package cronapp.framework.authentication.token;

import cronapi.AppConfig;
import cronapi.RestClient;
import cronapi.Var;
import cronapp.framework.api.ApiManager;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.servlet.http.Cookie;
import org.apache.commons.lang.StringUtils;
import org.springframework.mobile.device.Device;
import org.springframework.security.core.userdetails.UserDetails;

/* loaded from: input_file:cronapp/framework/authentication/token/TokenUtils.class */
public class TokenUtils {
    private static final String SECRET = AppConfig.token();
    private static final String AUDIENCE_MOBILE = "mobile";
    private static final String AUDIENCE_TABLET = "tablet";
    public static final String AUTH_HEADER_NAME = "X-AUTH-TOKEN";
    public static final String AUTH_COOKIE_NAME = "AuthToken";

    public static List<String> getAuthoritiesFromToken(String str) {
        try {
            return (List) getClaimsFromToken(str).get("authorities");
        } catch (Exception e) {
            return new ArrayList();
        }
    }

    public static String getUsernameFromToken(String str) {
        try {
            return getClaimsFromToken(str).getSubject();
        } catch (Exception e) {
            return null;
        }
    }

    public static String getProviderFromToken(String str) {
        try {
            return getClaimsFromToken(str).getIssuer();
        } catch (Exception e) {
            return null;
        }
    }

    private static Date getCreatedDateFromToken(String str) {
        try {
            return new Date(((Long) getClaimsFromToken(str).get("created")).longValue());
        } catch (Exception e) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Date getExpirationDateFromToken(String str) {
        try {
            return getClaimsFromToken(str).getExpiration();
        } catch (Exception e) {
            return null;
        }
    }

    private static String getAudienceFromToken(String str) {
        try {
            return (String) getClaimsFromToken(str).get("audience");
        } catch (Exception e) {
            return null;
        }
    }

    public static Claims getClaimsFromToken(String str) {
        try {
            return (Claims) Jwts.parser().setSigningKey(SECRET).parseClaimsJws(str).getBody();
        } catch (Exception e) {
            return null;
        }
    }

    public static String getNameFromToken(String str) {
        try {
            return (String) getClaimsFromToken(str).get(ApiManager.SECURABLE_ATTRIBUTE_NAME);
        } catch (Exception e) {
            return null;
        }
    }

    public static String getIssuerFromToken(String str) {
        try {
            return (String) getClaimsFromToken(str).get("iss");
        } catch (Exception e) {
            return null;
        }
    }

    public static List<String> getScopeFromToken(String str) {
        try {
            String str2 = (String) getClaimsFromToken(str).get("scope");
            return str2 == null ? List.of() : Arrays.asList(str2.trim().split(" "));
        } catch (Exception e) {
            return List.of();
        }
    }

    public static Date generateCurrentDate() {
        return new Date(System.currentTimeMillis());
    }

    public static Date generateExpirationDate() {
        return new Date(System.currentTimeMillis() + (AppConfig.tokenExpiration() * 1000));
    }

    public static boolean isTokenExpired(String str) {
        Claims claimsFromToken = getClaimsFromToken(str);
        Date expiration = claimsFromToken.getExpiration();
        boolean z = expiration == null || expiration.before(generateCurrentDate());
        if (!z) {
            z = ApiManager.isInvalidatedTokenCacheEnabled() && ApiManager.getInvalidatedTokens().contains(claimsFromToken.getId());
        }
        return z;
    }

    private static boolean isCreatedBeforeLastPasswordReset(Date date, Date date2) {
        return date2 != null && date.before(date2);
    }

    private static String generateAudience(Device device) {
        return device.isNormal() ? "web" : device.isTablet() ? AUDIENCE_TABLET : device.isMobile() ? AUDIENCE_MOBILE : "unknown";
    }

    private static boolean ignoreTokenExpiration(String str) {
        String audienceFromToken = getAudienceFromToken(str);
        return AUDIENCE_TABLET.equals(audienceFromToken) || AUDIENCE_MOBILE.equals(audienceFromToken);
    }

    static String generateToken(UserDetails userDetails, Device device) {
        HashMap hashMap = new HashMap();
        hashMap.put("sub", userDetails.getUsername());
        hashMap.put("audience", generateAudience(device));
        hashMap.put("created", generateCurrentDate());
        hashMap.put("iss", "local");
        return generateToken(hashMap, (Date) null, (String) null);
    }

    static String generateToken(UserDetails userDetails, Device device, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("sub", userDetails.getUsername());
        hashMap.put("audience", generateAudience(device));
        hashMap.put("created", generateCurrentDate());
        hashMap.put("iss", str);
        return generateToken(hashMap, (Date) null, (String) null);
    }

    public static String generateToken(UserDetails userDetails, String str, Device device, String str2) {
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        Enumeration attributeNames = RestClient.getRestClient().getRequest().getAttributeNames();
        if (attributeNames != null) {
            while (attributeNames.hasMoreElements()) {
                String str3 = (String) attributeNames.nextElement();
                if (str3 != null && str3.startsWith("CronappToken:")) {
                    linkedHashMap.put(str3.replace("CronappToken:", ""), Var.valueOf(RestClient.getRestClient().getRequest().getAttribute(str3)).getObject());
                }
            }
        }
        Date date = null;
        if (RestClient.getRestClient().getRequest().getAttribute("CronappTokenExpiration") != null) {
            date = ((Calendar) RestClient.getRestClient().getRequest().getAttribute("CronappTokenExpiration")).getTime();
        }
        HashMap hashMap = new HashMap();
        hashMap.put("sub", userDetails.getUsername());
        hashMap.put("audience", generateAudience(device));
        hashMap.put("created", generateCurrentDate());
        hashMap.put("iss", str2);
        hashMap.put(ApiManager.SECURABLE_ATTRIBUTE_NAME, str);
        hashMap.put("authorities", userDetails.getAuthorities().stream().map(grantedAuthority -> {
            return grantedAuthority.getAuthority();
        }).collect(Collectors.toList()));
        hashMap.putAll(linkedHashMap);
        String token = RestClient.getRestClient().getToken();
        if (StringUtils.isNotBlank(token)) {
            Claims claimsFromToken = getClaimsFromToken(token);
            Objects.requireNonNull(hashMap);
            claimsFromToken.forEach((v1, v2) -> {
                r1.putIfAbsent(v1, v2);
            });
        }
        return generateToken(hashMap, date, (String) null);
    }

    public static String generateToken(Map<String, Object> map, Date date, String str) {
        if (date == null) {
            date = generateExpirationDate();
        }
        if (str == null) {
            str = UUID.randomUUID().toString();
        }
        return Jwts.builder().setClaims(map).setExpiration(date).setId(str).signWith(SignatureAlgorithm.HS512, SECRET).compact();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean canTokenBeRefreshed(String str, Date date) {
        return isCreatedBeforeLastPasswordReset(getCreatedDateFromToken(str), date) && (!isTokenExpired(str) || ignoreTokenExpiration(str));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String refreshToken(String str) {
        try {
            Claims claimsFromToken = getClaimsFromToken(str);
            claimsFromToken.put("created", generateCurrentDate());
            return generateToken((Map<String, Object>) claimsFromToken, (Date) null, claimsFromToken.getId());
        } catch (Exception e) {
            return null;
        }
    }

    public static synchronized void revokeToken(String str) {
        if (ApiManager.isInvalidatedTokenCacheEnabled()) {
            Claims claimsFromToken = getClaimsFromToken(str);
            ApiManager.addInvalidatedToken(claimsFromToken.getId(), claimsFromToken.getExpiration());
        }
    }

    public static Cookie createCookieFromToken(String str, boolean z) {
        Cookie cookie = new Cookie(AUTH_COOKIE_NAME, str);
        cookie.setMaxAge((int) ((getExpirationDateFromToken(str).getTime() / 1000) - (generateCurrentDate().getTime() / 1000)));
        cookie.setSecure(z);
        cookie.setHttpOnly(true);
        return cookie;
    }

    public static String getTokenFromCookie(Cookie[] cookieArr) {
        if (cookieArr == null) {
            return null;
        }
        for (Cookie cookie : cookieArr) {
            if (AUTH_COOKIE_NAME.equals(cookie.getName())) {
                return cookie.getValue();
            }
        }
        return null;
    }
}
