package com.tencent.supersonic.auth.authentication.utils;

import cn.hutool.core.convert.Convert;
import cn.hutool.core.text.CharSequenceUtil;
import com.els.common.exception.ELSBootException;
import com.els.common.system.vo.LoginUser;
import com.els.common.util.SysUtil;
import com.tencent.supersonic.auth.api.authentication.config.AuthenticationConfig;
import com.tencent.supersonic.auth.api.authentication.pojo.User;
import com.tencent.supersonic.auth.api.authentication.pojo.UserWithPassword;
import com.tencent.supersonic.common.pojo.exception.AccessException;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/tencent/supersonic/auth/authentication/utils/UserTokenUtils.class */
public class UserTokenUtils {
    private static final Logger log = LoggerFactory.getLogger(UserTokenUtils.class);
    private AuthenticationConfig authenticationConfig;

    public UserTokenUtils(AuthenticationConfig authenticationConfig) {
        this.authenticationConfig = authenticationConfig;
    }

    public String generateToken(UserWithPassword userWithPassword, HttpServletRequest httpServletRequest) {
        return generateToken((User) userWithPassword, getAppKey(httpServletRequest));
    }

    public String generateToken(User user, String str) {
        HashMap hashMap = new HashMap(5);
        hashMap.put("token_user_id", user.getId());
        hashMap.put("token_user_name", StringUtils.isEmpty(user.getName()) ? "" : user.getName());
        hashMap.put("token_user_password", StringUtils.isEmpty(user.getPassword()) ? "" : user.getPassword());
        hashMap.put("token_user_display_name", user.getDisplayName());
        hashMap.put("token_create_time", Long.valueOf(System.currentTimeMillis()));
        hashMap.put("token_is_admin", user.getIsAdmin());
        return generate(hashMap, str);
    }

    public String generateAdminToken(HttpServletRequest httpServletRequest) {
        UserWithPassword userWithPassword = new UserWithPassword();
        userWithPassword.setId("1");
        userWithPassword.setName("admin");
        userWithPassword.setPassword("c3VwZXJzb25pY0BiaWNvbdktJJYWw6A3rEmBUPzbn/6DNeYnD+y3mAwDKEMS3KVT");
        return generateToken(userWithPassword, httpServletRequest);
    }

    public User getUser(HttpServletRequest httpServletRequest) {
        if (CharSequenceUtil.isEmpty(httpServletRequest.getHeader(this.authenticationConfig.getTokenHttpHeaderKey()))) {
            throw new ELSBootException("用户未登录");
        }
        LoginUser loginUser = SysUtil.getLoginUser();
        if (null == loginUser) {
            throw new ELSBootException("用户未登录");
        }
        return (User) Convert.convert(User.class, loginUser);
    }

    public User getUser(String str, String str2) {
        return getUser(getClaims(str, str2));
    }

    private User getUser(Claims claims) {
        claims.getOrDefault("token_user_id", 0).toString();
        String.valueOf(claims.get("token_user_name"));
        String.valueOf(claims.get("token_user_email"));
        String.valueOf(claims.get("token_user_display_name"));
        LoginUser loginUser = SysUtil.getLoginUser();
        if (null == loginUser) {
            throw new ELSBootException("用户未登录");
        }
        return (User) Convert.convert(User.class, loginUser);
    }

    public User getLoginUserInfo(HttpServletRequest httpServletRequest) {
        if (!StringUtils.isBlank(httpServletRequest.getHeader(this.authenticationConfig.getTokenHttpHeaderKey()))) {
            return getUser(httpServletRequest);
        }
        log.warn("{}, uri: {}", "token is blank, get user failed", httpServletRequest.getServletPath());
        throw new AccessException("token is blank, get user failed");
    }

    private Claims getClaims(String str, HttpServletRequest httpServletRequest) {
        try {
            return getClaims(str, getAppKey(httpServletRequest));
        } catch (Exception e) {
            throw new AccessException("parse user info from token failed :" + str);
        }
    }

    private Claims getClaims(String str, String str2) {
        try {
            return (Claims) Jwts.parser().setSigningKey(getTokenSecret(str2).getBytes(StandardCharsets.UTF_8)).build().parseClaimsJws(getTokenString(str)).getBody();
        } catch (Exception e) {
            log.error("getClaims", e);
            throw new AccessException("parse user info from token failed :" + str);
        }
    }

    @NotNull
    private static String getTokenString(String str) {
        return str.startsWith("Bearer") ? str.substring(str.indexOf("Bearer") + "Bearer".length()).trim() : str.trim();
    }

    private String generate(Map<String, Object> map, String str) {
        return toTokenString(map, str);
    }

    private String toTokenString(Map<String, Object> map, String str) {
        return Jwts.builder().setClaims(map).setSubject(map.get("token_user_name").toString()).setExpiration(new Date(Long.parseLong(map.get("token_create_time")) + this.authenticationConfig.getTokenTimeout().longValue())).signWith(new SecretKeySpec(getTokenSecret(str).getBytes(StandardCharsets.UTF_8), SignatureAlgorithm.HS512.getJcaName()), SignatureAlgorithm.HS512).compact();
    }

    private String getTokenSecret(String str) {
        String str2 = (String) this.authenticationConfig.getAppKeyToSecretMap().get(str);
        if (StringUtils.isBlank(str2)) {
            throw new AccessException("get secret from appKey failed :" + str);
        }
        return str2;
    }

    public String getAppKey(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.authenticationConfig.getTokenHttpHeaderAppKey());
        if (StringUtils.isBlank(header)) {
            header = this.authenticationConfig.getTokenDefaultAppKey();
        }
        return header;
    }
}
