package cn.virens.web.components.shiro.oauth2;

import cn.virens.Assert;
import cn.virens.oauth2.Oauth2Client;
import cn.virens.oauth2.exception.Oauth2Exception;
import cn.virens.oauth2.standard.Oauth2AccessTokenRequest;
import cn.virens.web.components.shiro.ShiroAuthInterface;
import cn.virens.web.components.shiro.ShiroConstant;
import cn.virens.web.components.shiro.ShiroRealmInterface;
import cn.virens.web.components.shiro.oauth2.ex.Oauth2AuthenticationException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;

/* loaded from: input_file:cn/virens/web/components/shiro/oauth2/Oauth2AuthorizingRealm.class */
public class Oauth2AuthorizingRealm extends AuthorizingRealm implements ShiroRealmInterface {
    private Logger logger;
    private Oauth2Client oauth2Client;
    private PrincipalGetter principalGetter;

    @Autowired
    @Qualifier(ShiroConstant.SHIRO_AUTH_NAME)
    private ShiroAuthInterface shiroAuthInterface;

    public Oauth2AuthorizingRealm() {
        this(null);
    }

    public Oauth2AuthorizingRealm(CacheManager cacheManager) {
        super(cacheManager, (authenticationToken, authenticationInfo) -> {
            return true;
        });
        this.logger = LoggerFactory.getLogger(Oauth2AuthorizingRealm.class);
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof Oauth2AuthenticationToken;
    }

    public Oauth2Client getOauth2Client() {
        return this.oauth2Client;
    }

    public void setOauth2Client(Oauth2Client oauth2Client) {
        this.oauth2Client = oauth2Client;
    }

    public PrincipalGetter getPrincipalGetter() {
        return this.principalGetter;
    }

    public void setPrincipalGetter(PrincipalGetter principalGetter) {
        this.principalGetter = principalGetter;
    }

    @Override // cn.virens.web.components.shiro.ShiroRealmInterface
    public void clearAuthorizationInfo(String str) {
        clearCachedAuthorizationInfo(new SimplePrincipalCollection(str, getName()));
    }

    @Override // cn.virens.web.components.shiro.ShiroRealmInterface
    public void clearAuthenticationInfo(String str) {
        clearCachedAuthenticationInfo(new SimplePrincipalCollection(str, getName()));
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        this.logger.debug("执行授权信息...");
        String str = (String) getAvailablePrincipal(principalCollection);
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.addRoles(this.shiroAuthInterface.getRoles(str));
        simpleAuthorizationInfo.addStringPermissions(this.shiroAuthInterface.getResources(str));
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        this.logger.debug("执行认证信息...");
        Assert.isNull(this.principalGetter, "Oauth2PrincipalGetter is null");
        Assert.isNull(this.oauth2Client, "Oauth2RequestClient is null");
        Oauth2AuthenticationToken oauth2AuthenticationToken = (Oauth2AuthenticationToken) authenticationToken;
        Oauth2PrincipalCollection oauth2PrincipalCollection = new Oauth2PrincipalCollection();
        try {
            Oauth2AccessTokenRequest accessTokenRequest = this.oauth2Client.accessTokenRequest();
            accessTokenRequest.setRedirectUri(oauth2AuthenticationToken.getRedirectUri());
            accessTokenRequest.setCode(oauth2AuthenticationToken.getCode());
            accessTokenRequest.doRequest(oauth2AccessTokenResponse -> {
                Object principal = this.principalGetter.getPrincipal(oauth2AccessTokenResponse);
                oauth2PrincipalCollection.setRefreshToken(oauth2AccessTokenResponse.getRefreshToken());
                oauth2PrincipalCollection.setAccessToken(oauth2AccessTokenResponse.getAccessToken());
                oauth2PrincipalCollection.setExpiresIn(oauth2AccessTokenResponse.getExpiresIn());
                oauth2PrincipalCollection.setAuthState(oauth2AuthenticationToken.getState());
                oauth2PrincipalCollection.setAuthCode(oauth2AuthenticationToken.getCode());
                oauth2PrincipalCollection.add(principal, getName());
            });
            return new Oauth2AuthenticationInfo(oauth2PrincipalCollection);
        } catch (Oauth2Exception e) {
            throw new Oauth2AuthenticationException(e);
        }
    }

    protected void assertCredentialsMatch(AuthenticationToken authenticationToken, AuthenticationInfo authenticationInfo) throws AuthenticationException {
    }

    protected Object getAuthenticationCacheKey(AuthenticationToken authenticationToken) {
        return token("shrio:authentication:", authenticationToken);
    }

    protected Object getAuthenticationCacheKey(PrincipalCollection principalCollection) {
        return principalCollection instanceof Oauth2PrincipalCollection ? object("shrio:authentication:", ((Oauth2PrincipalCollection) principalCollection).getAuthCode()) : object("shrio:authentication:", super.getAvailablePrincipal(principalCollection));
    }

    protected Object getAuthorizationCacheKey(PrincipalCollection principalCollection) {
        return object("shrio:authorization:", principalCollection);
    }

    private String token(String str, AuthenticationToken authenticationToken) {
        if (authenticationToken == null) {
            return null;
        }
        return str + authenticationToken.getPrincipal();
    }

    private String object(String str, Object obj) {
        if (obj == null) {
            return null;
        }
        return str + obj.toString();
    }
}
