package com.lc.ibps.cloud.oauth.server.provider;

import com.lc.ibps.api.base.constants.StateEnum;
import com.lc.ibps.auth.constants.GrantType;
import com.lc.ibps.auth.constants.Scope;
import com.lc.ibps.base.core.encrypt.EncryptUtil;
import com.lc.ibps.base.core.exception.BaseException;
import com.lc.ibps.base.core.util.ExceptionUtil;
import com.lc.ibps.base.core.util.string.StringUtil;
import com.lc.ibps.cloud.entity.APIResult;
import com.lc.ibps.cloud.oauth.entity.AuthorizeVo;
import com.lc.ibps.cloud.oauth.entity.LoginVo;
import com.lc.ibps.cloud.oauth.server.context.InnerContextUtil;
import com.lc.ibps.cloud.oauth.server.service.IAuthorizeService;
import com.lc.ibps.cloud.redis.utils.RedisUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import java.util.concurrent.TimeUnit;
import org.springframework.stereotype.Service;
import org.springframework.web.bind.annotation.RequestBody;

@Api(tags = {"授权中心"}, value = "授权")
@Service
/* loaded from: input_file:com/lc/ibps/cloud/oauth/server/provider/AuthorizeProvider.class */
public class AuthorizeProvider extends BaseProvider implements IAuthorizeService {
    @ApiOperation(value = "申请授权", notes = "传入授权AppKey，申请授权")
    public APIResult<String> authorize(@ApiParam(name = "authorizeVo", value = "授权码请求对象", required = true) @RequestBody(required = true) AuthorizeVo authorizeVo) {
        String redisKey;
        if (logger.isDebugEnabled()) {
            logger.debug("request authorize");
        }
        APIResult<String> aPIResult = new APIResult<>();
        String decrypt = EncryptUtil.decrypt(authorizeVo.getClient_id());
        String login_state = authorizeVo.getLogin_state();
        aPIResult.addVariable("state", authorizeVo.getState());
        try {
            validateScope(decrypt, Scope.SSO.getValue());
            validateGrantType(decrypt, GrantType.CODE.getValue());
            redisKey = this.appConfig.getRedisKey(new String[]{"login.state", login_state});
        } catch (Exception e) {
            if (StateEnum.SUCCESS.getCode() == aPIResult.getState()) {
                aPIResult.setState(StateEnum.ILLEGAL_CLIENT_ID_SECRET.getCode());
            }
            aPIResult.setCause(ExceptionUtil.analysisCause(e));
            logger.error("authorize failed:", e);
        }
        if (!RedisUtil.redisTemplateString.hasKey(redisKey).booleanValue()) {
            aPIResult.setState(StateEnum.ILLEGAL_LOGIN_STATE.getCode());
            throw new BaseException(StateEnum.ILLEGAL_LOGIN_STATE.getCode(), StateEnum.ILLEGAL_LOGIN_STATE.getText(), new Object[0]);
        }
        String str = (String) RedisUtil.redisTemplateString.opsForValue().get(redisKey);
        if (StringUtil.isBlank(str)) {
            aPIResult.setState(StateEnum.ILLEGAL_LOGIN_STATE.getCode());
            throw new BaseException(StateEnum.ILLEGAL_LOGIN_STATE.getCode(), StateEnum.ILLEGAL_LOGIN_STATE.getText(), new Object[0]);
        }
        String uuid = uuid();
        aPIResult.setData(uuid);
        RedisUtil.redisTemplateString.delete(redisKey);
        String redisKey2 = this.appConfig.getRedisKey(new String[]{"authorize.code", uuid});
        RedisUtil.redisTemplate.opsForHash().put(redisKey2, "client.id", decrypt);
        RedisUtil.redisTemplate.opsForHash().put(redisKey2, "user.name", InnerContextUtil.getByAccount(new LoginVo(str, (String) null, (String) null, (String) null), true).getAccount());
        RedisUtil.redisTemplate.expire(redisKey2, this.tokenConfig.getAcexpires().intValue(), TimeUnit.SECONDS);
        return aPIResult;
    }
}
