package org.zodiac.authorization.oauth2.server.impl;

import java.time.Duration;
import org.springframework.data.redis.connection.ReactiveRedisConnectionFactory;
import org.springframework.data.redis.core.ReactiveRedisOperations;
import org.springframework.data.redis.core.ReactiveRedisTemplate;
import org.springframework.data.redis.serializer.RedisSerializationContext;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.zodiac.authorization.api.Authentication;
import org.zodiac.authorization.oauth2.ErrorType;
import org.zodiac.authorization.oauth2.OAuth2Exception;
import org.zodiac.authorization.oauth2.server.AccessToken;
import org.zodiac.authorization.oauth2.server.AccessTokenManager;
import org.zodiac.sdk.toolkit.crypto.Md5;
import org.zodiac.sdk.toolkit.util.SystemClock;
import org.zodiac.sdk.toolkit.util.lang.StrUtil;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/zodiac/authorization/oauth2/server/impl/RedisAccessTokenManager.class */
public class RedisAccessTokenManager implements AccessTokenManager {
    private final ReactiveRedisOperations<String, RedisAccessToken> tokenRedis;
    private int tokenExpireIn;
    private int refreshExpireIn;

    public RedisAccessTokenManager(ReactiveRedisOperations<String, RedisAccessToken> reactiveRedisOperations) {
        this.tokenExpireIn = 7200;
        this.refreshExpireIn = 2592000;
        this.tokenRedis = reactiveRedisOperations;
    }

    public RedisAccessTokenManager(ReactiveRedisConnectionFactory reactiveRedisConnectionFactory) {
        this((ReactiveRedisOperations<String, RedisAccessToken>) new ReactiveRedisTemplate(reactiveRedisConnectionFactory, RedisSerializationContext.newSerializationContext().key(RedisSerializer.string()).value(RedisSerializer.java()).hashKey(RedisSerializer.string()).hashValue(RedisSerializer.java()).build()));
    }

    public int getTokenExpireIn() {
        return this.tokenExpireIn;
    }

    public RedisAccessTokenManager setTokenExpireIn(int i) {
        this.tokenExpireIn = i;
        return this;
    }

    public int getRefreshExpireIn() {
        return this.refreshExpireIn;
    }

    public RedisAccessTokenManager setRefreshExpireIn(int i) {
        this.refreshExpireIn = i;
        return this;
    }

    @Override // org.zodiac.authorization.oauth2.server.AccessTokenManager
    public Mono<Authentication> getAuthenticationByToken(String str) {
        return this.tokenRedis.opsForValue().get(createTokenRedisKey(str)).map((v0) -> {
            return v0.getAuthentication();
        });
    }

    @Override // org.zodiac.authorization.oauth2.server.AccessTokenManager
    public Mono<AccessToken> createAccessToken(String str, Authentication authentication, boolean z) {
        return z ? doCreateSingletonAccessToken(str, authentication) : doCreateAccessToken(str, authentication, false).map(redisAccessToken -> {
            return redisAccessToken.toAccessToken(this.tokenExpireIn);
        });
    }

    @Override // org.zodiac.authorization.oauth2.server.AccessTokenManager
    public Mono<AccessToken> refreshAccessToken(String str, String str2) {
        return this.tokenRedis.opsForValue().get(createRefreshTokenRedisKey(str2)).switchIfEmpty(Mono.error(() -> {
            return new OAuth2Exception(ErrorType.EXPIRED_REFRESH_TOKEN);
        })).flatMap(redisAccessToken -> {
            if (!redisAccessToken.getClientId().equals(str)) {
                return Mono.error(new OAuth2Exception(ErrorType.ILLEGAL_CLIENT_ID));
            }
            redisAccessToken.setAccessToken(Md5.md5Hex(StrUtil.fastRandomUUID()));
            redisAccessToken.setCreateTime(SystemClock.nowTimeMillis());
            return ((Mono) storeToken(redisAccessToken).as(mono -> {
                return redisAccessToken.isSingleton() ? this.tokenRedis.opsForValue().set(createSingletonTokenRedisKey(str), redisAccessToken, Duration.ofSeconds(this.tokenExpireIn)).then(mono) : mono;
            })).thenReturn(redisAccessToken.toAccessToken(this.tokenExpireIn));
        });
    }

    private String createTokenRedisKey(String str) {
        return "oauth2-token:" + str;
    }

    private String createRefreshTokenRedisKey(String str) {
        return "oauth2-refresh-token:" + str;
    }

    private String createSingletonTokenRedisKey(String str) {
        return "oauth2-" + str + "-token";
    }

    private Mono<RedisAccessToken> doCreateAccessToken(String str, Authentication authentication, boolean z) {
        RedisAccessToken redisAccessToken = new RedisAccessToken(str, Md5.md5Hex(StrUtil.fastRandomUUID()), Md5.md5Hex(StrUtil.fastRandomUUID()), SystemClock.nowTimeMillis(), authentication, z);
        return storeToken(redisAccessToken).thenReturn(redisAccessToken);
    }

    private Mono<Void> storeToken(RedisAccessToken redisAccessToken) {
        return Mono.zip(this.tokenRedis.opsForValue().set(createTokenRedisKey(redisAccessToken.getAccessToken()), redisAccessToken, Duration.ofSeconds(this.tokenExpireIn)), this.tokenRedis.opsForValue().set(createRefreshTokenRedisKey(redisAccessToken.getRefreshToken()), redisAccessToken, Duration.ofSeconds(this.refreshExpireIn))).then();
    }

    private Mono<AccessToken> doCreateSingletonAccessToken(String str, Authentication authentication) {
        String createSingletonTokenRedisKey = createSingletonTokenRedisKey(str);
        return this.tokenRedis.opsForValue().get(createSingletonTokenRedisKey).flatMap(redisAccessToken -> {
            return this.tokenRedis.getExpire(createSingletonTokenRedisKey).map(duration -> {
                return redisAccessToken.toAccessToken((int) (duration.toMillis() / 1000));
            });
        }).switchIfEmpty(Mono.defer(() -> {
            return doCreateAccessToken(str, authentication, true).flatMap(redisAccessToken2 -> {
                return this.tokenRedis.opsForValue().set(createSingletonTokenRedisKey, redisAccessToken2, Duration.ofSeconds(this.tokenExpireIn)).thenReturn(redisAccessToken2.toAccessToken(this.tokenExpireIn));
            });
        }));
    }
}
