package cn.spark2fire.auth.token;

import cn.spark2fire.auth.config.AuthProperties;
import cn.spark2fire.auth.dto.UserToken;
import cn.spark2fire.auth.exception.UserUnauthorizedException;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import java.nio.charset.Charset;
import java.security.Key;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Date;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.SecretKey;
import kotlin.Metadata;
import kotlin.collections.SetsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import org.jetbrains.annotations.NotNull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.authority.SimpleGrantedAuthority;

/* compiled from: JwtTokenService.kt */
@Metadata(mv = {1, 4, 1}, bv = {1, 0, 3}, k = 1, d1 = {"��B\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\u0010\u000e\n\u0002\u0018\u0002\n��\n\u0002\u0010\u0002\n\u0002\b\u0004\n\u0002\u0010\u000b\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\u0018��2\u00020\u0001B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0010\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u000bH\u0016J \u0010\u0010\u001a\u00020\u000b2\u0006\u0010\u000f\u001a\u00020\u000b2\u0006\u0010\u0011\u001a\u00020\u000b2\u0006\u0010\u0012\u001a\u00020\u0013H\u0016J\u0010\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u000bH\u0016J\b\u0010\u0017\u001a\u00020\u0006H\u0002R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0007\u001a\u00020\bX\u0082\u0004¢\u0006\u0002\n��R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n��R\u001a\u0010\t\u001a\u000e\u0012\u0004\u0012\u00020\u000b\u0012\u0004\u0012\u00020\f0\nX\u0082\u0004¢\u0006\u0002\n��¨\u0006\u0018"}, d2 = {"Lcn/spark2fire/auth/token/JwtTokenService;", "Lcn/spark2fire/auth/token/TokenService;", "properties", "Lcn/spark2fire/auth/config/AuthProperties;", "(Lcn/spark2fire/auth/config/AuthProperties;)V", "key", "Ljava/security/Key;", "logger", "Lorg/slf4j/Logger;", "repository", "Ljava/util/concurrent/ConcurrentHashMap;", "", "Lcn/spark2fire/auth/token/Token;", "deleteToken", "", "username", "encodeToken", "authority", "rememberMe", "", "extractToken", "Lcn/spark2fire/auth/dto/UserToken;", "rawToken", "getKey", "auth-jwt"})
/* loaded from: input_file:cn/spark2fire/auth/token/JwtTokenService.class */
public final class JwtTokenService implements TokenService {
    private final Logger logger;
    private final ConcurrentHashMap<String, Token> repository;
    private final Key key;
    private final AuthProperties properties;

    private final Key getKey() {
        if (!(this.properties.getJwt().getSecretKey().length() > 0)) {
            this.logger.info("Generate secret key");
            SecretKey secretKeyFor = Keys.secretKeyFor(SignatureAlgorithm.HS512);
            Intrinsics.checkNotNullExpressionValue(secretKeyFor, "Keys.secretKeyFor(SignatureAlgorithm.HS512)");
            return secretKeyFor;
        }
        this.logger.info("Use secret key from config");
        String secretKey = this.properties.getJwt().getSecretKey();
        Charset charset = Charsets.UTF_8;
        if (secretKey == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = secretKey.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        SecretKey hmacShaKeyFor = Keys.hmacShaKeyFor(bytes);
        Intrinsics.checkNotNullExpressionValue(hmacShaKeyFor, "Keys.hmacShaKeyFor(prope….secretKey.toByteArray())");
        return hmacShaKeyFor;
    }

    @NotNull
    public UserToken extractToken(@NotNull String str) {
        Intrinsics.checkNotNullParameter(str, "rawToken");
        try {
            Jws parseClaimsJws = Jwts.parserBuilder().setSigningKey(this.key).requireIssuer(this.properties.getJwt().getIssuer()).requireSubject(this.properties.getJwt().getSubject()).requireAudience(this.properties.getJwt().getAudience()).build().parseClaimsJws(str);
            Intrinsics.checkNotNullExpressionValue(parseClaimsJws, "jws");
            String str2 = (String) ((Claims) parseClaimsJws.getBody()).get("username", String.class);
            String str3 = (String) ((Claims) parseClaimsJws.getBody()).get("authority", String.class);
            Intrinsics.checkNotNullExpressionValue(str2, "username");
            return new UserToken(str2, SetsKt.setOf(new SimpleGrantedAuthority(str3)), str);
        } catch (Exception e) {
            this.logger.warn("Token失效", e);
            throw new UserUnauthorizedException("Token失效", 40100, e);
        }
    }

    @NotNull
    public String encodeToken(@NotNull String str, @NotNull String str2, boolean z) {
        Intrinsics.checkNotNullParameter(str, "username");
        Intrinsics.checkNotNullParameter(str2, "authority");
        Instant now = Instant.now();
        String compact = Jwts.builder().setId(UUID.randomUUID().toString()).setIssuer(this.properties.getJwt().getIssuer()).setSubject(this.properties.getJwt().getSubject()).setAudience(this.properties.getJwt().getAudience()).claim("username", str).claim("authority", str2).claim("rememberMe", Boolean.valueOf(z)).setIssuedAt(Date.from(now)).setExpiration(Date.from(z ? now.plus(this.properties.getJwt().getRememberDays(), (TemporalUnit) ChronoUnit.DAYS) : now.plus(this.properties.getIdleTimeout(), (TemporalUnit) ChronoUnit.MINUTES))).signWith(this.key).compact();
        Intrinsics.checkNotNullExpressionValue(compact, "Jwts.builder()\n         …               .compact()");
        return compact;
    }

    public void deleteToken(@NotNull String str) {
        Intrinsics.checkNotNullParameter(str, "username");
        this.repository.remove(str);
    }

    public JwtTokenService(@NotNull AuthProperties authProperties) {
        Intrinsics.checkNotNullParameter(authProperties, "properties");
        this.properties = authProperties;
        Logger logger = LoggerFactory.getLogger(JwtTokenService.class);
        Intrinsics.checkNotNullExpressionValue(logger, "LoggerFactory.getLogger(…TokenService::class.java)");
        this.logger = logger;
        this.repository = new ConcurrentHashMap<>();
        this.key = getKey();
    }
}
