/*
 * Copyright 2018-2020 by jason. All Rights Reserved.
 *
 * Permission to use, copy, modify, and distribute this software and its
 * documentation for any purpose and without fee is hereby granted,
 * provided that the above copyright notice appear in all copies and that
 * both that copyright notice and this permission notice appear in
 * supporting documentation, and that the name of Vinay Sajip
 * not be used in advertising or publicity pertaining to distribution
 * of the software without specific, written prior permission.
 * VINAY SAJIP DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
 * ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL
 * VINAY SAJIP BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
 * ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER
 * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
 * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 *
 */

package cn.mb.cloud.auth.security.handler;

import cn.mb.cloud.auth.security.component.MbCloudAuthUser;
import cn.mb.cloud.auth.security.service.MbCloudUserAuthDetailsService;
import cn.mb.cloud.auth.security.service.impl.MbCloudRedisTokenStore;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.stereotype.Component;

import java.util.Collection;

/**
 * @author: jason
 * @Date: 2019-05-17 17:20
 * @Description:
 */
@Slf4j
@Order(Ordered.HIGHEST_PRECEDENCE)
@Component
public class GlobalSuccessHandler implements ApplicationListener<AuthenticationSuccessEvent> {

    private ThreadLocal<Integer> lastEventHashCode = ThreadLocal.withInitial(() -> Integer.valueOf(0));


    @Autowired
    private MbCloudUserAuthDetailsService userAuthDetailsService;

    @Autowired
    private MbCloudRedisTokenStore removeAccessToken;
    @Override
    public void onApplicationEvent(AuthenticationSuccessEvent event) {
        final int currentEventHashCode = event.hashCode();
        log.info("监听到认证成功事件 ---> Last event hash code：{}，current event hash code：{}", lastEventHashCode.get(),
                currentEventHashCode);

        Authentication authentication = event.getAuthentication();
        Object principal = authentication.getPrincipal();

        if (principal instanceof MbCloudAuthUser) {

            MbCloudAuthUser user = (MbCloudAuthUser)principal;
            Collection<OAuth2AccessToken> mbcloud = removeAccessToken.findTokensByClientIdAndUserName("mbcloud", user.getUsername());
            mbcloud.stream().forEach(item->{
                removeAccessToken.removeAccessToken(item.getValue());
            });

            MbCloudAuthUser authUser = (MbCloudAuthUser) principal;
            // 认证成功事件会触发两次，防止处理两次影响性能，所以判断Hash Code避免重复操作
            if (lastEventHashCode.get().intValue() != currentEventHashCode) {
                userAuthDetailsService.loadUserPermissions(authUser.getId());
            }
        }
    }
}