package io.dingodb.verify.auth;

import com.google.auto.service.AutoService;
import io.dingodb.common.auth.Authentication;
import io.dingodb.common.auth.Certificate;
import io.dingodb.common.environment.ExecutionEnvironment;
import io.dingodb.net.service.AuthService;
import io.dingodb.sdk.service.entity.common.Location;
import io.dingodb.verify.auth.TokenAuth;
import io.dingodb.verify.token.TokenManager;
import java.util.Iterator;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.ServiceLoader;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/dingodb/verify/auth/TokenAuthService.class */
public class TokenAuthService implements AuthService<Authentication> {
    public TokenAuth tokenAuth;
    private static final Logger log = LoggerFactory.getLogger((Class<?>) TokenAuthService.class);
    private static final AuthService INSTANCE = new TokenAuthService();
    ExecutionEnvironment env = ExecutionEnvironment.getExecutionEnvironment();
    Iterable<TokenAuth.Provider> serviceProviders = ServiceLoader.load(TokenAuth.Provider.class);

    @AutoService({AuthService.Provider.class})
    /* loaded from: input_file:io/dingodb/verify/auth/TokenAuthService$TokenAuthServiceProvider.class */
    public static class TokenAuthServiceProvider implements AuthService.Provider {
        @Override // io.dingodb.net.service.AuthService.Provider
        public <C> AuthService<C> get() {
            return TokenAuthService.INSTANCE;
        }
    }

    public TokenAuthService() {
        try {
            Iterator<TokenAuth.Provider> it = this.serviceProviders.iterator();
            while (it.hasNext()) {
                this.tokenAuth = it.next().get();
                log.info("tokenAuth:" + this.tokenAuth);
            }
        } catch (NoSuchElementException e) {
            this.tokenAuth = null;
        }
    }

    public static String getInnerAuthToken() {
        return TokenManager.INSTANCE.createInnerToken();
    }

    private static Map<String, Object> verifyToken(String str) {
        return TokenManager.INSTANCE.certificateToken(str);
    }

    @Override // io.dingodb.net.service.AuthService
    public String tag() {
        return "token";
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // io.dingodb.net.service.AuthService
    public Authentication createCertificate() {
        String authToken;
        if (this.tokenAuth == null) {
            log.info("tokenAuth = null");
            authToken = getInnerAuthToken();
        } else {
            log.info("tokenAuth:" + this.tokenAuth);
            authToken = this.tokenAuth.getAuthToken();
        }
        if (StringUtils.isNotBlank(authToken)) {
            return Authentication.builder().token(authToken).role(this.env.getRole()).build();
        }
        return null;
    }

    @Override // io.dingodb.net.service.AuthService
    public Object validate(Authentication authentication) throws Exception {
        Map<String, Object> verifyToken = verifyToken(authentication.getToken());
        if (verifyToken == null) {
            throw new Exception("auth token error");
        }
        String str = (String) verifyToken.get(Location.Fields.host);
        String str2 = (String) verifyToken.get("user");
        if (StringUtils.isNotBlank(str2) && StringUtils.isNotBlank(str) && this.tokenAuth != null) {
            authentication.setUsername(str2);
            authentication.setHost(str);
            this.tokenAuth.cachePrivileges(authentication);
        }
        return Certificate.builder().code(100).build();
    }
}
