package cn.herodotus.engine.security.authorize.service;

import cn.herodotus.engine.rest.crypto.domain.SecretKey;
import cn.herodotus.engine.rest.crypto.enhance.InterfaceCryptoProcessor;
import cn.herodotus.engine.rest.crypto.exception.SessionInvalidException;
import cn.herodotus.engine.security.core.definition.domain.HerodotusClientDetails;
import cn.herodotus.engine.security.core.definition.service.HerodotusClientDetailsService;
import cn.herodotus.engine.security.core.utils.SecurityUtils;
import org.apache.commons.lang3.ObjectUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.oauth2.common.exceptions.InvalidClientException;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:cn/herodotus/engine/security/authorize/service/InterfaceSecurityService.class */
public class InterfaceSecurityService {
    private static final Logger log = LoggerFactory.getLogger(InterfaceSecurityService.class);
    private static final String PKCS1_BEGIN = "-----BEGIN RSA PUBLIC KEY-----";
    private static final String PKCS1_END = "-----END RSA PUBLIC KEY-----";
    private static final String PKCS8_BEGIN = "-----BEGIN PUBLIC KEY-----";
    private static final String PKCS8_END = "-----END PUBLIC KEY-----";

    @Autowired
    private InterfaceCryptoProcessor interfaceCryptoProcessor;

    @Autowired
    private HerodotusClientDetailsService herodotusClientDetailsService;

    private ClientDetails validateClient(String str, String str2) {
        HerodotusClientDetails oauthClientDetails = this.herodotusClientDetailsService.getOauthClientDetails(str);
        boolean z = false;
        if (ObjectUtils.isNotEmpty(oauthClientDetails)) {
            z = SecurityUtils.matches(str2, oauthClientDetails.getClientSecret());
        }
        if (z) {
            return oauthClientDetails;
        }
        throw new InvalidClientException("Illegal Client Info");
    }

    public SecretKey createSecretKey(String str, String str2, String str3) {
        return this.interfaceCryptoProcessor.createSecretKey(str3, validateClient(str, str2).getAccessTokenValiditySeconds());
    }

    public String exchange(String str, String str2) {
        try {
            return this.interfaceCryptoProcessor.exchange(str, str2);
        } catch (SessionInvalidException e) {
            throw new InvalidTokenException("Token is expired!");
        }
    }

    public String appendPkcs8PublicKeyPadding(String str) {
        return this.interfaceCryptoProcessor.convertPublicKeyToPkcs8Padding(str);
    }
}
