package org.onetwo.ext.apiclient.wechat.oauth2;

import java.io.IOException;
import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.onetwo.common.log.JFishLoggerFactory;
import org.onetwo.common.spring.mvc.utils.DataResults;
import org.onetwo.common.utils.LangUtils;
import org.onetwo.common.web.utils.RequestUtils;
import org.onetwo.common.web.utils.ResponseUtils;
import org.onetwo.ext.apiclient.wechat.basic.response.AuthorizeData;
import org.onetwo.ext.apiclient.wechat.core.WechatConfig;
import org.onetwo.ext.apiclient.wechat.oauth2.request.OAuth2Request;
import org.onetwo.ext.apiclient.wechat.serve.dto.WechatOAuth2Context;
import org.onetwo.ext.apiclient.wechat.serve.spi.WechatOAuth2UserRepository;
import org.onetwo.ext.apiclient.wechat.serve.spi.WechatOAuth2UserRepository.OAuth2User;
import org.onetwo.ext.apiclient.wechat.utils.WechatClientErrors;
import org.onetwo.ext.apiclient.wechat.utils.WechatException;
import org.slf4j.Logger;
import org.springframework.web.method.HandlerMethod;

/* loaded from: input_file:org/onetwo/ext/apiclient/wechat/oauth2/BaseOAuth2Hanlder.class */
public abstract class BaseOAuth2Hanlder<U extends WechatOAuth2UserRepository.OAuth2User> {
    protected final Logger logger = JFishLoggerFactory.getLogger(getClass());
    private WechatOAuth2UserRepository<U> wechatOAuth2UserRepository;

    protected abstract WechatConfig getWechatConfig(WechatOAuth2Context wechatOAuth2Context);

    protected boolean refreshToken(WechatOAuth2Context wechatOAuth2Context, U u) {
        return false;
    }

    protected final boolean isOauth2ErrorInBrowser(WechatOAuth2Context wechatOAuth2Context) {
        return wechatOAuth2Context.getWechatConfig().isOauth2ErrorInBrowser();
    }

    protected void checkWechatBrowser(WechatOAuth2Context wechatOAuth2Context) {
        if (!RequestUtils.getBrowerMetaByAgent(wechatOAuth2Context.getRequest()).isWechat() && isOauth2ErrorInBrowser(wechatOAuth2Context)) {
            throw new WechatException(WechatClientErrors.OAUTH2_ERROR_IN_BROWSER);
        }
    }

    public U handleInController(OAuth2Request oAuth2Request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return handleInController(new WechatOAuth2Context.DataWechatOAuth2Context(oAuth2Request, httpServletRequest), httpServletResponse);
    }

    protected U handleInController(WechatOAuth2Context.DataWechatOAuth2Context dataWechatOAuth2Context, HttpServletResponse httpServletResponse) {
        dataWechatOAuth2Context.setWechatConfig(getWechatConfig(dataWechatOAuth2Context));
        checkWechatBrowser(dataWechatOAuth2Context);
        U u = null;
        if (StringUtils.isNotBlank(dataWechatOAuth2Context.getCode())) {
            u = loginByCode(dataWechatOAuth2Context);
        } else {
            if (StringUtils.isNotBlank(dataWechatOAuth2Context.getState())) {
                throw new WechatException(WechatClientErrors.OAUTH2_REJECTED);
            }
            redirect(dataWechatOAuth2Context, httpServletResponse);
        }
        return u;
    }

    public U loginByCode(WechatOAuth2Context.DataWechatOAuth2Context dataWechatOAuth2Context) {
        if (dataWechatOAuth2Context.getWechatConfig() == null) {
            dataWechatOAuth2Context.setWechatConfig(getWechatConfig(dataWechatOAuth2Context));
        }
        if (this.wechatOAuth2UserRepository.checkOauth2State(dataWechatOAuth2Context)) {
            return fetchOAuth2UserInfoFromServerWithCode(dataWechatOAuth2Context);
        }
        throw new WechatException(WechatClientErrors.OAUTH2_STATE_ERROR);
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HandlerMethod handlerMethod) {
        WechatOAuth2Context.RequestWechatOAuth2Context requestWechatOAuth2Context = new WechatOAuth2Context.RequestWechatOAuth2Context(httpServletRequest);
        requestWechatOAuth2Context.setWechatConfig(getWechatConfig(requestWechatOAuth2Context));
        checkWechatBrowser(requestWechatOAuth2Context);
        Optional<U> currentUser = this.wechatOAuth2UserRepository.getCurrentUser(requestWechatOAuth2Context);
        if (currentUser.isPresent()) {
            U u = currentUser.get();
            if (!u.isAccessTokenExpired() || refreshToken(requestWechatOAuth2Context, u)) {
                return true;
            }
        }
        if (!StringUtils.isNotBlank(requestWechatOAuth2Context.getCode())) {
            return handleWithoutCodeRequest(requestWechatOAuth2Context, httpServletResponse, handlerMethod);
        }
        if (!this.wechatOAuth2UserRepository.checkOauth2State(requestWechatOAuth2Context)) {
            throw new WechatException(WechatClientErrors.OAUTH2_STATE_ERROR);
        }
        this.wechatOAuth2UserRepository.saveCurrentUser(requestWechatOAuth2Context, fetchOAuth2UserInfoFromServerWithCode(requestWechatOAuth2Context), false);
        return true;
    }

    public abstract U fetchOAuth2UserInfoFromServerWithCode(WechatOAuth2Context wechatOAuth2Context);

    protected boolean handleWithoutCodeRequest(WechatOAuth2Context wechatOAuth2Context, HttpServletResponse httpServletResponse, HandlerMethod handlerMethod) {
        WechatClientErrors wechatClientErrors = null;
        if (StringUtils.isNotBlank(wechatOAuth2Context.getState())) {
            wechatClientErrors = WechatClientErrors.OAUTH2_REJECTED;
        }
        if (RequestUtils.isAjaxRequest(wechatOAuth2Context.getRequest()) || RequestUtils.isAjaxHandlerMethod(handlerMethod)) {
            ResponseUtils.renderObjectAsJson(httpServletResponse, DataResults.error(wechatClientErrors == null ? WechatClientErrors.OAUTH2_NOT_AUTHORIZE : wechatClientErrors).build());
            return false;
        }
        if (wechatClientErrors != null) {
            throw new WechatException(wechatClientErrors);
        }
        redirect(wechatOAuth2Context, httpServletResponse);
        return false;
    }

    public void redirect(WechatOAuth2Context wechatOAuth2Context, HttpServletResponse httpServletResponse) {
        try {
            String authorizeUrl = getAuthorizeUrl(wechatOAuth2Context);
            if (wechatOAuth2Context.getWechatConfig() != null && wechatOAuth2Context.getWechatConfig().isDebug()) {
                this.logger.info("[wechat oauth2] redirect to authorizeUrl : {}", authorizeUrl);
            }
            httpServletResponse.sendRedirect(authorizeUrl);
        } catch (IOException e) {
            throw new WechatException("redirect error: " + e.getMessage(), e);
        }
    }

    protected String getAuthorizeUrl(WechatOAuth2Context wechatOAuth2Context) {
        WechatConfig wechatConfig = wechatOAuth2Context.getWechatConfig();
        String authorizeUrl = createAuthorize(wechatConfig.getAppid(), wechatConfig.getOauth2Scope(), StringUtils.trim(buildRedirectUrl(wechatOAuth2Context)), this.wechatOAuth2UserRepository.generateAndStoreOauth2State(wechatOAuth2Context)).toAuthorizeUrl();
        if (wechatOAuth2Context.getWechatConfig() != null && wechatOAuth2Context.getWechatConfig().isDebug()) {
            this.logger.info("[wechat oauth2] authorizeUrl url: {}", authorizeUrl);
        }
        return authorizeUrl;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String buildRedirectUrl(WechatOAuth2Context wechatOAuth2Context) {
        boolean z = wechatOAuth2Context.getWechatConfig() != null && wechatOAuth2Context.getWechatConfig().isDebug();
        String redirectUrl = wechatOAuth2Context.getRedirectUrl();
        if (StringUtils.isBlank(redirectUrl)) {
            redirectUrl = wechatOAuth2Context.getWechatConfig().getOauth2RedirectUri();
        }
        if (z) {
            this.logger.info("[wechat oauth2] wechat config redirect url: {}", redirectUrl);
        }
        if (StringUtils.isBlank(redirectUrl)) {
            HttpServletRequest request = wechatOAuth2Context.getRequest();
            redirectUrl = RequestUtils.buildFullRequestUrl(request.getScheme(), request.getServerName(), 80, request.getRequestURI(), request.getQueryString());
            if (z) {
                this.logger.info("[wechat oauth2] use default redirect url: {}", redirectUrl);
            }
        }
        return LangUtils.encodeUrl(redirectUrl);
    }

    public static AuthorizeData createAuthorize(String str, String str2, String str3, String str4) {
        return AuthorizeData.builder().appid(str).scope(str2).responseType("code").state(str4).redirectUri(str3).build();
    }

    public WechatOAuth2UserRepository<U> getWechatOAuth2UserRepository() {
        return this.wechatOAuth2UserRepository;
    }

    public void setWechatOAuth2UserRepository(WechatOAuth2UserRepository<U> wechatOAuth2UserRepository) {
        this.wechatOAuth2UserRepository = wechatOAuth2UserRepository;
    }
}
