package com.buession.springboot.jwt.autoconfigure;

import com.buession.core.utils.StringUtils;
import com.nimbusds.jose.EncryptionMethod;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import javax.annotation.PostConstruct;
import org.pac4j.core.credentials.extractor.HeaderExtractor;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.http.client.direct.ParameterClient;
import org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration;
import org.pac4j.jwt.config.signature.SecretSignatureConfiguration;
import org.pac4j.jwt.config.signature.SignatureConfiguration;
import org.pac4j.jwt.credentials.authenticator.JwtAuthenticator;
import org.pac4j.jwt.profile.JwtGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@EnableConfigurationProperties({JwtProperties.class})
@Configuration
@ConditionalOnClass({JwtAuthenticator.class, ParameterClient.class})
/* loaded from: input_file:com/buession/springboot/jwt/autoconfigure/JwtConfiguration.class */
public class JwtConfiguration {
    public static final String NAME = "jwt";
    private static final int PAD_SIZE = 32;
    private SignatureConfiguration signatureConfiguration;
    private SecretEncryptionConfiguration secretEncryptionConfiguration;

    @Autowired
    private JwtProperties jwtProperties;
    private static final Logger logger = LoggerFactory.getLogger(JwtConfiguration.class);

    @PostConstruct
    private void initialize() {
        String leftPad = StringUtils.leftPad(this.jwtProperties.getEncryptionKey(), PAD_SIZE, this.jwtProperties.getEncryptionKey());
        String leftPad2 = StringUtils.leftPad(this.jwtProperties.getEncryptionKey(), PAD_SIZE, this.jwtProperties.getEncryptionKey());
        this.signatureConfiguration = new SecretSignatureConfiguration(leftPad, JWSAlgorithm.HS256);
        this.secretEncryptionConfiguration = new SecretEncryptionConfiguration(leftPad2, JWEAlgorithm.DIR, EncryptionMethod.A128CBC_HS256);
    }

    @ConditionalOnMissingBean
    @Bean
    public JwtGenerator<CommonProfile> jwtGenerator() {
        return new JwtGenerator<>(this.signatureConfiguration, this.secretEncryptionConfiguration);
    }

    @ConditionalOnMissingBean
    @ConditionalOnProperty(name = {"pac4j.client.jwt"}, havingValue = "on")
    @Bean
    public ParameterClient jwtClient() {
        ParameterClient parameterClient = new ParameterClient();
        HeaderExtractor headerExtractor = new HeaderExtractor(this.jwtProperties.getParameterName(), this.jwtProperties.getPrefixHeader() == null ? "" : this.jwtProperties.getPrefixHeader());
        JwtAuthenticator jwtAuthenticator = new JwtAuthenticator(this.signatureConfiguration, this.secretEncryptionConfiguration);
        parameterClient.setName(NAME);
        parameterClient.setParameterName(this.jwtProperties.getParameterName());
        parameterClient.setSupportGetRequest(true);
        parameterClient.setAuthenticator(jwtAuthenticator);
        parameterClient.setCredentialsExtractor(headerExtractor);
        logger.debug("initialize {} name => {}, width encryptionKey => {}, parameterName => {}, prefixHeader => {}, headerName => {}", new Object[]{ParameterClient.class.getName(), NAME, this.jwtProperties.getEncryptionKey(), this.jwtProperties.getParameterName(), this.jwtProperties.getPrefixHeader()});
        return parameterClient;
    }
}
