package dust.service.micro.security.jwt;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONException;
import com.alibaba.fastjson.JSONObject;
import dust.commons.util.Converter;
import dust.service.micro.config.DustMsProperties;
import dust.service.micro.security.DustAuthentication;
import dust.service.micro.security.SysParam;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.SignatureException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:dust/service/micro/security/jwt/JWTAuthenticationImpl.class */
public class JWTAuthenticationImpl implements IAuthentication {
    private final Logger logger = LoggerFactory.getLogger(JWTAuthenticationImpl.class);
    public static final String AUTHORITIES_KEY = "auth";
    public static final String AUTHORIZATION_HEADER = "X-TOKEN";
    public static final String AUTHORIZATION_PARAMETER = "token";
    protected DustMsProperties dustMsProperties;

    public JWTAuthenticationImpl(DustMsProperties dustMsProperties) {
        this.dustMsProperties = dustMsProperties;
    }

    @Override // dust.service.micro.security.jwt.IAuthentication
    public boolean validateRequest(HttpServletRequest httpServletRequest) {
        if (isEnable()) {
            return validateRequestByDust(httpServletRequest);
        }
        return true;
    }

    public boolean validateRequestByDust(HttpServletRequest httpServletRequest) {
        try {
            DustAuthentication dustAuthentication = null;
            String resolveToken = resolveToken(httpServletRequest);
            if (StringUtils.isEmpty(resolveToken)) {
                return false;
            }
            if (resolveToken.startsWith("Bearer ")) {
                dustAuthentication = bearer2Authentication(resolveToken);
            }
            if (resolveToken.startsWith("{") && resolveToken.endsWith("}")) {
                dustAuthentication = Json2Authentication(resolveToken);
            }
            if (dustAuthentication == null) {
                debuggerLog("无效的token，无法转化为DustAuthentication");
                return false;
            }
            SecurityContextHolder.getContext().setAuthentication(dustAuthentication);
            if (dustAuthentication.getSysParam() != null) {
                return true;
            }
            dustAuthentication.setSysParam(resolveSysParam(httpServletRequest));
            return true;
        } catch (SignatureException e) {
            debuggerLog("无效的token, 无法parse为可识别的信息");
            return false;
        } catch (JWTException e2) {
            debuggerLog("jsonwebtoken第三方认证失败");
            return false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v19, types: [java.util.Map] */
    @Override // dust.service.micro.security.jwt.IAuthentication
    public String createToken(Authentication authentication, Boolean bool) {
        long time = new Date().getTime();
        Date date = bool.booleanValue() ? new Date(time + getTokenValidityInSecondsForRememberMe()) : new Date(time + getTokenValidityInSeconds());
        HashMap hashMap = new HashMap();
        hashMap.put("sub", authentication.getName());
        if (authentication.getDetails() instanceof Map) {
            hashMap = (Map) authentication.getDetails();
        }
        return Jwts.builder().setSubject(authentication.getName()).setClaims(hashMap).signWith(SignatureAlgorithm.HS512, getSecretKey()).setExpiration(date).compact();
    }

    protected DustAuthentication Json2Authentication(String str) throws JWTException {
        try {
            JSONObject parseObject = JSON.parseObject(str);
            return new DustAuthentication(parseObject.getString(getUserKey()), parseObject);
        } catch (JSONException e) {
            throw new JWTException("token不满足JSON格式", e);
        }
    }

    protected String getUserKey() {
        return DustAuthentication.USER_KEY;
    }

    protected DustAuthentication bearer2Authentication(String str) throws JWTException {
        JSONObject jSONObject = new JSONObject((Claims) Jwts.parser().setSigningKey(getSecretKey()).parseClaimsJws(str.substring(7, str.length())).getBody());
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("JWT.Claims:" + jSONObject);
        }
        if (jSONObject != null) {
            return new DustAuthentication(jSONObject.getString(getUserKey()), jSONObject);
        }
        throw new JWTException("没有找到可解析的token信息");
    }

    protected String resolveToken(HttpServletRequest httpServletRequest) throws JWTException {
        String header = httpServletRequest.getHeader(AUTHORIZATION_HEADER);
        if (StringUtils.isEmpty(header)) {
            header = httpServletRequest.getParameter(AUTHORIZATION_PARAMETER);
        }
        return header;
    }

    protected SysParam resolveSysParam(HttpServletRequest httpServletRequest) {
        SysParam sysParam = new SysParam();
        httpServletRequest.getParameterMap().forEach((str, strArr) -> {
            if (StringUtils.equalsIgnoreCase(str, SysParam.APP_ID)) {
                sysParam.setAppId((strArr == null || strArr.length <= 0) ? "" : strArr[0]);
            }
            if (StringUtils.equalsIgnoreCase(str, SysParam.TENANT_ID)) {
                sysParam.setTenantId((strArr == null || strArr.length <= 0) ? "" : strArr[0]);
            }
            if (StringUtils.equalsIgnoreCase(str, SysParam.TIMESTAMP)) {
                sysParam.setTimestamp(Converter.toLong((strArr == null || strArr.length <= 0) ? "" : strArr[0]).longValue());
            }
        });
        return sysParam;
    }

    public boolean isEnable() {
        return this.dustMsProperties.getSecurity().getAuthentication().getJwt().isEnable();
    }

    public String getSecretKey() {
        return this.dustMsProperties.getSecurity().getAuthentication().getJwt().getSecret();
    }

    public long getTokenValidityInSeconds() {
        return 1000 * this.dustMsProperties.getSecurity().getAuthentication().getJwt().getTokenValidityInSeconds();
    }

    public long getTokenValidityInSecondsForRememberMe() {
        return 1000 * this.dustMsProperties.getSecurity().getAuthentication().getJwt().getTokenValidityInSecondsForRememberMe();
    }

    private void debuggerLog(String str) {
        if (this.logger.isDebugEnabled()) {
            this.logger.debug(str);
        }
    }
}
