package com.iailab.module.shasteel.util.token;

import lombok.extern.slf4j.Slf4j;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.util.Assert;
import org.springframework.util.Base64Utils;
import org.springframework.util.ObjectUtils;
import org.springframework.web.client.RestTemplate;

import java.nio.charset.StandardCharsets;
import java.util.Map;

/**
 * @author PanZhibao
 * @Description
 * @createTime 2024年11月21日
 */
@Slf4j
public class IailabClient {

    /**
     * 平台地址
     */
    public static String BASE_URL;

    /**
     * 租户编号
     */
    public static Long TENANT_ID;

    /**
     * 客户端信息
     */
    private static String CLIENT_ID;
    private static String CLIENT_SECRET;
    private static String USERNAME;
    private static String PASSWORD;
    private static final String GRAND_TYPE = "password";
    private static final String SCOPE = "user.read user.write";


    private static final RestTemplate restTemplate = new RestTemplate();

    // 鉴权token
    public static String accessToken;
    // 刷新token
    public static String refreshToken;
    // 鉴权token过期时间
    public static Long expireTime;

    private static final IailabClient iailabClient = new IailabClient();

    private IailabClient() {
//        BASE_URL = PlatApplicationContext.getProperty("iailab.baseUrl");
//        TENANT_ID = Long.parseLong(PlatApplicationContext.getProperty("iailab.tenantId"));
//        CLIENT_ID = PlatApplicationContext.getProperty("iailab.clientId");
//        CLIENT_SECRET = PlatApplicationContext.getProperty("iailab.clientSecret");
//        USERNAME = PlatApplicationContext.getProperty("iailab.username");
//        PASSWORD = PlatApplicationContext.getProperty("iailab.password");

        BASE_URL = "http://127.0.0.1:48080/admin-api/system";
        TENANT_ID = 176L;
        CLIENT_ID = "shasteel";
        CLIENT_SECRET = "shasteel111111111111111";
        USERNAME = "shasteel";
        PASSWORD = "123456";
    }

    public static IailabClient getInstance() {
        return iailabClient;
    }

    /**
     * 用户名密码方式获取平台token
     */
    private static synchronized void authenticate() {
        log.info("获取平台token");
        // 1.1 构建请求头
        HttpHeaders headers = new HttpHeaders();
        addClientHeader(headers);
        // 1.2 构建authenticate请求URL
        String authenticateUrl = BASE_URL + "/oauth2/token?"
                // 密码模式的参数
                + "grant_type=" + GRAND_TYPE
                + "&username=" + USERNAME
                + "&password=" + PASSWORD
                + "&scope=" + SCOPE;
        // 2. 执行请求
        ResponseEntity<Map<String, Object>> exchange = restTemplate.exchange(
                authenticateUrl,
                HttpMethod.POST,
                new org.springframework.http.HttpEntity<>(headers),
                new ParameterizedTypeReference<Map<String, Object>>() {
                });
        Assert.isTrue(exchange.getStatusCode().is2xxSuccessful(), "响应必须是 200 成功");
        log.info(exchange.toString());
        Map<String, Object> authMap = exchange.getBody();
        accessToken = authMap.get("access_token").toString();
        refreshToken = authMap.get("refresh_token").toString();
        expireTime = Long.valueOf(authMap.get("expires_time").toString());
    }

    private static synchronized void refreshToken() {
        log.info("刷新token");
        // 1.1 构建请求头
        HttpHeaders headers = new HttpHeaders();
        addClientHeader(headers);
        // 1.2 构建authenticate请求URL
        String authenticateUrl = BASE_URL + "/system/auth/client-refresh-token?refreshToken=" + refreshToken
                + "&clientId=" + CLIENT_ID;
        // 2. 执行请求
        ResponseEntity<Map<String, Object>> exchange = restTemplate.exchange(
                authenticateUrl,
                HttpMethod.POST,
                new org.springframework.http.HttpEntity<>(headers),
                new ParameterizedTypeReference<Map<String, Object>>() {
                });
        Assert.isTrue(exchange.getStatusCode().is2xxSuccessful(), "响应必须是 200 成功");
        Map<String, Object> authMap = exchange.getBody();
        //刷新token过期，重新获取token
        if (!ObjectUtils.isEmpty(authMap.get("code"))) {
            Integer code = Integer.valueOf(authMap.get("code").toString());
            if (code == 401) {
                authenticate();
            }
        } else {
            accessToken = authMap.get("access_token").toString();
            expireTime = Long.valueOf(authMap.get("expires_time").toString());
        }
    }

    private static void addClientHeader(HttpHeaders headers) {
        // client 拼接，需要 BASE64 编码
        String client = CLIENT_ID + ":" + CLIENT_SECRET;
        client = Base64Utils.encodeToString(client.getBytes(StandardCharsets.UTF_8));
        headers.add("Authorization", "Basic " + client);
        headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        headers.set("tenant-id", TENANT_ID.toString());
    }

    public static String getToken() {
        //第一次请求或者token过期，需要重新获取token
        if(ObjectUtils.isEmpty(IailabClient.accessToken)) {
            IailabClient.authenticate();
        } else if (IailabClient.expireTime < System.currentTimeMillis() / 1000) {
            IailabClient.refreshToken();
        }
        
        return accessToken;
    }
    public static Long getTenantId() {
        return TENANT_ID;
    }
}