package com.moral.service.impl;

import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;

import javax.annotation.Resource;

import org.apache.commons.codec.binary.Base64;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Service;
import org.springframework.util.ObjectUtils;
import org.springframework.web.client.RestTemplate;

import com.moral.common.bean.Constants;
import com.moral.common.util.Crypto;
import com.moral.common.util.RedisUtil;
import com.moral.entity.Account;
import com.moral.entity.OperateUser;
import com.moral.service.AccountService;
import com.moral.service.OperateUserService;
import com.moral.service.TokenService;

@Service
@SuppressWarnings({ "unchecked", "rawtypes" })
public class TokenServiceImpl implements TokenService {

	private static final String AUTH_SERVER_URI = "/oauth/token?grant_type=password&username={username}&password={password}";

	private static final String REFRESH_SERVER_URI = "/oauth/token?grant_type=refresh_token&refresh_token={refresh_token}";

	@Resource
	private AccountService accountService;

	@Resource
	private OperateUserService operateUserService;

	@Resource
	private RedisTemplate<String, String> redisTemplate;

	@Override
	public Map<String, Object> getAuthToken(String type, String username, String password, String url) {
		Map<String, Object> result = new HashMap<String, Object>();
		password = Crypto.md5(password);
		if ("screen".equals(type)) {
			Account account = accountService.getAccountByAccountName(username);
			if (ObjectUtils.isEmpty(account)) {
				result.put("msg", "用户名输入有误");
				return result;
			} else {
				if (!password.equals(account.getPassword())) {
					result.put("msg", "密码输入有误");
					return result;
				}
				if (Constants.IS_DELETE_TRUE.equals(account.getIsDelete())) {
					result.put("msg", "您的账号已禁用，请联系管理员！");
					return result;
				}
				result.put("accountId", account.getId());
			}
		} else if ("mobile".equals(type)) {
			OperateUser operateUser = operateUserService.getOperateUserByMobile(username);
			if (ObjectUtils.isEmpty(operateUser)) {
				result.put("msg", "用户名输入有误");
				return result;
			} else {
				if (!password.equals(operateUser.getPassword())) {
					result.put("msg", "密码输入有误");
					return result;
				}
				result.put("userId", operateUser.getId());
			}
		} else {
			result.put("msg", "类型输入有误");
			return result;
		}
		RedisUtil.set(redisTemplate, "token_" + username, type);
		RestTemplate restTemplate = new RestTemplate();
		HttpEntity<String> httpEntity = new HttpEntity<String>(getHeadersWithClientCredentials());
		Map map = restTemplate.postForObject(url + AUTH_SERVER_URI, httpEntity, Map.class, username, password);
		result.putAll(map);
		return result;
	}

	@Override
	public Map<String, Object> getAuthToken(String refresh_token, String url) {
		HttpEntity<String> httpEntity = new HttpEntity<String>(getHeadersWithClientCredentials());
		RestTemplate restTemplate = new RestTemplate();
		Map map = restTemplate.postForObject(url + REFRESH_SERVER_URI, httpEntity, Map.class, refresh_token);
		return map;
	}

	private static HttpHeaders getHeaders() {
		HttpHeaders headers = new HttpHeaders();
		headers.setAccept(Arrays.asList(MediaType.APPLICATION_JSON));
		return headers;
	}
	
	private static HttpHeaders getHeadersWithClientCredentials() {
		String plainClientCredentials = "my-trusted-client:secret";
		String base64ClientCredentials = new String(Base64.encodeBase64(plainClientCredentials.getBytes()));
		HttpHeaders headers = getHeaders();
		headers.add("Authorization", "Basic " + base64ClientCredentials);
		return headers;
	}
	
}