<?php


namespace App\Service;

use App\Log;
use App\RedisModel;

class TokenService
{
    const SUITE_ACCESS_TOKEN = 'Playlet::SuitAccessToken_';
    const PROVIDER_ACCESS_TOKEN = 'Playlet::AccessToken_';
    const ACCESS_TOKEN_RDS = 'Playlet::AccessTokenBySecret_';
    const JSAPI_TICKET_RDS = 'Playlet::JsapiTicket_';
    const APP_JSAPI_TICKET_RDS = 'Playlet::AppJsapiTicket_';

    /**
     * 获取预授权码
     * */
    public static function getPreAuthCode($suiteId, $suiteSecret)
    {
        # 获取预授权码API地址
        $preAuthCodeUrl = config('qyWechat.pre_auth_code');

        # 获取令牌
        $accessToken = self::getAuthToken($suiteId, $suiteSecret);
        $preAuthCodeUrl .= $accessToken;

        $postData = [
            'component_appid' => $suiteId
        ];

        $response = HttpService::httpPost($preAuthCodeUrl, json_encode($postData));
        if($response === false) {
            Log::logError('预授权码API请求失败', [], 'PreAuthCode');
            return false;
        }
        $responseData = json_decode($response, true);
        if(empty($responseData) || (isset($responseData['errcode']) && $responseData['errcode'] != 0)) {
            # 写入日志
            Log::logError('预授权码API请求响应结果异常', $responseData, 'PreAuthCode');
            return false;
        }

        $preAuthCode = $responseData['pre_auth_code'];

        return $preAuthCode;
    }

    /**
     * 获取服务商凭证
     * @param $corpid string 服务商的corpid
     * */
    public static function getProviderToken($corpid, $suiteSecret)
    {
        $accessTokenStr = RedisModel::get(TokenService::PROVIDER_ACCESS_TOKEN. $corpid);
        if(!empty($accessTokenStr)) {
            $accessTokenData = json_decode($accessTokenStr, true);
            $expire = $accessTokenData['expire'];
            $accessToken = $accessTokenData['provider_access_token'] ?? '';
            if($expire <= time() || empty($accessToken)) {
                $accessToken = self::getProviderAccessToken($corpid, $suiteSecret);
            }
        } else {
            $accessToken = self::getProviderAccessToken($corpid, $suiteSecret);
        }

        return $accessToken;
    }

    /**
     * 获取第三方应用access_token
     * 令牌有效期2小时
     * */
    public static function getAuthToken($suiteId, $suiteSecret)
    {
        $accessTokenStr = RedisModel::get(TokenService::SUITE_ACCESS_TOKEN. md5($suiteId));
        if(!empty($accessTokenStr)) {
            $accessTokenData = json_decode($accessTokenStr, true);
            $expire = $accessTokenData['expire'];
            $accessToken = isset($accessTokenData['suite_access_token']) ?
                $accessTokenData['suite_access_token'] : '';
            if($expire <= time() || empty($accessToken)) {
                $accessToken = self::getSuiteAccessToken($suiteId, $suiteSecret);
            }
        } else {
            $accessToken = self::getSuiteAccessToken($suiteId, $suiteSecret);
        }

        return $accessToken;
    }

    /**
     * 获取第三方应用凭证
     * @param $corpid string 服务商的corpid
     * */
    public static function getProviderAccessToken($corpid, $suiteSecret, $retry=0)
    {
        $redisKey = TokenService::PROVIDER_ACCESS_TOKEN. $corpid;
        # 获取令牌API地址
        $apiComponentTokenUrl = config('qyWechat.get_provider_token');

        $postData = [
            'corpid' => $corpid,
            'provider_secret' => $suiteSecret,
        ];

        $response = HttpService::httpPost($apiComponentTokenUrl, json_encode($postData));
        $responseData = json_decode($response, true);

        if($response === false || empty($responseData) || isset($responseData['errcode'])) {
            if($retry <= 5) {
                $retry++;
                return self::getProviderAccessToken($corpid, $suiteSecret, $retry);
            }

            Log::logError('服务商凭证获取API请求失败', ['postData' => $postData, 'response' => $responseData], 'ProviderAccessToken');
            return false;
        }

        $accessToken = $responseData['provider_access_token'];
        $saveData = [
            'provider_access_token' => $accessToken,
            'expire' => time() + 7000
        ];

        # 将accessToken存入Redis
        RedisModel::set($redisKey, json_encode($saveData));
        RedisModel::expire($redisKey, 7200);

        return $accessToken;
    }

    /**
     * 获取第三方应用凭证
     * */
    public static function getSuiteAccessToken($suiteId, $suiteSecret, $retry=0)
    {
        $redisKey = TokenService::SUITE_ACCESS_TOKEN. md5($suiteId);
        # 获取令牌API地址
        $apiComponentTokenUrl = config('qyWechat.component_url');
        # 获取验证票据
        $suiteTicket = RedisModel::get('Playlet::Ticket' . md5($suiteId));

        $postData = [
            'suite_id' => $suiteId,
            'suite_secret' => $suiteSecret,
            'suite_ticket' => $suiteTicket
        ];

        Log::logInfo('postData:', [
            'postData' => $postData,
            'rds' => 'Playlet::Ticket' . md5($suiteId)
        ], 'SuiteAccessToken');

        $response = HttpService::httpPost($apiComponentTokenUrl, json_encode($postData));
        if($response === false) {
            if($retry <= 5) {
                $retry++;
                return self::getSuiteAccessToken($suiteId, $suiteSecret, $retry);
            }

            Log::logError('第三方平台令牌获取API请求失败', [], 'SuiteAccessToken');
            return false;
        }

        $responseData = json_decode($response, true);
        if(empty($responseData) || isset($responseData['errcode'])) {
            if($retry <= 5) {
                $retry++;
                return self::getSuiteAccessToken($suiteId, $suiteSecret, $retry);
            }
            Log::logError('第三方平台令牌获取API请求响应结果异常', $responseData, 'SuiteAccessToken');
            return false;
        }

        $accessToken = $responseData['suite_access_token'];
        $saveData = [
            'suite_access_token' => $accessToken,
            'expire' => time() + 7000
        ];

        # 将accessToken存入Redis
        RedisModel::set($redisKey, json_encode($saveData));
        RedisModel::expire($redisKey, 7200);

        return $accessToken;
    }

    /**
     * 获取授权方（企业）凭证
     * */
    public static function getCorpToken($corpid, $permanentCode, $suiteId, $suiteTicket, $retry=0)
    {
        # 获取SuiteAccessToken
        $suiteAccessToken = TokenService::getSuiteAccessToken($suiteId, $suiteTicket);

        # 获取永久授权码链接
        $permanentCodeUri = config('qyWechat.get_corp_token');
        $permanentCodeUri .= $suiteAccessToken;

        $postData = array('auth_corpid' => $corpid, 'permanent_code' => $permanentCode);

        $response = HttpService::httpPost($permanentCodeUri, json_encode($postData));

        $responseData = json_decode($response, true);

        if(isset($responseData['errcode']) && $responseData['errcode']) {
            if($retry <=5) {
                $retry++;
                TokenService::getCorpToken($corpid, $permanentCode, $suiteId, $suiteTicket, $retry);
            }
            Log::logError('授权方凭证获取失败', $responseData, 'CorpTokenGet');
            return false;
        }

        $accessToken = isset($responseData['access_token']) ? $responseData['access_token'] : null;
        if(empty($accessToken)) {
            if($retry <=5) {
                $retry++;
                TokenService::getCorpToken($corpid, $permanentCode, $suiteId, $suiteTicket, $retry);
            }
            Log::logError('授权方凭证获取失败', $responseData, 'CorpTokenGet');
            return false;
        }

        return $accessToken;
    }
}