaTokenManager.getSaTokenDao().getObjectTimeout(getKeyAccessToken(str));
    }

    default long getRefreshTokenExpiresIn(String str) {
        return SaTokenManager.getSaTokenDao().getObjectTimeout(getKeyRefreshToken(str));
    }

    default Object getLoginIdByAccessToken(String str) {
        AccessTokenModel accessToken = SaOAuth2Util.getAccessToken(str);
        if (accessToken == null) {
            throw new SaTokenException("无效access_token");
        }
        return getLoginId(accessToken.getClientId(), accessToken.getOpenid());
    }

    default List<String> convertStringToList(String str) {
        return Arrays.asList(str.split(","));
    }

    default String createCode(String str, String str2, Object obj) {
        return SaTokenInsideUtil.getRandomString(60).toLowerCase();
    }

    default String createAccessToken(CodeModel codeModel) {
        return SaTokenInsideUtil.getRandomString(60).toLowerCase();
    }

    default String createRefreshToken(CodeModel codeModel) {
        return SaTokenInsideUtil.getRandomString(60).toLowerCase();
    }

    default String splicingParame(String str, String str2) {
        if (str2 == null || str2.length() == 0) {
            return str;
        }
        int indexOf = str.indexOf(63);
        return indexOf == -1 ? str + '?' + str2 : indexOf == str.length() - 1 ? str + str2 : (indexOf <= -1 || indexOf >= str.length() - 1) ? str : (str.lastIndexOf("&") == str.length() - 1 || str2.indexOf("&") == 0) ? str + str2 : str + "&" + str2;
    }

    default AccessTokenModel converCodeToAccessToken(CodeModel codeModel) {
        if (codeModel == null) {
            throw new SaTokenException("无效code");
        }
        AccessTokenModel accessTokenModel = new AccessTokenModel();
        accessTokenModel.setAccessToken(createAccessToken(codeModel));
        accessTokenModel.setRefreshToken(createRefreshToken(codeModel));
        accessTokenModel.setCode(codeModel.getCode());
        accessTokenModel.setClientId(codeModel.getClientId());
        accessTokenModel.setScope(codeModel.getScope());
        accessTokenModel.setOpenid(getOpenid(codeModel.getClientId(), codeModel.getLoginId()));
        accessTokenModel.setTag(codeModel.getTag());
        return accessTokenModel;
    }

    default String getKeyCodeModel(String str) {
        return SaTokenManager.getConfig().getTokenName() + ":oauth2:code:" + str;
    }

    default String getKeyClientLoginId(Object obj, String str) {
        return SaTokenManager.getConfig().getTokenName() + ":oauth2:newest-code:" + str + ":" + obj;
    }

    default String getKeyRefreshToken(String str) {
        return SaTokenManager.getConfig().getTokenName() + ":oauth2:refresh-token:" + str;
    }

    default String getKeyAccessToken(String str) {
        return SaTokenManager.getConfig().getTokenName() + ":oauth2:access-token:" + str;
    }
}
