package vip.mate.core.security.handle;

import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.NonNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.TokenRequest;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

/* loaded from: input_file:vip/mate/core/security/handle/MateAuthenticationSuccessHandler.class */
public class MateAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
    private static final Logger log = LoggerFactory.getLogger(MateAuthenticationSuccessHandler.class);

    @NonNull
    @Autowired
    private ClientDetailsService clientDetailsService;

    @NonNull
    @Autowired
    private PasswordEncoder passwordEncoder;

    @NonNull
    @Autowired
    @Lazy
    private AuthorizationServerTokenServices authorizationServerTokenServices;

    @NonNull
    @Autowired
    private ObjectMapper objectMapper;

    public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException {
        log.info("Login succeed！");
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null || !header.toLowerCase().startsWith("basic ")) {
            throw new UnapprovedClientAuthenticationException("请求头中无客户端信息");
        }
        String[] extractAndDecodeHeader = extractAndDecodeHeader(header);
        if (extractAndDecodeHeader.length != 2) {
            throw new BadCredentialsException("Invalid basic authentication token");
        }
        String str = extractAndDecodeHeader[0];
        String str2 = extractAndDecodeHeader[1];
        ClientDetails loadClientByClientId = this.clientDetailsService.loadClientByClientId(str);
        if (loadClientByClientId == null) {
            throw new UnapprovedClientAuthenticationException("客户端信息不存在：" + str);
        }
        if (!this.passwordEncoder.matches(str2, loadClientByClientId.getClientSecret())) {
            throw new UnapprovedClientAuthenticationException("客户端密钥不匹配" + str2);
        }
        OAuth2AccessToken createAccessToken = this.authorizationServerTokenServices.createAccessToken(new OAuth2Authentication(new TokenRequest(new HashMap(0), str, loadClientByClientId.getScope(), "custom").createOAuth2Request(loadClientByClientId), authentication));
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.getWriter().write(this.objectMapper.writeValueAsString(createAccessToken));
    }

    private String[] extractAndDecodeHeader(String str) {
        try {
            String str2 = new String(Base64.getDecoder().decode(str.substring(6).getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
            int indexOf = str2.indexOf(":");
            if (indexOf == -1) {
                throw new BadCredentialsException("Invalid basic authentication token");
            }
            return new String[]{str2.substring(0, indexOf), str2.substring(indexOf + 1)};
        } catch (IllegalArgumentException e) {
            throw new BadCredentialsException("Failed to decode basic authentication token");
        }
    }
}
