package com.lc.ibps.auth.controller;

import com.lc.ibps.auth.service.OAuthService;
import java.net.URISyntaxException;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.oltu.oauth2.as.issuer.MD5Generator;
import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
import org.apache.oltu.oauth2.as.request.OAuthTokenRequest;
import org.apache.oltu.oauth2.as.response.OAuthASResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.GrantType;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@RequestMapping({"/auth2/"})
@Controller
/* loaded from: input_file:com/lc/ibps/auth/controller/TokenController.class */
public class TokenController {

    @Resource
    private OAuthService oAuthService;

    @RequestMapping({"access_token"})
    public HttpEntity accessToken(HttpServletRequest httpServletRequest) throws URISyntaxException, OAuthSystemException {
        try {
            OAuthTokenRequest oAuthTokenRequest = new OAuthTokenRequest(httpServletRequest);
            if (!this.oAuthService.checkClientId(oAuthTokenRequest.getClientId())) {
                OAuthResponse buildJSONMessage = OAuthASResponse.errorResponse(400).setError("invalid_client").setErrorDescription("客户端验证失败，如错误的client_id/client_secret。").buildJSONMessage();
                return new ResponseEntity(buildJSONMessage.getBody(), HttpStatus.valueOf(buildJSONMessage.getResponseStatus()));
            }
            if (!this.oAuthService.checkClientIdSecret(oAuthTokenRequest.getClientId(), oAuthTokenRequest.getClientSecret())) {
                OAuthResponse buildJSONMessage2 = OAuthASResponse.errorResponse(401).setError("unauthorized_client").setErrorDescription("客户端验证失败，如错误的client_id/client_secret。").buildJSONMessage();
                return new ResponseEntity(buildJSONMessage2.getBody(), HttpStatus.valueOf(buildJSONMessage2.getResponseStatus()));
            }
            if (oAuthTokenRequest.getParam("grant_type").equals(GrantType.AUTHORIZATION_CODE.toString())) {
                return requestByCode(oAuthTokenRequest);
            }
            if (oAuthTokenRequest.getParam("grant_type").equals(GrantType.REFRESH_TOKEN.toString())) {
                return requestByRefreshToken(oAuthTokenRequest);
            }
            OAuthResponse buildJSONMessage3 = OAuthASResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("授权类型不支持").buildJSONMessage();
            return new ResponseEntity(buildJSONMessage3.getBody(), HttpStatus.valueOf(buildJSONMessage3.getResponseStatus()));
        } catch (OAuthProblemException e) {
            OAuthResponse buildJSONMessage4 = OAuthASResponse.errorResponse(400).error(e).buildJSONMessage();
            return new ResponseEntity(buildJSONMessage4.getBody(), HttpStatus.valueOf(buildJSONMessage4.getResponseStatus()));
        }
    }

    private HttpEntity requestByRefreshToken(OAuthTokenRequest oAuthTokenRequest) throws OAuthSystemException {
        String param = oAuthTokenRequest.getParam("refresh_token");
        if (!this.oAuthService.checkRefreshToken(param)) {
            OAuthResponse buildJSONMessage = OAuthASResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("错误的令牌").buildJSONMessage();
            return new ResponseEntity(buildJSONMessage.getBody(), HttpStatus.valueOf(buildJSONMessage.getResponseStatus()));
        }
        OAuthIssuerImpl oAuthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
        String accessToken = oAuthIssuerImpl.accessToken();
        this.oAuthService.addAccessToken(accessToken, this.oAuthService.getUsernameByRefreshToken(param));
        String accessToken2 = oAuthIssuerImpl.accessToken();
        this.oAuthService.addRefreshToken(accessToken2, this.oAuthService.getUsernameByRefreshToken(param));
        OAuthResponse buildJSONMessage2 = OAuthASResponse.tokenResponse(200).setAccessToken(accessToken).setRefreshToken(accessToken2).setExpiresIn(String.valueOf(this.oAuthService.getExpireIn())).buildJSONMessage();
        this.oAuthService.removeRefreshToken(param);
        this.oAuthService.addClientId(accessToken, oAuthTokenRequest.getClientId());
        return new ResponseEntity(buildJSONMessage2.getBody(), HttpStatus.valueOf(buildJSONMessage2.getResponseStatus()));
    }

    private HttpEntity requestByCode(OAuthTokenRequest oAuthTokenRequest) throws OAuthSystemException {
        String param = oAuthTokenRequest.getParam("code");
        if (!this.oAuthService.checkAuthCode(param)) {
            OAuthResponse buildJSONMessage = OAuthASResponse.errorResponse(400).setError("invalid_grant").setErrorDescription("错误的授权码").buildJSONMessage();
            return new ResponseEntity(buildJSONMessage.getBody(), HttpStatus.valueOf(buildJSONMessage.getResponseStatus()));
        }
        OAuthIssuerImpl oAuthIssuerImpl = new OAuthIssuerImpl(new MD5Generator());
        String accessToken = oAuthIssuerImpl.accessToken();
        this.oAuthService.addAccessToken(accessToken, this.oAuthService.getUsernameByAuthCode(param));
        String accessToken2 = oAuthIssuerImpl.accessToken();
        this.oAuthService.addRefreshToken(accessToken2, this.oAuthService.getUsernameByAuthCode(param));
        OAuthResponse buildJSONMessage2 = OAuthASResponse.tokenResponse(200).setAccessToken(accessToken).setRefreshToken(accessToken2).setExpiresIn(String.valueOf(this.oAuthService.getExpireIn())).buildJSONMessage();
        this.oAuthService.removeAuthCode(param);
        this.oAuthService.addClientId(accessToken, oAuthTokenRequest.getClientId());
        return new ResponseEntity(buildJSONMessage2.getBody(), HttpStatus.valueOf(buildJSONMessage2.getResponseStatus()));
    }
}
