package org.onetwo.boot.core.jwt;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClaims;
import java.time.LocalDateTime;
import java.util.Map;
import java.util.stream.Collectors;
import org.onetwo.common.convert.Types;
import org.onetwo.common.date.Dates;
import org.onetwo.common.exception.BaseException;
import org.onetwo.common.exception.ServiceException;
import org.onetwo.common.reflect.BeanToMapConvertor;
import org.onetwo.common.utils.StringUtils;
import org.onetwo.common.web.userdetails.GenericUserDetail;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;

/* loaded from: input_file:org/onetwo/boot/core/jwt/SimpleJwtTokenService.class */
public class SimpleJwtTokenService implements JwtTokenService, InitializingBean {
    private static final Logger log = LoggerFactory.getLogger(SimpleJwtTokenService.class);
    private final BeanToMapConvertor beanToMap = BeanToMapConvertor.BeanToMapBuilder.newBuilder().enableFieldNameAnnotation().build();
    private String propertyKey = JwtUtils.PROPERTY_KEY;
    private JwtConfig jwtConfig;

    protected Long getExpirationInSeconds() {
        return this.jwtConfig.getExpirationInSeconds();
    }

    public void afterPropertiesSet() throws Exception {
        if (StringUtils.isBlank(this.jwtConfig.getSigningKey())) {
            throw new BaseException("jwt signingKey not found!");
        }
    }

    @Override // org.onetwo.boot.core.jwt.JwtTokenService
    public JwtTokenInfo generateToken(GenericUserDetail<?> genericUserDetail) {
        Map<String, Object> flatMap = this.beanToMap.toFlatMap(genericUserDetail);
        DefaultJwtUserDetail defaultJwtUserDetail = new DefaultJwtUserDetail((Long) flatMap.remove(JwtUtils.CLAIM_USER_ID), (String) flatMap.remove(JwtUtils.CLAIM_USER_NAME), null);
        defaultJwtUserDetail.setProperties(flatMap);
        return generateToken((JwtUserDetail) defaultJwtUserDetail);
    }

    @Override // org.onetwo.boot.core.jwt.JwtTokenService
    public JwtTokenInfo generateToken(JwtUserDetail jwtUserDetail) {
        if (jwtUserDetail == null) {
            return null;
        }
        LocalDateTime now = LocalDateTime.now();
        JwtBuilder signWith = Jwts.builder().setSubject(jwtUserDetail.getUserName()).setIssuer(this.jwtConfig.getIssuer()).setAudience(this.jwtConfig.getAudience()).claim(JwtUtils.CLAIM_USER_ID, jwtUserDetail.getUserId()).setIssuedAt(Dates.toDate(now)).setExpiration(Dates.toDate(now.plusSeconds(getExpirationInSeconds().intValue()))).signWith(SignatureAlgorithm.HS512, this.jwtConfig.getSigningKey());
        if (jwtUserDetail.getProperties() != null) {
            jwtUserDetail.getProperties().forEach((str, obj) -> {
                signWith.claim(getPropertyKey(str), obj);
            });
        }
        return JwtTokenInfo.builder().token(signWith.compact()).build();
    }

    private String getPropertyKey(String str) {
        return this.propertyKey + str;
    }

    private boolean isPropertyKey(Object obj) {
        return obj.toString().startsWith(this.propertyKey);
    }

    private String getProperty(String str) {
        return str.substring(this.propertyKey.length());
    }

    @Override // org.onetwo.boot.core.jwt.JwtTokenService
    public <T extends GenericUserDetail<?>> T createUserDetail(String str, Class<T> cls) {
        return (T) createUserDetail(createUserDetail(str), cls);
    }

    public <T extends GenericUserDetail<?>> T createUserDetail(JwtUserDetail jwtUserDetail, Class<T> cls) {
        return (T) JwtUtils.createUserDetail(jwtUserDetail, cls);
    }

    @Override // org.onetwo.boot.core.jwt.JwtTokenService
    public JwtUserDetail createUserDetail(String str) {
        Claims createClaimsFromToken = createClaimsFromToken(str);
        if (Dates.toLocalDateTime(createClaimsFromToken.getExpiration()).isBefore(LocalDateTime.now())) {
            if (log.isErrorEnabled()) {
                log.error("登录的token已过时，需要重新登录: {}", str);
            }
            throw new ServiceException(JwtErrors.CM_ERROR_TOKEN);
        }
        Map<String, Object> map = (Map) createClaimsFromToken.entrySet().stream().filter(entry -> {
            return isPropertyKey(entry.getKey());
        }).collect(Collectors.toMap(entry2 -> {
            return getProperty((String) entry2.getKey());
        }, entry3 -> {
            return entry3.getValue();
        }));
        Long valueOf = Long.valueOf(Long.parseLong(createClaimsFromToken.get(JwtUtils.CLAIM_USER_ID).toString()));
        Boolean bool = false;
        if (map.containsKey(DefaultJwtUserDetail.ANONYMOUS_LOGIN_KEY)) {
            bool = (Boolean) Types.convertValue(map.get(DefaultJwtUserDetail.ANONYMOUS_LOGIN_KEY).toString(), Boolean.class);
        }
        DefaultJwtUserDetail buildJwtUserDetail = buildJwtUserDetail(bool, valueOf, createClaimsFromToken.getSubject(), map);
        buildJwtUserDetail.setClaims(createClaimsFromToken);
        if ((createClaimsFromToken.getExpiration().getTime() - System.currentTimeMillis()) / 1000 <= this.jwtConfig.getRefreshTokenIfRemainingSeconds()) {
            if (log.isInfoEnabled()) {
                log.info("token remaining in seconds: {}, generate new token...");
            }
            buildJwtUserDetail.setNewToken(generateToken((JwtUserDetail) buildJwtUserDetail));
        }
        return buildJwtUserDetail;
    }

    protected DefaultJwtUserDetail buildJwtUserDetail(Boolean bool, Long l, String str, Map<String, Object> map) {
        DefaultJwtUserDetail defaultJwtUserDetail = new DefaultJwtUserDetail(l, str, bool);
        defaultJwtUserDetail.setProperties(map);
        return defaultJwtUserDetail;
    }

    protected final Claims createClaimsFromToken(String str) {
        try {
            return (DefaultClaims) Jwts.parser().setSigningKey(this.jwtConfig.getSigningKey()).parse(str).getBody();
        } catch (ExpiredJwtException e) {
            throw new ServiceException(JwtErrors.CM_NOT_LOGIN, e).put("token", str);
        } catch (Exception e2) {
            throw new ServiceException(JwtErrors.CM_ERROR_TOKEN, e2).put("token", str);
        }
    }

    public void setJwtConfig(JwtConfig jwtConfig) {
        this.jwtConfig = jwtConfig;
    }
}
