package Sso

import (
	"dsBaseWeb/Utils/CommonUtil"
	"dsBaseWeb/Utils/ConfigUtil"
	"dsBaseWeb/Utils/RedisUtil"
	"encoding/base64"
	"github.com/gin-gonic/gin"
	"github.com/valyala/fasthttp"
	"net/http"
)

//模块的路由配置
func Routers(r *gin.RouterGroup) {
	rr := r.Group("/sso")
	//配置接口
	rr.GET("/CheckSsoCode", CheckSsoCode)
	return
}

func CheckSsoCode(c *gin.Context) {
	//获取统一认证返回的code
	code := c.Query("code")
	//获取最终访问的地址，并baes64解密
	reqCallBackURLBytes, _ := base64.StdEncoding.DecodeString(c.Query("oauth_callback"))
	reqCallBackURL := string(reqCallBackURLBytes)

	//拼统一认证验证code接口地址
	checkCodeUrl := ConfigUtil.SsoServer + ConfigUtil.AuthTokenURI
	//拼统一认证验证code接口需要的参数
	args := &fasthttp.Args{}
	args.Add("code", code)
	args.Add("client_id", ConfigUtil.ClientId)
	args.Add("client_secret", ConfigUtil.ClientSecret)
	args.Add("grant_type", ConfigUtil.GrantType)
	args.Add("redirect_uri", ConfigUtil.RedirectURI)

	//用POST调用统一认证验证code接口
	_, resp, _ := fasthttp.Post(nil, checkCodeUrl, args)
	//统一认证返回的信息
	respMap := CommonUtil.ConvertJsonStringToMap(string(resp))
	accessToken := respMap["access_token"].(string)
	personId := respMap["person_id"].(string)
	identityId := CommonUtil.ConvertInt32ToString(int32(respMap["identity_id"].(float64)))
	//生成token，在拦截中会进行校验，防止cookie被篡改
	token := CommonUtil.MD5([]byte(personId + "_" + identityId + "_dsideal4r5t6y7u"))

	//写cookie
	c.SetCookie(ConfigUtil.AccessTokenKey, accessToken, 0, "/", "", false, true)
	c.SetCookie("person_id", personId, 0, "/", "", false, true)
	c.SetCookie("identity_id", identityId, 0, "/", "", false, true)
	c.SetCookie("token", token, 0, "/", "", false, true)

	//将返回的access_token写入到redis
	RedisUtil.SET(accessToken, "1")
	RedisUtil.EXPIRE(accessToken)

	//跳转到最终访问的地址
	c.Redirect(http.StatusMovedPermanently, reqCallBackURL)
}