package cn.kinyun.scrm.page.auth.service.impl;

import cn.kinyun.scrm.page.auth.dto.OAuthPageDto;
import cn.kinyun.scrm.page.auth.dto.SnsUserDto;
import cn.kinyun.scrm.page.auth.service.OauthService;
import cn.kinyun.scrm.page.auth.service.ShortUrlService;
import cn.kinyun.scrm.page.auth.utils.PageAuthRedisUtil;
import cn.kinyun.scrm.weixin.sdk.api.WxOAuth2API;
import cn.kinyun.scrm.weixin.sdk.entity.sns.SnsAccessToken;
import cn.kinyun.scrm.weixin.sdk.entity.sns.SnsUserinfo;
import com.google.common.base.Preconditions;
import com.kuaike.common.utils.JacksonUtil;
import com.kuaike.common.utils.MD5Utils;
import com.kuaike.scrm.common.enums.OauthShortUrlTypeEnum;
import com.kuaike.scrm.common.enums.WxOAuthScope;
import com.kuaike.scrm.common.utils.IdGen;
import com.kuaike.scrm.dal.marketing.entity.OauthShortUrl;
import com.kuaike.scrm.dal.marketing.mapper.OauthShortUrlMapper;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.text.MessageFormat;
import java.time.Duration;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.session.web.http.CookieSerializer;
import org.springframework.session.web.http.DefaultCookieSerializer;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:cn/kinyun/scrm/page/auth/service/impl/OauthServiceImpl.class */
public class OauthServiceImpl implements OauthService {
    private static final Logger log = LoggerFactory.getLogger(OauthServiceImpl.class);

    @Value("${oauth.appId}")
    private String appId;

    @Value("${oauth.appSecret}")
    private String appSecret;

    @Value("${scrm.domain.protocol}${scrm.domain.scrm-manager}${oauth.callbackUrl}")
    private String callbackUrl;

    @Value("${scrm.domain.protocol}${scrm.domain.scrm-manager}${oauth.shortUrl}")
    private String oauthShortUrl;

    @Value("${scrm.domain.protocol}${scrm.domain.scrm-manager}${oauth.defaultUrl}")
    private String defaultUrl;

    @Value("${scrm.domain.root}")
    private String domain;

    @Resource
    private OauthShortUrlMapper oauthShortUrlMapper;

    @Autowired
    private WxOAuth2API wxOAuth2API;

    @Autowired
    private PageAuthRedisUtil pageAuthRedisUtil;

    @Autowired
    private ShortUrlService shortUrlService;

    @Autowired
    private IdGen idGen;

    @Override // cn.kinyun.scrm.page.auth.service.OauthService
    public String wrapUrl(Long l, String str) {
        log.info("wrap url with params={}", str);
        Preconditions.checkArgument(StringUtils.isNoneBlank(new CharSequence[]{str}), "跳转url为空");
        OauthShortUrl queryShortUrlByOriginUrl = this.oauthShortUrlMapper.queryShortUrlByOriginUrl(str);
        if (queryShortUrlByOriginUrl != null && StringUtils.isNotBlank(queryShortUrlByOriginUrl.getShortUrl())) {
            return MessageFormat.format(this.oauthShortUrl, queryShortUrlByOriginUrl.getShortUrl());
        }
        OAuthPageDto oAuthPageDto = new OAuthPageDto();
        oAuthPageDto.setUrl(str);
        oAuthPageDto.setType(Integer.valueOf(OauthShortUrlTypeEnum.MERCHANT_WRAP_URL.getValue()));
        oAuthPageDto.setBizId(l);
        oAuthPageDto.setFrom(String.valueOf(l));
        oAuthPageDto.setTo("");
        return getShortUrl(oAuthPageDto);
    }

    @Override // cn.kinyun.scrm.page.auth.service.OauthService
    public String handleCallback(String str, String str2, String str3, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        SnsUserinfo oauthUserInfo;
        log.info("callback with code={}, state={}, param={}", new Object[]{str2, str3, str});
        OAuthPageDto decrypt = OAuthPageDto.decrypt(str);
        if (decrypt == null) {
            log.warn("Invalid param. value={}", str);
            return this.defaultUrl;
        }
        String url = decrypt.getUrl();
        if (StringUtils.isBlank(str2)) {
            log.warn("Matching failed: code is empty. params={}", decrypt);
            return url;
        }
        SnsAccessToken accessToken = getAccessToken(str2);
        if (accessToken != null && (oauthUserInfo = getOauthUserInfo(accessToken.getAccessToken(), accessToken.getOpenId())) != null) {
            cacheUser(httpServletRequest, httpServletResponse, decrypt.getBizId(), oauthUserInfo);
            return url;
        }
        return url;
    }

    private String getShortUrl(OAuthPageDto oAuthPageDto) {
        Preconditions.checkArgument(oAuthPageDto != null, "params is null");
        Preconditions.checkArgument(oAuthPageDto.getType() != null, "type is null");
        Preconditions.checkArgument(StringUtils.isNoneBlank(new CharSequence[]{oAuthPageDto.getUrl()}), "url is empty");
        String buildOAuthUrl = buildOAuthUrl(oAuthPageDto);
        log.info("build oauth url, originUrl: {}, oauthUrl: {}", oAuthPageDto.getUrl(), buildOAuthUrl);
        String num = this.idGen.getNum();
        this.shortUrlService.recordShortUrl(this.appId, oAuthPageDto.getType(), oAuthPageDto.getUrl(), buildOAuthUrl, num);
        String format = MessageFormat.format(this.oauthShortUrl, num);
        log.info("generate shortUrl: {}", format);
        return format;
    }

    private String buildOAuthUrl(OAuthPageDto oAuthPageDto) {
        String str = this.callbackUrl + "?v=" + oAuthPageDto.encrypt();
        try {
            str = URLEncoder.encode(str, "UTF-8");
        } catch (UnsupportedEncodingException e) {
        }
        StringBuilder sb = new StringBuilder();
        sb.append("https://open.weixin.qq.com/connect/oauth2/authorize?response_type=code");
        sb.append("&appid=").append(this.appId);
        sb.append("&redirect_uri=").append(str);
        sb.append("&scope=").append(WxOAuthScope.SNSAPI_USERINFO.getValue());
        sb.append("&state=").append(System.currentTimeMillis());
        sb.append("#wechat_redirect");
        return sb.toString();
    }

    private SnsAccessToken getAccessToken(String str) {
        return this.wxOAuth2API.accessToken(this.appId, this.appSecret, str);
    }

    private SnsUserinfo getOauthUserInfo(String str, String str2) {
        return this.wxOAuth2API.getUserinfo(str, str2, "zh_CN");
    }

    private void cacheUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Long l, SnsUserinfo snsUserinfo) {
        log.info("cache snsUserinfo:{}", snsUserinfo);
        String openId = snsUserinfo.getOpenId();
        String MD5 = MD5Utils.MD5(this.appId + "," + openId);
        SnsUserDto snsUserDto = new SnsUserDto();
        snsUserDto.setType(0);
        snsUserDto.setBusinessCustomerId(l);
        snsUserDto.setAppId(this.appId);
        snsUserDto.setOpenId(openId);
        snsUserDto.setUniqueId(snsUserinfo.getUnionId());
        snsUserDto.setNickname(snsUserinfo.getNickname());
        snsUserDto.setSex(snsUserinfo.getSex());
        snsUserDto.setProvince(snsUserinfo.getProvince());
        snsUserDto.setCity(snsUserinfo.getCity());
        snsUserDto.setCountry(snsUserinfo.getCountry());
        snsUserDto.setHeadImgUrl(snsUserinfo.getHeadImgUrl());
        this.pageAuthRedisUtil.setSnsUser(MD5, JacksonUtil.obj2Str(snsUserDto), Duration.ofSeconds(3600L));
        log.info("domain:{}, token:{}", this.domain, MD5);
        DefaultCookieSerializer defaultCookieSerializer = new DefaultCookieSerializer();
        defaultCookieSerializer.setCookieName("SNS_USERINFO_TOKEN");
        defaultCookieSerializer.setCookieMaxAge(3600);
        defaultCookieSerializer.setCookiePath("/");
        defaultCookieSerializer.setDomainName(this.domain);
        defaultCookieSerializer.setUseHttpOnlyCookie(true);
        defaultCookieSerializer.setUseBase64Encoding(true);
        defaultCookieSerializer.writeCookieValue(new CookieSerializer.CookieValue(httpServletRequest, httpServletResponse, MD5));
    }
}
