package com.kidgrow.oauth2.handler;

import cn.hutool.core.util.StrUtil;
import com.kidgrow.authclient.util.AuthUtils;
import com.kidgrow.common.constant.SecurityConstants;
import com.kidgrow.redis.util.RedisUtils;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.OAuth2Request;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.util.Assert;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br>
 *
 * @Description: <br>
 * @Project: <br>
 * @CreateDate: Created in 2020/2/20 09:58 <br>
 * @Author: <a href="4345453@kidgrow.com">liuke</a>
 */
@Slf4j
public class OauthLogoutHandler implements LogoutHandler {
    @Autowired
    private TokenStore tokenStore;
    @Autowired
    private RedisUtils redisUtils;

    @Override
    public void logout(HttpServletRequest request, HttpServletResponse response, Authentication authentication) {
        Assert.notNull(tokenStore, "tokenStore must be set");
        String token = request.getParameter("token");
        if (StrUtil.isEmpty(token)) {
            token = AuthUtils.extractToken(request);
        }
        if(StrUtil.isNotEmpty(token)){
            OAuth2AccessToken existingAccessToken = tokenStore.readAccessToken(token);
            OAuth2RefreshToken refreshToken;
            String clientId="";//属于哪个服务
            String userName="";//用户的名称
            if (existingAccessToken != null) {
                if (existingAccessToken.getRefreshToken() != null) {
                    //获取用户信息
                    Object o = redisUtils.get(SecurityConstants.REDIS_TOKEN_AUTH + existingAccessToken.getValue());
                    if(o!=null){
                        OAuth2Authentication accessToken = (OAuth2Authentication)o;
                        OAuth2Request requestOuth = accessToken.getOAuth2Request();
                        userName=accessToken.getName();
                        clientId=requestOuth.getClientId();
                    }
                    log.info("remove refreshToken!", existingAccessToken.getRefreshToken());
                    refreshToken = existingAccessToken.getRefreshToken();
                    tokenStore.removeRefreshToken(refreshToken);
                }
                log.info("remove existingAccessToken!", existingAccessToken);
                tokenStore.removeAccessToken(existingAccessToken);
                //将 token与 用户的关联  清除；
                redisUtils.removeAll(SecurityConstants.REDIS_UNAME_TO_ACCESS+clientId+":"+userName);
            }
        }
    }
}