package org.openea.eap.module.system.service.oauth2;

import cn.hutool.core.lang.Assert;
import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import java.util.List;
import javax.annotation.Resource;
import org.openea.eap.framework.common.enums.UserTypeEnum;
import org.openea.eap.framework.common.exception.util.ServiceExceptionUtil;
import org.openea.eap.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
import org.openea.eap.module.system.dal.dataobject.oauth2.OAuth2CodeDO;
import org.openea.eap.module.system.dal.dataobject.user.AdminUserDO;
import org.openea.eap.module.system.enums.ErrorCodeConstants;
import org.openea.eap.module.system.service.auth.AdminAuthService;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/openea/eap/module/system/service/oauth2/OAuth2GrantServiceImpl.class */
public class OAuth2GrantServiceImpl implements OAuth2GrantService {

    @Resource
    private OAuth2TokenService oauth2TokenService;

    @Resource
    private OAuth2CodeService oauth2CodeService;

    @Resource
    private AdminAuthService adminAuthService;

    @Override // org.openea.eap.module.system.service.oauth2.OAuth2GrantService
    public OAuth2AccessTokenDO grantImplicit(Long l, String str, Integer num, String str2, List<String> list) {
        return this.oauth2TokenService.createAccessToken(l, str, num, str2, list);
    }

    @Override // org.openea.eap.module.system.service.oauth2.OAuth2GrantService
    public String grantAuthorizationCodeForCode(Long l, Integer num, String str, List<String> list, String str2, String str3) {
        return this.oauth2CodeService.createAuthorizationCode(l, num, str, list, str2, str3).getCode();
    }

    @Override // org.openea.eap.module.system.service.oauth2.OAuth2GrantService
    public OAuth2AccessTokenDO grantAuthorizationCodeForAccessToken(String str, String str2, String str3, String str4) {
        OAuth2CodeDO consumeAuthorizationCode = this.oauth2CodeService.consumeAuthorizationCode(str2);
        Assert.notNull(consumeAuthorizationCode, "授权码不能为空", new Object[0]);
        if (!StrUtil.equals(str, consumeAuthorizationCode.getClientId())) {
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.OAUTH2_GRANT_CLIENT_ID_MISMATCH);
        }
        if (!StrUtil.equals(str3, consumeAuthorizationCode.getRedirectUri())) {
            throw ServiceExceptionUtil.exception(ErrorCodeConstants.OAUTH2_GRANT_REDIRECT_URI_MISMATCH);
        }
        if (StrUtil.equals(StrUtil.nullToDefault(str4, ""), consumeAuthorizationCode.getState())) {
            return this.oauth2TokenService.createAccessToken(consumeAuthorizationCode.getUserId(), consumeAuthorizationCode.getUserKey(), consumeAuthorizationCode.getUserType(), consumeAuthorizationCode.getClientId(), consumeAuthorizationCode.getScopes());
        }
        throw ServiceExceptionUtil.exception(ErrorCodeConstants.OAUTH2_GRANT_STATE_MISMATCH);
    }

    @Override // org.openea.eap.module.system.service.oauth2.OAuth2GrantService
    public OAuth2AccessTokenDO grantPassword(String str, String str2, String str3, List<String> list) {
        AdminUserDO authenticate = this.adminAuthService.authenticate(str, str2);
        Assert.notNull(authenticate, "用户不能为空！", new Object[0]);
        return this.oauth2TokenService.createAccessToken(authenticate.getId(), str, UserTypeEnum.ADMIN.getValue(), str3, list);
    }

    @Override // org.openea.eap.module.system.service.oauth2.OAuth2GrantService
    public OAuth2AccessTokenDO grantRefreshToken(String str, String str2) {
        return this.oauth2TokenService.refreshAccessToken(str, str2);
    }

    @Override // org.openea.eap.module.system.service.oauth2.OAuth2GrantService
    public OAuth2AccessTokenDO grantClientCredentials(String str, List<String> list) {
        throw new UnsupportedOperationException("暂时不支持 client_credentials 授权模式");
    }

    @Override // org.openea.eap.module.system.service.oauth2.OAuth2GrantService
    public boolean revokeToken(String str, String str2) {
        OAuth2AccessTokenDO accessToken = this.oauth2TokenService.getAccessToken(str2);
        return (accessToken == null || ObjectUtil.notEqual(str, accessToken.getClientId()) || this.oauth2TokenService.removeAccessToken(str2) == null) ? false : true;
    }
}
