package com.artfess.base.jwt;

import com.artfess.base.cache.annotation.CacheEvict;
import com.artfess.base.cache.annotation.CachePut;
import com.artfess.base.cache.annotation.Cacheable;
import com.artfess.base.cache.annotation.FirstCache;
import com.artfess.base.cache.annotation.SecondaryCache;
import com.artfess.base.conf.JwtConfig;
import com.artfess.base.constants.CacheKeyConst;
import com.artfess.base.constants.SystemConstants;
import com.artfess.base.constants.TenantConstant;
import com.artfess.base.constants.WebsocketConst;
import com.artfess.base.context.BaseContext;
import com.artfess.base.util.AppUtil;
import com.artfess.base.util.StringUtil;
import com.artfess.base.util.string.StringPool;
import com.artfess.uc.api.model.IUser;
import com.artfess.uc.api.service.IUserService;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Clock;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.impl.DefaultClock;
import java.io.Serializable;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.function.Function;
import javax.annotation.Resource;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

@Component
/* loaded from: input_file:com/artfess/base/jwt/JwtTokenHandler.class */
public class JwtTokenHandler implements Serializable {

    @Resource
    JwtConfig jwtConfig;
    static final String CLAIM_KEY_USERNAME = "sub";
    static final String CLAIM_KEY_CREATED = "iat";
    private static final long serialVersionUID = -3301605591108950415L;
    private Clock clock = DefaultClock.INSTANCE;

    public String getUsernameFromToken(String str) {
        return (String) getClaimFromToken(str, (v0) -> {
            return v0.getSubject();
        });
    }

    public Date getIssuedAtDateFromToken(String str) {
        return (Date) getClaimFromToken(str, (v0) -> {
            return v0.getIssuedAt();
        });
    }

    public Date getExpirationDateFromToken(String str) {
        return (Date) getClaimFromToken(str, (v0) -> {
            return v0.getExpiration();
        });
    }

    public <T> T getClaimFromToken(String str, Function<Claims, T> function) {
        return function.apply(getAllClaimsFromToken(str));
    }

    private Claims getAllClaimsFromToken(String str) {
        return (Claims) Jwts.parser().setSigningKey(this.jwtConfig.getSecret()).parseClaimsJws(str).getBody();
    }

    public Boolean isTokenExpired(String str) {
        return Boolean.valueOf(getExpirationDateFromToken(str).before(this.clock.now()));
    }

    private Boolean isCreatedBeforeLastPasswordReset(Date date, Date date2) {
        return Boolean.valueOf(date2 != null && date.before(date2));
    }

    private Boolean ignoreTokenExpiration(String str) {
        return false;
    }

    public String generateToken(String str) {
        IUser userByAccount = ((IUserService) AppUtil.getBean(IUserService.class)).getUserByAccount(str);
        Assert.notNull(userByAccount, String.format("根据所传账号【%s】未查询到用户", str));
        return generateToken((UserDetails) userByAccount);
    }

    public String generateToken(UserDetails userDetails) {
        HashMap hashMap = new HashMap();
        String str = StringPool.EMPTY;
        String str2 = StringPool.EMPTY;
        if (userDetails instanceof IUser) {
            IUser iUser = (IUser) userDetails;
            str = iUser.getTenantId();
            str2 = iUser.getUserId();
        }
        hashMap.put("tenantId", str);
        hashMap.put(WebsocketConst.MSG_USER_ID, str2);
        return doGenerateToken(hashMap, userDetails.getUsername());
    }

    private String doGenerateToken(Map<String, Object> map, String str) {
        Date now = this.clock.now();
        return Jwts.builder().setClaims(map).setSubject(str).setIssuedAt(now).setExpiration(calculateExpirationDate(now)).signWith(SignatureAlgorithm.HS512, this.jwtConfig.getSecret()).compact();
    }

    public Boolean canTokenBeRefreshed(String str, Date date) {
        return Boolean.valueOf(!isCreatedBeforeLastPasswordReset(getIssuedAtDateFromToken(str), date).booleanValue() && (!isTokenExpired(str).booleanValue() || ignoreTokenExpiration(str).booleanValue()));
    }

    public String refreshToken(String str) {
        Date now = this.clock.now();
        Date calculateExpirationDate = calculateExpirationDate(now);
        Claims allClaimsFromToken = getAllClaimsFromToken(str);
        allClaimsFromToken.setIssuedAt(now);
        allClaimsFromToken.setExpiration(calculateExpirationDate);
        return Jwts.builder().setClaims(allClaimsFromToken).signWith(SignatureAlgorithm.HS512, this.jwtConfig.getSecret()).compact();
    }

    public Boolean validateToken(String str, UserDetails userDetails) {
        String usernameFromToken = getUsernameFromToken(str);
        getIssuedAtDateFromToken(str);
        return Boolean.valueOf(usernameFromToken.equals(userDetails.getUsername()) && !isTokenExpired(str).booleanValue());
    }

    private Date calculateExpirationDate(Date date) {
        return new Date(date.getTime() + (this.jwtConfig.getExpiration() * 1000));
    }

    public String getTenantIdFromToken(String str) {
        return (String) getAllClaimsFromToken(str).get("tenantId", String.class);
    }

    public String getUserIdFromToken(String str) {
        return (String) getAllClaimsFromToken(str).get(WebsocketConst.MSG_USER_ID, String.class);
    }

    public String generateFeignToken() {
        BaseContext baseContext = (BaseContext) AppUtil.getBean(BaseContext.class);
        HashMap hashMap = new HashMap();
        String currentUserId = baseContext.getCurrentUserId();
        String currentUserAccout = baseContext.getCurrentUserAccout();
        if (TenantConstant.PLATFORM_TENANT_ID.equals(currentUserAccout) || StringUtil.isEmpty(currentUserAccout)) {
            currentUserAccout = SystemConstants.SYSTEM_ACCOUNT;
        }
        String currentTenantId = baseContext.getCurrentTenantId();
        hashMap.put(WebsocketConst.MSG_USER_ID, currentUserId);
        hashMap.put("tenantId", currentTenantId);
        return doGenerateFeignToken(hashMap, currentUserAccout);
    }

    private String doGenerateFeignToken(Map<String, Object> map, String str) {
        Date now = this.clock.now();
        return Jwts.builder().setClaims(map).setSubject(str).setIssuedAt(now).setExpiration(calculateFeignExpirationDate(now)).signWith(SignatureAlgorithm.HS512, this.jwtConfig.getSecret()).compact();
    }

    public Boolean validateFeignToken(String str) {
        String usernameFromToken = getUsernameFromToken(str);
        BaseContext baseContext = (BaseContext) AppUtil.getBean(BaseContext.class);
        getIssuedAtDateFromToken(str);
        return Boolean.valueOf(usernameFromToken.equals(baseContext.getCurrentUserAccout()) && !isTokenExpired(str).booleanValue());
    }

    private Date calculateFeignExpirationDate(Date date) {
        return new Date(date.getTime() + (this.jwtConfig.getExpiration() * 1000));
    }

    @Cacheable(value = {CacheKeyConst.EIP_UC_USER_TOKEN}, key = "#userAgent+'_'+#tenantId+'_'+#account", ignoreException = false, firstCache = @FirstCache(expireTime = 1800, expireTimeExp = "#expireTime", timeUnit = TimeUnit.SECONDS), secondaryCache = @SecondaryCache(expireTime = 1800, expireTimeExp = "#expireTime", preloadTime = 360, forceRefresh = true, timeUnit = TimeUnit.SECONDS))
    public String getTokenFromCache(String str, String str2, String str3, int i) {
        return null;
    }

    @CachePut(value = {CacheKeyConst.EIP_UC_USER_TOKEN}, key = "#userAgent+'_'+#tenantId+'_'+#account", ignoreException = false, firstCache = @FirstCache(expireTime = 1800, expireTimeExp = "#expireTime", timeUnit = TimeUnit.SECONDS), secondaryCache = @SecondaryCache(expireTime = 1800, expireTimeExp = "#expireTime", preloadTime = 360, forceRefresh = true, timeUnit = TimeUnit.SECONDS))
    public String putTokenInCache(String str, String str2, String str3, int i, String str4) {
        return str4;
    }

    @CacheEvict(value = {CacheKeyConst.EIP_UC_USER_TOKEN}, key = "#userAgent+'_'+#tenantId+'_'+#account", ignoreException = false)
    public void removeFromCache(String str, String str2, String str3) {
    }

    @CachePut(value = {CacheKeyConst.EIP_UC_USER_TOKEN}, key = "#userAgent+'_'+#tenantId+'_'+#account+'_'+#ip", ignoreException = false, firstCache = @FirstCache(expireTime = 1800, expireTimeExp = "#expireTime", timeUnit = TimeUnit.SECONDS), secondaryCache = @SecondaryCache(expireTime = 1800, expireTimeExp = "#expireTime", preloadTime = 360, forceRefresh = true, timeUnit = TimeUnit.SECONDS))
    public String putTokenInCache(String str, String str2, String str3, String str4, int i, String str5) {
        return str5;
    }

    @CacheEvict(value = {CacheKeyConst.EIP_UC_USER_TOKEN}, key = "#userAgent+'_'+#tenantId+'_'+#account+'_'+#ip", ignoreException = false)
    public void removeFromCache(String str, String str2, String str3, String str4) {
    }
}
