package io.rocketbase.commons.controller;

import io.rocketbase.commons.dto.ErrorResponse;
import io.rocketbase.commons.dto.authentication.LoginResponse;
import io.rocketbase.commons.dto.authentication.OAuthLoginResponse;
import io.rocketbase.commons.exception.BadRequestException;
import io.rocketbase.commons.security.JwtTokenService;
import io.rocketbase.commons.service.auth.LoginService;
import io.rocketbase.commons.util.JwtTokenDecoder;
import java.time.Instant;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.ResponseEntity;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

@RequestMapping({"${auth.prefix:}"})
@RestController
/* loaded from: input_file:io/rocketbase/commons/controller/OAuthLoginRefreshController.class */
public class OAuthLoginRefreshController {
    private static final Logger log = LoggerFactory.getLogger(OAuthLoginRefreshController.class);

    @Resource
    private JwtTokenService jwtTokenService;

    @Resource
    private LoginService loginService;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/rocketbase/commons/controller/OAuthLoginRefreshController$GrantType.class */
    public enum GrantType {
        PASSWORD,
        REFRESH_TOKEN
    }

    /* loaded from: input_file:io/rocketbase/commons/controller/OAuthLoginRefreshController$OAuthRequest.class */
    private static class OAuthRequest {
        private String username;
        private String password;
        private String refreshToken;
        private GrantType grantType;
        private String scope;

        public OAuthRequest(MultiValueMap<String, String> multiValueMap) {
            try {
                setGrantType(GrantType.valueOf(((String) multiValueMap.getFirst("grant_type")).toUpperCase()));
                setScope((String) multiValueMap.getFirst("scope"));
                if (!this.grantType.equals(GrantType.PASSWORD)) {
                    if (this.grantType.equals(GrantType.REFRESH_TOKEN)) {
                        setRefreshToken(multiValueMap.containsKey("refresh_token") ? (String) multiValueMap.getFirst("refresh_token") : (String) multiValueMap.getFirst("code"));
                        if (this.refreshToken == null) {
                            throw new BadRequestException(new ErrorResponse("refresh token issue").addField("refresh_token", "notNull"));
                        }
                        return;
                    }
                    return;
                }
                setUsername((String) multiValueMap.getFirst("username"));
                setPassword((String) multiValueMap.getFirst("password"));
                if (this.username == null || this.password == null) {
                    ErrorResponse errorResponse = new ErrorResponse("authentication is missing");
                    if (this.username == null) {
                        errorResponse.addField("username", "notNull");
                    }
                    if (this.password == null) {
                        errorResponse.addField("password", "notNull");
                    }
                    throw new BadRequestException(errorResponse);
                }
            } catch (IllegalArgumentException | NullPointerException e) {
                throw new BadRequestException(new ErrorResponse("grant type issue").addField("grant_type", this.grantType == null ? "notNull" : "password|refresh_token allowed"));
            }
        }

        public String getUsername() {
            return this.username;
        }

        public String getPassword() {
            return this.password;
        }

        public String getRefreshToken() {
            return this.refreshToken;
        }

        public GrantType getGrantType() {
            return this.grantType;
        }

        public String getScope() {
            return this.scope;
        }

        public void setUsername(String str) {
            this.username = str;
        }

        public void setPassword(String str) {
            this.password = str;
        }

        public void setRefreshToken(String str) {
            this.refreshToken = str;
        }

        public void setGrantType(GrantType grantType) {
            this.grantType = grantType;
        }

        public void setScope(String str) {
            this.scope = str;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof OAuthRequest)) {
                return false;
            }
            OAuthRequest oAuthRequest = (OAuthRequest) obj;
            if (!oAuthRequest.canEqual(this)) {
                return false;
            }
            String username = getUsername();
            String username2 = oAuthRequest.getUsername();
            if (username == null) {
                if (username2 != null) {
                    return false;
                }
            } else if (!username.equals(username2)) {
                return false;
            }
            String password = getPassword();
            String password2 = oAuthRequest.getPassword();
            if (password == null) {
                if (password2 != null) {
                    return false;
                }
            } else if (!password.equals(password2)) {
                return false;
            }
            String refreshToken = getRefreshToken();
            String refreshToken2 = oAuthRequest.getRefreshToken();
            if (refreshToken == null) {
                if (refreshToken2 != null) {
                    return false;
                }
            } else if (!refreshToken.equals(refreshToken2)) {
                return false;
            }
            GrantType grantType = getGrantType();
            GrantType grantType2 = oAuthRequest.getGrantType();
            if (grantType == null) {
                if (grantType2 != null) {
                    return false;
                }
            } else if (!grantType.equals(grantType2)) {
                return false;
            }
            String scope = getScope();
            String scope2 = oAuthRequest.getScope();
            return scope == null ? scope2 == null : scope.equals(scope2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof OAuthRequest;
        }

        public int hashCode() {
            String username = getUsername();
            int hashCode = (1 * 59) + (username == null ? 43 : username.hashCode());
            String password = getPassword();
            int hashCode2 = (hashCode * 59) + (password == null ? 43 : password.hashCode());
            String refreshToken = getRefreshToken();
            int hashCode3 = (hashCode2 * 59) + (refreshToken == null ? 43 : refreshToken.hashCode());
            GrantType grantType = getGrantType();
            int hashCode4 = (hashCode3 * 59) + (grantType == null ? 43 : grantType.hashCode());
            String scope = getScope();
            return (hashCode4 * 59) + (scope == null ? 43 : scope.hashCode());
        }

        public String toString() {
            return "OAuthLoginRefreshController.OAuthRequest(username=" + getUsername() + ", password=" + getPassword() + ", refreshToken=" + getRefreshToken() + ", grantType=" + getGrantType() + ", scope=" + getScope() + ")";
        }
    }

    @RequestMapping(method = {RequestMethod.POST}, path = {"/auth/oauth2/token"})
    @CrossOrigin(allowedHeaders = {"*"}, origins = {"*"})
    @ResponseBody
    public ResponseEntity<OAuthLoginResponse> loginOAuth(@RequestParam MultiValueMap<String, String> multiValueMap) {
        OAuthRequest oAuthRequest = new OAuthRequest(multiValueMap);
        OAuthLoginResponse.OAuthLoginResponseBuilder scope = OAuthLoginResponse.builder().tokenType("Bearer").scope(oAuthRequest.getScope());
        if (oAuthRequest.getGrantType().equals(GrantType.PASSWORD)) {
            LoginResponse performLogin = this.loginService.performLogin(oAuthRequest.getUsername(), oAuthRequest.getPassword());
            scope.accessToken(performLogin.getJwtTokenBundle().getToken()).refreshToken(performLogin.getJwtTokenBundle().getRefreshToken()).expiresIn(Long.valueOf(getExpiresIn(performLogin.getJwtTokenBundle().getToken()))).refreshExpiresIn(Long.valueOf(getExpiresIn(performLogin.getJwtTokenBundle().getRefreshToken())));
        } else if (oAuthRequest.getGrantType().equals(GrantType.REFRESH_TOKEN)) {
            String generateAccessToken = this.jwtTokenService.generateAccessToken(this.jwtTokenService.parseToken(oAuthRequest.getRefreshToken()));
            scope.accessToken(generateAccessToken).refreshToken(oAuthRequest.getRefreshToken()).expiresIn(Long.valueOf(getExpiresIn(generateAccessToken))).refreshExpiresIn(Long.valueOf(getExpiresIn(oAuthRequest.getRefreshToken())));
        }
        return ResponseEntity.ok(scope.build());
    }

    protected long getExpiresIn(String str) {
        return JwtTokenDecoder.decodeTokenBody(str).getExpiration().getEpochSecond() - Instant.now().getEpochSecond();
    }
}
