package cn.com.pc.aaa;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.util.Base64;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;

/* loaded from: input_file:cn/com/pc/aaa/AaaMiniClient.class */
public class AaaMiniClient {
    private String appKey;
    private String appSecret;
    private String idpServer;
    private String globalToken;
    private long expOfAGlobalToken;
    private String refreshToken;
    private long expOfRefreshToken;
    private final OkHttpClient httpClient = new OkHttpClient();

    public AaaMiniClient(String str, String str2, String str3) {
        this.appKey = str;
        this.appSecret = str2;
        this.idpServer = str3;
    }

    public synchronized String getGlobalToken() throws AaaException {
        refreshAsNeeded();
        return this.globalToken;
    }

    void refreshAsNeeded() throws AaaException {
        if ("".equals(this.idpServer)) {
            throw new AaaException("without idp server can not get global token and local token for self.");
        }
        long currentTimeMillis = System.currentTimeMillis();
        if (getExpOfRefreshToken() - currentTimeMillis < 60000) {
            auth();
            return;
        }
        if (getExpOfAGlobalToken() - currentTimeMillis < 60000) {
            try {
                refresh();
            } catch (Exception e) {
                e.printStackTrace(System.err);
                auth();
            }
        }
    }

    void auth() throws AaaException {
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            Response execute = this.httpClient.newCall(new Request.Builder().url(this.idpServer + "/auth/token").header("User-Agent", "pc-aaa-client v1.0").header("Content-Type", "application/json").header("sign", signAuth(currentTimeMillis)).post(RequestBody.create(MediaType.parse("application/json"), "{\"app\": \"" + this.appKey + "\", \"timestamp\":" + currentTimeMillis + "}")).build()).execute();
            try {
                if (!execute.isSuccessful()) {
                    throw new AaaException("Error occur when auth the app tokens from idp server, response " + execute);
                }
                JsonNode readTree = new ObjectMapper().readTree(execute.body().string());
                updateToken(readTree.get("accessToken").asText(), readTree.get("accessExp").asLong() * 1000, readTree.get("refreshToken").asText(), readTree.get("refreshExp").asLong() * 1000);
                if (execute != null) {
                    execute.close();
                }
            } finally {
            }
        } catch (IOException e) {
            throw new AaaException("Error occur when auth the app tokens from idp server.", e);
        }
    }

    String signAuth(long j) throws AaaException {
        StringBuilder sb = new StringBuilder();
        byte[] decode = Base64.getUrlDecoder().decode(this.appSecret);
        System.out.println(this.appSecret);
        System.out.println(new String(decode));
        System.out.println(decode.length);
        sb.append("app=").append(this.appKey).append("&host=").append(this.idpServer.substring(this.idpServer.indexOf("://") + 3)).append("&method=").append("POST").append("&timestamp=").append(j).append("&uri=").append("/auth/token");
        System.out.println(sb.toString());
        SecretKeySpec secretKeySpec = new SecretKeySpec(decode, "HmacSHA256");
        try {
            Mac mac = Mac.getInstance(secretKeySpec.getAlgorithm());
            mac.init(secretKeySpec);
            return Base64.getUrlEncoder().encodeToString(mac.doFinal(sb.toString().getBytes()));
        } catch (Exception e) {
            throw new AaaException("Error occur when sign auth request.", e);
        }
    }

    void refresh() throws AaaException {
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            Response execute = this.httpClient.newCall(new Request.Builder().url(this.idpServer + "/auth/refresh").header("User-Agent", "pc-aaa-client v1.0").header("Content-Type", "application/json").header("sign", signRefresh(currentTimeMillis)).post(RequestBody.create(MediaType.parse("application/json"), "{\"app\": \"" + this.appKey + "\", \"refreshToken\": \"" + this.refreshToken + "\", \"timestamp\": " + currentTimeMillis + "}")).build()).execute();
            try {
                if (!execute.isSuccessful()) {
                    throw new IOException("Unexpected code " + execute);
                }
                JsonNode readTree = new ObjectMapper().readTree(execute.body().string());
                String asText = readTree.get("accessToken").asText();
                String asText2 = readTree.get("refreshToken").asText();
                long asLong = readTree.get("accessExp").asLong();
                long asLong2 = readTree.get("refreshExp").asLong();
                System.currentTimeMillis();
                updateToken(asText, asLong * 1000, asText2, asLong2 * 1000);
                if (execute != null) {
                    execute.close();
                }
            } finally {
            }
        } catch (Exception e) {
            throw new AaaException("Error occur when refresh the app tokens from idp server.", e);
        }
    }

    String signRefresh(long j) throws AaaException {
        StringBuilder sb = new StringBuilder();
        byte[] decode = Base64.getUrlDecoder().decode(this.appSecret);
        sb.append("app=").append(this.appKey).append("&host=").append(this.idpServer.substring(this.idpServer.indexOf("://") + 3)).append("&method=").append("POST").append("&refreshToken=").append(this.refreshToken).append("&timestamp=").append(j).append("&uri=").append("/auth/refresh");
        SecretKeySpec secretKeySpec = new SecretKeySpec(decode, "HmacSHA256");
        try {
            Mac mac = Mac.getInstance(secretKeySpec.getAlgorithm());
            mac.init(secretKeySpec);
            return Base64.getUrlEncoder().encodeToString(mac.doFinal(sb.toString().getBytes()));
        } catch (Exception e) {
            throw new AaaException("Error occur when sign refresh request.", e);
        }
    }

    synchronized void updateToken(String str, long j, String str2, long j2) {
        this.globalToken = str;
        this.expOfAGlobalToken = j;
        this.refreshToken = str2;
        this.expOfRefreshToken = j2;
    }

    synchronized long getExpOfRefreshToken() {
        return this.expOfRefreshToken;
    }

    synchronized long getExpOfAGlobalToken() {
        return this.expOfAGlobalToken;
    }
}
