package cn.webank.ob.sdk.service.token;

import cn.webank.ob.sdk.common.constant.message.ReqConstant;
import cn.webank.ob.sdk.common.exception.custom_exception.OBException;
import cn.webank.ob.sdk.common.exception.enums.OBBizErrorEnum;
import cn.webank.ob.sdk.model.AppInfo;
import cn.webank.ob.sdk.model.SecretKeyInfo;
import cn.webank.ob.sdk.model.TokenInfo;
import cn.webank.ob.sdk.service.BaseOpenApiService;
import cn.webank.ob.sdk.service.SignOpenApiService;
import com.alibaba.fastjson2.JSON;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.Map;
import java.util.Objects;
import org.apache.commons.lang.time.DateUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.RestTemplate;

/* loaded from: input_file:cn/webank/ob/sdk/service/token/AbstractOperateTokenService.class */
public abstract class AbstractOperateTokenService extends BaseOpenApiService {
    private static final Logger LOGGER;
    private static final String ACCESS_TOKEN_SUFFIX_PATH = "/access_token?appId=%s&grantType=%s";
    private static final String ACCESS_TOKEN = "accessToken";
    public static final int REFRESH_SECONDS = 420;
    private SignOpenApiService signOpenApiService;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractOperateTokenService(String str) {
        super(str);
    }

    public SignOpenApiService getSignOpenApiService() {
        return this.signOpenApiService;
    }

    public void setSignOpenApiService(SignOpenApiService signOpenApiService) {
        this.signOpenApiService = signOpenApiService;
    }

    protected abstract TokenInfo getLocalToken(String str);

    protected abstract void putLocalToken(String str, TokenInfo tokenInfo);

    public String getToken(AppInfo appInfo, String str, SecretKeyInfo secretKeyInfo, RestTemplate restTemplate) {
        TokenInfo localToken = getLocalToken(appInfo.getAppId());
        Date date = new Date();
        if (Objects.nonNull(localToken) && localToken.getExpirationTime().after(DateUtils.addSeconds(date, REFRESH_SECONDS))) {
            return localToken.getAccessToken();
        }
        TokenInfo requestAccessToken = requestAccessToken(appInfo, str, secretKeyInfo, restTemplate);
        if (requestAccessToken.getExpirationTime().before(date)) {
            throw new OBException(OBBizErrorEnum.GET_ACCESS_TOKEN_ERROR.getCode(), String.format(OBBizErrorEnum.GET_ACCESS_TOKEN_ERROR.getDescription(), "获取的Token已过期"));
        }
        if (requestAccessToken.getExpirationTime().after(date) && requestAccessToken.getExpirationTime().before(DateUtils.addSeconds(date, REFRESH_SECONDS))) {
            LOGGER.warn("警告：新Token【{}】的过期时间少于10min", requestAccessToken.getAccessToken());
        }
        putLocalToken(appInfo.getAppId(), requestAccessToken);
        return requestAccessToken.getAccessToken();
    }

    public TokenInfo requestAccessToken(AppInfo appInfo, String str, SecretKeyInfo secretKeyInfo, RestTemplate restTemplate) {
        try {
            String appId = appInfo.getAppId();
            String appSecret = appInfo.getAppSecret();
            String grantType = appInfo.getGrantType();
            String[] split = str.split("/");
            String str2 = ("/" + split[1] + "/" + split[2]) + String.format(ACCESS_TOKEN_SUFFIX_PATH, URLEncoder.encode(appId, StandardCharsets.UTF_8.name()), URLEncoder.encode(grantType, StandardCharsets.UTF_8.name()));
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.setContentType(MediaType.parseMediaType("application/json; charset=utf-8"));
            httpHeaders.set(ReqConstant.AUTHORIZATION, this.signOpenApiService.createAccessTokenAuthStr(str2, appSecret, secretKeyInfo));
            ResponseEntity responseEntity = get(restTemplate, str2, httpHeaders, "");
            String str3 = (String) responseEntity.getBody();
            this.signOpenApiService.verifySignature(responseEntity.getHeaders(), str3, secretKeyInfo.getWeBankPubKeyBase64());
            Map map = (Map) JSON.parseObject(str3, Map.class);
            if (!$assertionsDisabled && null == map) {
                throw new AssertionError();
            }
            String obj = map.get("bizBody").toString();
            if (appInfo.isEncrypt()) {
                obj = getDecryptString(secretKeyInfo.getSymmetricKeyHex(), obj);
            }
            LOGGER.info("AccessToken相关信息为：{}", obj);
            Date date = new Date();
            TokenInfo tokenInfo = (TokenInfo) JSON.parseObject(obj, TokenInfo.class);
            tokenInfo.setExpirationTime(DateUtils.addSeconds(date, Math.toIntExact(tokenInfo.getExpiresIn().longValue())));
            return tokenInfo;
        } catch (OBException e) {
            throw e;
        } catch (Exception e2) {
            throw new OBException(OBBizErrorEnum.GET_ACCESS_TOKEN_ERROR.getCode(), String.format(OBBizErrorEnum.GET_ACCESS_TOKEN_ERROR.getDescription(), e2.getMessage()), (Throwable) e2);
        }
    }

    static {
        $assertionsDisabled = !AbstractOperateTokenService.class.desiredAssertionStatus();
        LOGGER = LoggerFactory.getLogger(AbstractOperateTokenService.class);
    }
}
