package com.epmet.auth;

import com.epmet.commons.tools.exception.EpmetErrorCode;
import com.epmet.commons.tools.exception.RenException;
import com.epmet.commons.tools.redis.RedisKeys;
import com.epmet.commons.tools.redis.RedisUtils;
import com.epmet.commons.tools.utils.Md5Util;
import com.epmet.commons.tools.utils.Result;
import com.epmet.commons.tools.utils.SpringContextUtils;
import com.epmet.feign.EpmetCommonServiceOpenFeignClient;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;

/**
 * md5 认证处理器
 */
@Component
public class ExtAppMD5AuthProcessor extends ExtAppAuthProcessor {

    private static Logger logger = LoggerFactory.getLogger(ExtAppMD5AuthProcessor.class);

    //@Autowired
    //private EpmetCommonServiceOpenFeignClient commonServiceOpenFeignClient;

    @Autowired
    private RedisUtils redisUtils;

    @Override
    public void auth(String appId, String token, Long ts, ServerWebExchange exchange) {
        if (ts == null) {
            throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "需要传入时间戳参数");
        }
        String secret;
        if (StringUtils.isBlank(secret = getTokenFromCache(appId))) {
            throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), String.format("根据AppId:%s没有找到对应的秘钥", appId));
        }

        String localDigest = Md5Util.md5(secret.concat(":") + ts);
        if (!localDigest.equals(token)) {
            // 调用方生成的摘要跟本地生成的摘要不匹配
            throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "签名不匹配，认证失败");
        }

        if (!validTimeStamp(ts)) {
            logger.error("AccessToken已经超时，请求被拒绝");
            throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), "AccessToken已经超时，请求被拒绝");
        }
    }

    /**
     * 通过APP ID查询对应的秘钥
     *
     * @param appId
     * @return
     */
    public String getTokenFromCache(String appId) {
        String secret = (String) redisUtils.get(RedisKeys.getExternalAppSecretKey(appId));
        if (StringUtils.isBlank(secret)) {
            EpmetCommonServiceOpenFeignClient commonService = SpringContextUtils.getBean(EpmetCommonServiceOpenFeignClient.class);
            Result<String> result = commonService.getSecret(appId);
            if (!result.success()) {
                throw new RenException(EpmetErrorCode.OPER_EXTERNAL_APP_AUTH_ERROR.getCode(), result.getInternalMsg());
            }

            secret = result.getData();
            redisUtils.set(RedisKeys.getExternalAppSecretKey(appId), secret);
        }
        return secret;
    }

}