package kd.bos.openapi.base.security.oauth.token.impl;

import java.util.Map;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.openapi.base.limit.LimitFlowRuleConfigUtil;
import kd.bos.openapi.base.security.api.impl.ApiSecurityFactory;
import kd.bos.openapi.base.util.DistributeCacheUtil;
import kd.bos.openapi.common.constant.ApiErrorCode;
import kd.bos.openapi.common.constant.ResSystemType;
import kd.bos.openapi.common.exception.OpenApiException;
import kd.bos.openapi.common.util.StringUtil;
import kd.bos.openapi.kcf.context.OpenApiAuthContext;
import kd.bos.openapi.kcf.utils.OpenApiPluginUtil;
import kd.bos.openapi.security.model.TokenUrlEnum;
import kd.bos.openapi.security.oauth.token.ApiTokenService;
import kd.bos.openapi.security.oauth.token.TokenFacadeService;
import kd.bos.service.authorize.model.ApiCommonResult;

/* loaded from: input_file:kd/bos/openapi/base/security/oauth/token/impl/TokenFacadeServiceImpl.class */
public class TokenFacadeServiceImpl implements TokenFacadeService {
    private static int TOKEN_LIMIT_COUNT = 30;
    private static int TOKEN_LIMIT_TIMEOUT = 60;
    private static String TOKEN_LIMIT_PREFIX = "TOKEN_LIMIT_";

    public <T> ApiCommonResult<T> invoke(String str, String str2) {
        ApiCommonResult<T> withdrawToken;
        if (StringUtil.isEmpty(str2)) {
            str2 = "v1";
        }
        if ("custom".equals(OpenApiAuthContext.getContext().getHeaders().get("OpenApiVer")) && isEnableTokenExt()) {
            str2 = "custom";
        }
        ApiTokenService apiTokenService = ApiSecurityFactory.getApiTokenService(str2);
        boolean z = -1;
        switch (str.hashCode()) {
            case -1480789917:
                if (str.equals("/oauth2/refreshToken")) {
                    z = true;
                    break;
                }
                break;
            case -1450321957:
                if (str.equals("/oauth2/verifyToken")) {
                    z = 2;
                    break;
                }
                break;
            case 1415222088:
                if (str.equals("/oauth2/getToken")) {
                    z = false;
                    break;
                }
                break;
            case 2091384106:
                if (str.equals("/oauth2/withdrawToken")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                withdrawToken = apiTokenService.getToken();
                break;
            case true:
                withdrawToken = apiTokenService.refreshToken();
                break;
            case true:
                withdrawToken = apiTokenService.verifyToken();
                break;
            case LimitFlowRuleConfigUtil.REQUEST_TYPE_DELETE /* 3 */:
                withdrawToken = apiTokenService.withdrawToken();
                break;
            default:
                throw new OpenApiException(ApiErrorCode.Data_Invalid, ResManager.loadKDString("请求参数错误: 不合法的URL。", "OauthTokenUtil_4", ResSystemType.KCF.getType(), new Object[0]), new Object[0]);
        }
        return withdrawToken;
    }

    private boolean isEnableTokenExt() {
        Map authPluginClass = OpenApiPluginUtil.getAuthPluginClass("api_tokenext_plugin", OpenApiAuthContext.getContext().getCurrentCenter().getAccountId());
        return (StringUtil.isEmpty((String) authPluginClass.get("api_tokenext_plugin")) || StringUtil.isEmpty((String) authPluginClass.get("api_global_pluginappid"))) ? false : true;
    }

    public void limit(String str, String str2, String str3) {
        if (DistributeCacheUtil.inc(TOKEN_LIMIT_PREFIX + str2 + "_" + TokenUrlEnum.getToken(str).getType() + "_" + (System.currentTimeMillis() / (TOKEN_LIMIT_TIMEOUT * 1000)), str3, TOKEN_LIMIT_TIMEOUT) > TOKEN_LIMIT_COUNT) {
            throw new OpenApiException(ApiErrorCode.HTTP_TOO_MANY_REQUEST, "Too many request, Flow Limit is exceed.", new Object[0]);
        }
    }
}
