package kd.bos.openapi.base.security.oauth.token.impl;

import java.util.Date;
import java.util.Map;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.encrypt.EncrypterFactory;
import kd.bos.kscript.exception.Uuid;
import kd.bos.lang.Lang;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.login.user.LoginUserService;
import kd.bos.openapi.base.limit.LimitFlowRuleConfigUtil;
import kd.bos.openapi.base.security.api.impl.ApiSecurityFactory;
import kd.bos.openapi.base.util.DistributeCacheUtil;
import kd.bos.openapi.base.util.ThirdAppSecurityUtil;
import kd.bos.openapi.common.constant.ApiErrorCode;
import kd.bos.openapi.common.constant.ResSystemType;
import kd.bos.openapi.common.exception.OpenApiException;
import kd.bos.openapi.common.util.CollectionUtil;
import kd.bos.openapi.common.util.DateUtil;
import kd.bos.openapi.common.util.JacksonUtil;
import kd.bos.openapi.common.util.StringUtil;
import kd.bos.openapi.kcf.context.OpenApiAuthContext;
import kd.bos.openapi.security.model.ApiAuthResultDto;
import kd.bos.openapi.security.model.Open3rdappsDto;
import kd.bos.openapi.security.oauth.token.AccessTokenInfoDto;
import kd.bos.openapi.security.oauth.token.AccessTokenRequestDto;
import kd.bos.openapi.security.oauth.token.ApiAuthVerifyResultDto;
import kd.bos.service.authorize.model.AccessTokenInfo;
import kd.bos.service.authorize.model.ApiCommonResult;
import kd.bos.service.authorize.model.JwtInfo;
import kd.bos.service.authorize.model.OAuth2Authentication;
import kd.bos.service.authorize.model.RefreshTokenInfo;

/* loaded from: input_file:kd/bos/openapi/base/security/oauth/token/impl/ApiTokenServiceImpl.class */
public class ApiTokenServiceImpl extends AbstractApiTokenService {
    private static final Log log = LogFactory.getLog(ApiTokenServiceImpl.class);

    public ApiCommonResult<ApiAuthResultDto> getToken() {
        Map map = (Map) OpenApiAuthContext.getContext().getContextMap().get("Request.Arg0");
        String str = (String) map.get("client_id");
        String str2 = (String) map.get("client_secret");
        String str3 = (String) map.get("username");
        checkDateTimeAndSignture((String) map.get("nonce"), (String) map.get("timestamp"), OpenApiAuthContext.getContext().getTenantId());
        String accountId = OpenApiAuthContext.getContext().getCurrentCenter().getAccountId();
        checkLock(str, str2, accountId);
        String str4 = (String) OpenApiAuthContext.getContext().getHeaders().get("Accept-Language");
        if (StringUtil.isEmpty(str4)) {
            str4 = (String) map.get("language");
        }
        Lang from = StringUtil.isNotEmpty(str4) ? Lang.from(str4) : Lang.from("zh_CN");
        if (StringUtil.isEmpty(str3)) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("请求参数错误：username为空。", "ApiTokenServiceImpl_15", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        Map erpUserInfoByUserName = LoginUserService.getErpUserInfoByUserName(OpenApiAuthContext.getContext().getCurrentCenter(), str3, from.toString());
        if (erpUserInfoByUserName == null || erpUserInfoByUserName.get("fid") == null) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("请求参数错误：username：用户无效或不可用，请修改后再试。", "ApiTokenServiceImpl_16", ResSystemType.BASE.getType(), new Object[0]), str3), new Object[0]);
        }
        Long valueOf = Long.valueOf(Long.parseLong((String) erpUserInfoByUserName.get("fid")));
        Open3rdappsDto thirdByAccountAndAppId = ThirdAppSecurityUtil.getThirdByAccountAndAppId(accountId, str);
        if (thirdByAccountAndAppId.getEnableStartDate() != null && thirdByAccountAndAppId.getEnableEndDate() != null && !DateUtil.isValidInDateTime(thirdByAccountAndAppId.getEnableStartDate(), thirdByAccountAndAppId.getEnableEndDate(), new Date())) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("第三方应用（client_id）已过期。", "ApiTokenServiceImpl_21", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        if (CollectionUtil.isEmpty(thirdByAccountAndAppId.getAgentUserIdList()) || !thirdByAccountAndAppId.getAgentUserIdList().contains(valueOf)) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("第三方应用（client_id）的代理用户为空或userName不在代理用户中。", "ApiTokenServiceImpl_17", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        AccessTokenRequestDto accessTokenRequestDto = new AccessTokenRequestDto();
        accessTokenRequestDto.setAccountId(accountId);
        accessTokenRequestDto.setThirdId(thirdByAccountAndAppId.getFid());
        accessTokenRequestDto.setThirdAppNumber(str);
        accessTokenRequestDto.setTenantId(OpenApiAuthContext.getContext().getCurrentCenter().getTenantId());
        accessTokenRequestDto.setAgentUserId(valueOf);
        accessTokenRequestDto.setLang(from.toString());
        String ip = OpenApiAuthContext.getContext().getIp();
        if (StringUtil.isNotEmpty(ip)) {
            accessTokenRequestDto.setIp(ip.split(LimitFlowRuleConfigUtil.SPLIT)[0]);
        }
        ApiCommonResult<AccessTokenInfo> generateAccessToken = ApiSecurityFactory.getAccessTokenService().generateAccessToken(accessTokenRequestDto);
        if (!generateAccessToken.getStatus().booleanValue()) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("AccessToken获取失败：%1$s。", "ApiTokenServiceImpl_6", ResSystemType.BASE.getType(), new Object[0]), generateAccessToken.getMessage()), new Object[0]);
        }
        long longValue = ((AccessTokenInfo) generateAccessToken.getData()).getExpires().longValue() - new Date().getTime();
        ((AccessTokenInfo) generateAccessToken.getData()).setToken(getNewToken(((AccessTokenInfo) generateAccessToken.getData()).getToken()));
        String str5 = "";
        String str6 = "";
        if (thirdByAccountAndAppId.isJwtAuthEnable()) {
            JwtInfo jwtInfo = new JwtInfo();
            jwtInfo.setThirdAppNumber(str);
            jwtInfo.setAccountId(accountId);
            jwtInfo.setTenantId(OpenApiAuthContext.getContext().getTenantId());
            jwtInfo.setData(erpUserInfoByUserName);
            jwtInfo.setExpires(((AccessTokenInfo) generateAccessToken.getData()).getExpires());
            str5 = ApiSecurityFactory.getSignService().generateJWTToken(jwtInfo);
        }
        if (thirdByAccountAndAppId.isJwtAuthEnable() && StringUtil.isNotEmpty(str5)) {
            str6 = getNewToken(str5);
        }
        AccessTokenInfoDto saveThirdAppAndTokenRelation = saveThirdAppAndTokenRelation(accessTokenRequestDto, generateAccessToken, str6, longValue);
        ApiAuthResultDto apiAuthResultDto = new ApiAuthResultDto();
        apiAuthResultDto.setAccess_token(((AccessTokenInfo) generateAccessToken.getData()).getToken());
        apiAuthResultDto.setExpires_in(Integer.valueOf((int) longValue));
        apiAuthResultDto.setToken_type("Bearer");
        apiAuthResultDto.setRefresh_token(saveThirdAppAndTokenRelation.getRefreshToken().getRefreshToken());
        apiAuthResultDto.setLanguage(from.toString());
        apiAuthResultDto.setScope("API");
        if (thirdByAccountAndAppId.isJwtAuthEnable()) {
            apiAuthResultDto.setId_token(str6);
            apiAuthResultDto.setId_token_expires_in(Integer.valueOf((int) longValue));
        }
        ApiCommonResult<ApiAuthResultDto> successResult = ApiCommonResult.getSuccessResult("0", "");
        successResult.setData(apiAuthResultDto);
        return successResult;
    }

    public ApiCommonResult<ApiAuthResultDto> refreshToken() {
        Map map = (Map) OpenApiAuthContext.getContext().getContextMap().get("Request.Arg0");
        String str = (String) map.get("client_id");
        String accountId = OpenApiAuthContext.getContext().getCurrentCenter().getAccountId();
        checkDateTimeAndSignture((String) map.get("nonce"), (String) map.get("timestamp"), OpenApiAuthContext.getContext().getTenantId());
        if (!"refresh_token".equals((String) map.get("grant_type"))) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("请求参数错误：grant_type的值不是refresh_token。", "ApiTokenServiceImpl_2", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        String str2 = (String) map.get("refresh_token");
        if (StringUtil.isEmpty(str2)) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("请求参数错误: %1$s为空。", "ApiTokenCustomServiceImpl_3", ResSystemType.BASE.getType(), new Object[0]), "refresh_token"), new Object[0]);
        }
        Open3rdappsDto thirdByAccountAndAppId = ThirdAppSecurityUtil.getThirdByAccountAndAppId(accountId, str);
        AccessTokenRequestDto accessTokenRequestDto = new AccessTokenRequestDto();
        accessTokenRequestDto.setAccountId(accountId);
        accessTokenRequestDto.setTenantId(OpenApiAuthContext.getContext().getCurrentCenter().getTenantId());
        String ip = OpenApiAuthContext.getContext().getIp();
        if (StringUtil.isNotEmpty(ip)) {
            accessTokenRequestDto.setIp(ip.split(LimitFlowRuleConfigUtil.SPLIT)[0]);
        }
        accessTokenRequestDto.setThirdId(thirdByAccountAndAppId.getFid());
        if (CollectionUtil.isEmpty(thirdByAccountAndAppId.getAgentUserIdList()) || thirdByAccountAndAppId.getAgentUserIdList().get(0) == null) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("第三方应用（client_id）的代理用户为空。", "ApiTokenServiceImpl_1", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        accessTokenRequestDto.setAgentUserId((Long) thirdByAccountAndAppId.getAgentUserIdList().get(0));
        OAuth2Authentication oAuth2Authentication = new OAuth2Authentication();
        oAuth2Authentication.setAccountId(accountId);
        oAuth2Authentication.setAgentUserId((Long) thirdByAccountAndAppId.getAgentUserIdList().get(0));
        oAuth2Authentication.setThirdAppNumber(str);
        oAuth2Authentication.setThirdId(thirdByAccountAndAppId.getFid());
        String cacheByKey = DistributeCacheUtil.getCacheByKey("AUTH_REFRESH_TOKEN_CACHE", "REFRESH_TOKEN_KEY_" + str + "_" + str2, "CACHE_OPENAPI_AUTH");
        if (StringUtil.isEmpty(cacheByKey)) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("请求参数错误: refresh_token无效或已被使用。", "ApiTokenServiceImpl_7", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        RefreshTokenInfo refreshTokenInfo = (RefreshTokenInfo) JacksonUtil.readValue(cacheByKey, RefreshTokenInfo.class);
        if (refreshTokenInfo == null || refreshTokenInfo.getRefreshTokenExpire() <= new Date().getTime()) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("请求参数错误: refresh_token无效或已被使用。", "ApiTokenServiceImpl_7", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        String decode = EncrypterFactory.getEncrypter().decode(refreshTokenInfo.getAccessToken());
        String realToken = getRealToken(decode);
        AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
        accessTokenInfo.setToken(realToken);
        accessTokenInfo.setTokenType("access_token");
        oAuth2Authentication.setToken(accessTokenInfo);
        ApiCommonResult refreshAccessToken = ApiSecurityFactory.getAccessTokenService().refreshAccessToken(oAuth2Authentication);
        if (!refreshAccessToken.getStatus().booleanValue()) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("AccessToken刷新失败：%1$s。", "ApiTokenServiceImpl_5", ResSystemType.BASE.getType(), new Object[0]), refreshAccessToken.getMessage()), new Object[0]);
        }
        Date date = new Date();
        long longValue = ((AccessTokenInfo) refreshAccessToken.getData()).getExpires().longValue() - date.getTime();
        String str3 = "ACCESS_TOKEN_KEY_" + refreshTokenInfo.getAccessToken();
        String cacheByKey2 = DistributeCacheUtil.getCacheByKey("AUTH_ACCESS_TOKEN_CACHE", str3, "CACHE_OPENAPI_AUTH");
        if (StringUtil.isEmpty(cacheByKey2)) {
            throw new OpenApiException(ApiErrorCode.HTTP_BAD_REQUEST, ResManager.loadKDString("请求参数错误: 获取授权信息为空。", "ApiTokenServiceImpl_7", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        OAuth2Authentication oAuth2Authentication2 = (OAuth2Authentication) JacksonUtil.readValue(cacheByKey2, OAuth2Authentication.class);
        if (oAuth2Authentication2 == null) {
            throw new OpenApiException(ApiErrorCode.HTTP_BAD_REQUEST, ResManager.loadKDString("请求参数错误: 获取授权信息错误。", "ApiTokenServiceImpl_7", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
        }
        oAuth2Authentication2.getToken().setExpires(((AccessTokenInfo) refreshAccessToken.getData()).getExpires());
        String create = Uuid.create();
        RefreshTokenInfo refreshTokenInfo2 = new RefreshTokenInfo();
        refreshTokenInfo2.setRefreshToken(create);
        refreshTokenInfo2.setAccessToken(refreshTokenInfo.getAccessToken());
        refreshTokenInfo2.setRefreshTokenExpire(new Date().getTime() + 86400000);
        oAuth2Authentication2.setRefreshTokenInfo(refreshTokenInfo2);
        AccessTokenInfo token = oAuth2Authentication2.getToken();
        if (token == null) {
            token = new AccessTokenInfo();
            token.setTokenType("access_token");
            token.setToken(refreshTokenInfo.getAccessToken());
        }
        token.setExpires(((AccessTokenInfo) refreshAccessToken.getData()).getExpires());
        oAuth2Authentication2.setToken(token);
        DistributeCacheUtil.setCacheByKey("AUTH_ACCESS_TOKEN_CACHE", str3, JacksonUtil.writeValueAsString(oAuth2Authentication2), "CACHE_OPENAPI_AUTH", (int) (longValue / 1000));
        DistributeCacheUtil.setCacheByKey("AUTH_REFRESH_TOKEN_CACHE", "REFRESH_TOKEN_KEY_" + str + "_" + refreshTokenInfo2.getRefreshToken(), JacksonUtil.writeValueAsString(refreshTokenInfo2), "CACHE_OPENAPI_AUTH", 86400);
        DistributeCacheUtil.removeCacheByKey("AUTH_REFRESH_TOKEN_CACHE", "REFRESH_TOKEN_KEY_" + str + "_" + str2, "CACHE_OPENAPI_AUTH");
        ApiAuthResultDto apiAuthResultDto = new ApiAuthResultDto();
        apiAuthResultDto.setAccess_token(decode);
        apiAuthResultDto.setExpires_in(Integer.valueOf((int) longValue));
        apiAuthResultDto.setToken_type("Bearer");
        apiAuthResultDto.setScope("API");
        apiAuthResultDto.setRefresh_token(oAuth2Authentication2.getRefreshTokenInfo().getRefreshToken());
        if (thirdByAccountAndAppId.isJwtAuthEnable() && oAuth2Authentication2.getIdToken() != null) {
            apiAuthResultDto.setId_token(oAuth2Authentication2.getIdToken().getToken());
            apiAuthResultDto.setId_token_expires_in(Integer.valueOf((int) (oAuth2Authentication2.getIdToken().getExpires().longValue() - date.getTime())));
        }
        ApiCommonResult<ApiAuthResultDto> successResult = ApiCommonResult.getSuccessResult("0", "");
        successResult.setData(apiAuthResultDto);
        return successResult;
    }

    public ApiCommonResult<ApiAuthVerifyResultDto> verifyToken() {
        Map map = (Map) OpenApiAuthContext.getContext().getContextMap().get("Request.Arg0");
        String str = (String) map.get("client_id");
        String accountId = OpenApiAuthContext.getContext().getCurrentCenter().getAccountId();
        checkDateTimeAndSignture((String) map.get("nonce"), (String) map.get("timestamp"), OpenApiAuthContext.getContext().getTenantId());
        String str2 = (String) map.get("token_type_hint");
        if (StringUtil.isEmpty(str2) || !("access_token".equals(str2) || "refresh_token".equals(str2) || "id_token".equals(str2))) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("请求参数错误: %1$s只能是access_token,refresh_token,id_token其中一个。", "ApiTokenServiceImpl_19", ResSystemType.BASE.getType(), new Object[0]), "token_type_hint"), new Object[0]);
        }
        String str3 = (String) map.get("token");
        if (StringUtil.isEmpty(str3)) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("请求参数错误: %1$s为空。", "OauthTokenUtil_1", ResSystemType.BASE.getType(), new Object[0]), "token"), new Object[0]);
        }
        long j = 0;
        ApiCommonResult failResult = ApiCommonResult.getFailResult(ApiErrorCode.HTTP_BAD_REQUEST.getStatusCode(), "");
        if ("access_token".equals(str2)) {
            String realToken = getRealToken(str3);
            OAuth2Authentication oAuth2Authentication = new OAuth2Authentication();
            oAuth2Authentication.setAccountId(accountId);
            AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
            accessTokenInfo.setToken(realToken);
            accessTokenInfo.setTokenType("access_token");
            oAuth2Authentication.setToken(accessTokenInfo);
            ApiCommonResult verifyAccessToken = ApiSecurityFactory.getAccessTokenService().verifyAccessToken(oAuth2Authentication);
            if (verifyAccessToken.getStatus().booleanValue()) {
                failResult = ApiCommonResult.getSuccessResult("0", "");
                failResult.setData(verifyAccessToken.getData());
                j = ((AccessTokenInfo) verifyAccessToken.getData()).getExpires().longValue() - new Date().getTime();
            } else {
                failResult = ApiCommonResult.getFailResult(ApiErrorCode.Data_NoAuth.getStatusCode(), "AccessToken verify failed.");
            }
        } else if ("refresh_token".equals(str2)) {
            failResult = verifyRefreshToken(str, str3);
            if (failResult.getStatus().booleanValue()) {
                j = ((AccessTokenInfo) failResult.getData()).getExpires().longValue() - new Date().getTime();
            }
        } else if ("id_token".equals(str2)) {
            String realToken2 = getRealToken(str3);
            JwtInfo jwtInfo = new JwtInfo();
            jwtInfo.setJwt(realToken2);
            jwtInfo.setAccountId(accountId);
            jwtInfo.setThirdAppNumber(str);
            try {
                failResult = ((Map) ApiSecurityFactory.getSignService().versifyJWTToken(jwtInfo)) != null ? ApiCommonResult.getSuccessResult("0", "") : ApiCommonResult.getFailResult(ApiErrorCode.Data_NoAuth.getStatusCode(), ResManager.loadKDString("JWT(id_token) 验证失败：已过期。", "ApiTokenServiceImpl_12", ResSystemType.BASE.getType(), new Object[0]));
            } catch (OpenApiException e) {
                failResult = ApiCommonResult.getFailResult(ApiErrorCode.Data_NoAuth.getStatusCode(), ResManager.loadKDString("JWT(id_token) 验证失败：已过期。", "ApiTokenServiceImpl_12", ResSystemType.BASE.getType(), new Object[0]));
            }
            j = -1;
        }
        ApiAuthVerifyResultDto apiAuthVerifyResultDto = new ApiAuthVerifyResultDto();
        if (j != -1) {
            apiAuthVerifyResultDto.setExpires_in(Integer.valueOf((int) j));
        }
        apiAuthVerifyResultDto.setActive(failResult.getStatus());
        apiAuthVerifyResultDto.setScope("API");
        ApiCommonResult<ApiAuthVerifyResultDto> successResult = ApiCommonResult.getSuccessResult("0", "");
        successResult.setData(apiAuthVerifyResultDto);
        successResult.setStatus(failResult.getStatus());
        return successResult;
    }

    public ApiCommonResult<Boolean> withdrawToken() {
        Map map = (Map) OpenApiAuthContext.getContext().getContextMap().get("Request.Arg0");
        String str = (String) map.get("client_id");
        String str2 = (String) map.get("client_secret");
        String accountId = OpenApiAuthContext.getContext().getCurrentCenter().getAccountId();
        checkDateTimeAndSignture((String) map.get("nonce"), (String) map.get("timestamp"), OpenApiAuthContext.getContext().getTenantId());
        checkLock(str, str2, accountId);
        Open3rdappsDto thirdByAccountAndAppId = ThirdAppSecurityUtil.getThirdByAccountAndAppId(accountId, str);
        String str3 = (String) map.get("token_type_hint");
        if (StringUtil.isEmpty(str3) || !("access_token".equals(str3) || "refresh_token".equals(str3))) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("请求参数错误: %1$s只能是access_token,refresh_token其中一个。", "ApiTokenServiceImpl_20", ResSystemType.BASE.getType(), new Object[0]), "token_type_hint"), new Object[0]);
        }
        String str4 = (String) map.get("token");
        if (StringUtil.isEmpty(str4)) {
            throw new OpenApiException(ApiErrorCode.Data_Invalid, String.format(ResManager.loadKDString("请求参数错误: %1$s为空。", "OauthTokenUtil_1", ResSystemType.BASE.getType(), new Object[0]), "token"), new Object[0]);
        }
        ApiCommonResult<Boolean> failResult = ApiCommonResult.getFailResult(ApiErrorCode.HTTP_BAD_REQUEST.getStatusCode(), "");
        if ("access_token".equals(str3)) {
            String str5 = "ACCESS_TOKEN_KEY_" + str4;
            if (StringUtil.isEmpty(DistributeCacheUtil.getCacheByKey("AUTH_ACCESS_TOKEN_CACHE", str5, "CACHE_OPENAPI_AUTH"))) {
                throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("请求参数错误：token无效，无法撤回token。", "ApiTokenServiceImpl_4", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
            }
            String realToken = getRealToken(str4);
            OAuth2Authentication oAuth2Authentication = new OAuth2Authentication();
            oAuth2Authentication.setAccountId(accountId);
            oAuth2Authentication.setThirdAppNumber(str);
            oAuth2Authentication.setThirdId(thirdByAccountAndAppId.getFid());
            AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
            accessTokenInfo.setToken(realToken);
            accessTokenInfo.setTokenType("access_token");
            oAuth2Authentication.setToken(accessTokenInfo);
            ApiCommonResult withdrawAccessToken = ApiSecurityFactory.getAccessTokenService().withdrawAccessToken(oAuth2Authentication);
            if (!withdrawAccessToken.getStatus().booleanValue()) {
                throw new OpenApiException(ApiErrorCode.Data_UpdateFail, String.format(ResManager.loadKDString("AccessToken 撤回失败，原因：%1$s。", "ApiTokenServiceImpl_14", ResSystemType.BASE.getType(), new Object[0]), failResult.getMessage()), new Object[0]);
            }
            AccessTokenInfo accessTokenInfo2 = new AccessTokenInfo();
            accessTokenInfo2.setToken(str4);
            accessTokenInfo2.setTokenType(str3);
            oAuth2Authentication.setToken(accessTokenInfo2);
            DistributeCacheUtil.removeCacheByKey("AUTH_ACCESS_TOKEN_CACHE", str5, "CACHE_OPENAPI_AUTH");
            failResult = withdrawAccessToken.getStatus().booleanValue() ? ApiCommonResult.getSuccessResult("0", "true") : ApiCommonResult.getFailResult(ApiErrorCode.Data_NoAuth.getStatusCode(), ResManager.loadKDString("AccessToken 撤回失败。", "ApiTokenServiceImpl_13", ResSystemType.BASE.getType(), new Object[0]));
            failResult.setData(withdrawAccessToken.getStatus());
        } else if ("refresh_token".equals(str3)) {
            String str6 = "REFRESH_TOKEN_KEY_" + str + "_" + str4;
            if (StringUtil.isEmpty(DistributeCacheUtil.getCacheByKey("AUTH_REFRESH_TOKEN_CACHE", str6, "CACHE_OPENAPI_AUTH"))) {
                throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("请求参数错误：token无效，无法撤回token。", "ApiTokenServiceImpl_4", ResSystemType.BASE.getType(), new Object[0]), new Object[0]);
            }
            DistributeCacheUtil.removeCacheByKey("AUTH_REFRESH_TOKEN_CACHE", str6, "CACHE_OPENAPI_AUTH");
            failResult = ApiCommonResult.getSuccessResult("0", "true");
        }
        return failResult;
    }

    private AccessTokenInfoDto saveThirdAppAndTokenRelation(AccessTokenRequestDto accessTokenRequestDto, ApiCommonResult<AccessTokenInfo> apiCommonResult, String str, long j) {
        String thirdAppNumber = accessTokenRequestDto.getThirdAppNumber();
        String token = ((AccessTokenInfo) apiCommonResult.getData()).getToken();
        Long expires = ((AccessTokenInfo) apiCommonResult.getData()).getExpires();
        String create = Uuid.create();
        RefreshTokenInfo refreshTokenInfo = new RefreshTokenInfo();
        refreshTokenInfo.setRefreshToken(create);
        refreshTokenInfo.setAccessToken(token);
        refreshTokenInfo.setRefreshTokenExpire(new Date().getTime() + 86400000);
        String str2 = StringUtil.isNotEmpty(str) ? "id_token token" : "token";
        OAuth2Authentication oAuth2Authentication = new OAuth2Authentication();
        AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
        accessTokenInfo.setToken(token);
        accessTokenInfo.setExpires(expires);
        accessTokenInfo.setTokenType("access_token");
        AccessTokenInfo accessTokenInfo2 = new AccessTokenInfo();
        accessTokenInfo2.setTokenType("jwt_token");
        accessTokenInfo2.setToken(str);
        accessTokenInfo2.setExpires(expires);
        oAuth2Authentication.setToken(accessTokenInfo);
        oAuth2Authentication.setThirdId(accessTokenRequestDto.getThirdId());
        oAuth2Authentication.setThirdAppNumber(accessTokenRequestDto.getThirdAppNumber());
        oAuth2Authentication.setAgentUserId(accessTokenRequestDto.getAgentUserId());
        oAuth2Authentication.setAccountId(accessTokenRequestDto.getAccountId());
        oAuth2Authentication.setIdToken(accessTokenInfo2);
        oAuth2Authentication.setRefreshTokenInfo(refreshTokenInfo);
        oAuth2Authentication.setResponseType(str2);
        DistributeCacheUtil.setCacheByKey("AUTH_ACCESS_TOKEN_CACHE", "ACCESS_TOKEN_KEY_" + oAuth2Authentication.getToken().getToken(), JacksonUtil.writeValueAsString(oAuth2Authentication), "CACHE_OPENAPI_AUTH", (int) (j / 1000));
        DistributeCacheUtil.setCacheByKey("AUTH_REFRESH_TOKEN_CACHE", "REFRESH_TOKEN_KEY_" + thirdAppNumber + "_" + create, JacksonUtil.writeValueAsString(refreshTokenInfo), "CACHE_OPENAPI_AUTH", 86400);
        AccessTokenInfoDto accessTokenInfoDto = new AccessTokenInfoDto();
        accessTokenInfoDto.setRefreshToken(refreshTokenInfo);
        return accessTokenInfoDto;
    }

    private ApiCommonResult verifyRefreshToken(String str, String str2) {
        String cacheByKey = DistributeCacheUtil.getCacheByKey("AUTH_REFRESH_TOKEN_CACHE", "REFRESH_TOKEN_KEY_" + str + "_" + str2, "CACHE_OPENAPI_AUTH");
        ApiCommonResult failResult = ApiCommonResult.getFailResult(ApiErrorCode.Data_NoAuth.getStatusCode(), ResManager.loadKDString("refresh_token 验证失败：已过期。", "ApiTokenServiceImpl_11", ResSystemType.BASE.getType(), new Object[0]));
        if (StringUtil.isEmpty(cacheByKey)) {
            return failResult;
        }
        Date date = new Date();
        RefreshTokenInfo refreshTokenInfo = (RefreshTokenInfo) JacksonUtil.readValue(cacheByKey, RefreshTokenInfo.class);
        if (refreshTokenInfo == null || refreshTokenInfo.getRefreshTokenExpire() <= date.getTime()) {
            return failResult;
        }
        ApiCommonResult successResult = ApiCommonResult.getSuccessResult("0", "");
        AccessTokenInfo accessTokenInfo = new AccessTokenInfo();
        accessTokenInfo.setExpires(Long.valueOf(refreshTokenInfo.getRefreshTokenExpire()));
        successResult.setData(accessTokenInfo);
        return successResult;
    }
}
