package io.xianzhi.security.resource.handler;

import io.xianzhi.authorization.sdk.handler.AuthorizationHandler;
import io.xianzhi.core.code.CommonCode;
import io.xianzhi.core.context.UserBO;
import io.xianzhi.core.context.UserContext;
import io.xianzhi.security.OAuth2UserDetails;
import io.xianzhi.security.resource.exception.OAuth2Exception;
import jakarta.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.oauth2.core.OAuth2AuthenticatedPrincipal;
import org.springframework.security.oauth2.jwt.JwtDecoder;
import org.springframework.security.oauth2.jwt.JwtValidationException;
import org.springframework.security.oauth2.server.resource.introspection.OpaqueTokenIntrospector;
import org.springframework.util.StringUtils;

/* loaded from: input_file:io/xianzhi/security/resource/handler/XianZhiOpaqueTokenIntrospector.class */
public class XianZhiOpaqueTokenIntrospector implements OpaqueTokenIntrospector {
    private static final Logger log = LoggerFactory.getLogger(XianZhiOpaqueTokenIntrospector.class);

    @Resource
    private AuthorizationHandler authorizationHandler;

    @Resource
    private JwtDecoder jwtDecoder;

    public OAuth2AuthenticatedPrincipal introspect(String str) {
        if (!StringUtils.hasText(str)) {
            throw new OAuth2Exception(CommonCode.UNAUTHORIZED);
        }
        try {
            OAuth2UserDetails oAuth2UserDetails = (OAuth2UserDetails) ((UserBO) this.authorizationHandler.getAuthorizationCacheByUserId(this.jwtDecoder.decode(str).getClaimAsString("id")).orElseThrow(() -> {
                return new OAuth2Exception(CommonCode.UNAUTHORIZED);
            }));
            UserContext.set(oAuth2UserDetails);
            return oAuth2UserDetails;
        } catch (JwtValidationException e) {
            log.error("解析Token失败:{}", e.getMessage(), e);
            throw new OAuth2Exception(CommonCode.UNAUTHORIZED);
        }
    }
}
