package com.swak.security.authentication;

import com.google.common.collect.Sets;
import com.swak.common.exception.SwakAssert;
import com.swak.common.util.GetterUtil;
import com.swak.core.security.JwtTokenUtils;
import com.swak.core.security.TokenJwtDetails;
import com.swak.core.web.AddressUtils;
import com.swak.core.web.ServletUtils;
import com.swak.security.config.JwtConstants;
import com.swak.security.config.JwtTokenConfig;
import com.swak.security.config.WhitelistConfig;
import com.swak.security.dto.JwtToken;
import com.swak.security.dto.LoginExtInfo;
import com.swak.security.enums.TokenResultCode;
import com.swak.security.exception.JwtTokenException;
import com.swak.security.service.SecurityAuthClientService;
import com.swak.security.spi.TokenJwtExchange;
import eu.bitwalker.useragentutils.UserAgent;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.SignatureException;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/swak/security/authentication/UserTokenServiceImpl.class */
public class UserTokenServiceImpl implements UserTokenService, InitializingBean {
    private static final Logger log = LoggerFactory.getLogger(UserTokenServiceImpl.class);
    private JwtTokenConfig jwtTokenConfig;
    private SecurityAuthClientService securityAuthClientService;

    @Autowired(required = false)
    private WhitelistConfig whitelistConfig;

    @Override // com.swak.security.authentication.UserTokenService
    public String getToken(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.jwtTokenConfig.getToken().getHeader());
        if (StringUtils.isNotEmpty(header) && header.startsWith(JwtConstants.TOKEN_PREFIX)) {
            header = header.replace(JwtConstants.TOKEN_PREFIX, "");
        }
        return GetterUtil.getString(header);
    }

    @Override // com.swak.security.authentication.UserTokenService
    public JwtToken refreshToken(TokenJwtDetails tokenJwtDetails) {
        Long expireSeconds = this.jwtTokenConfig.getToken().getExpireSeconds();
        tokenJwtDetails.setExpireTime(Long.valueOf(System.currentTimeMillis() + (expireSeconds.longValue() * 1000)));
        TokenJwtExchange.getTokenJwtExchange().refresh(tokenJwtDetails.getToken(), createTokenJwt(tokenJwtDetails), expireSeconds);
        return new JwtToken().setAccess_token(tokenJwtDetails.getToken()).setLoginTime(tokenJwtDetails.getLoginTime()).setExpires_in(expireSeconds);
    }

    @Override // com.swak.security.authentication.UserTokenService
    public JwtToken verifyToken(TokenJwtDetails tokenJwtDetails) {
        return tokenJwtDetails.getExpireTime().longValue() <= System.currentTimeMillis() ? refreshToken(tokenJwtDetails) : new JwtToken().setAccess_token(tokenJwtDetails.getToken()).setLoginTime(tokenJwtDetails.getLoginTime()).setExpires_in(this.jwtTokenConfig.getToken().getExpireSeconds());
    }

    @Override // com.swak.security.authentication.UserTokenService
    public String createTokenJwt(TokenJwtDetails tokenJwtDetails) {
        return JwtTokenUtils.encode(tokenJwtDetails, this.jwtTokenConfig.getToken().getSecret());
    }

    @Override // com.swak.security.authentication.UserTokenService
    public TokenJwtDetails getUserDetails(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        try {
            String secret = this.jwtTokenConfig.getToken().getSecret();
            String takeTokenJwt = TokenJwtExchange.getTokenJwtExchange().takeTokenJwt(str);
            if (StringUtils.isEmpty(takeTokenJwt)) {
                return null;
            }
            return JwtTokenUtils.decode(takeTokenJwt, secret);
        } catch (SignatureException e) {
            throw new JwtTokenException(TokenResultCode.TOKEN_SIGN, e);
        } catch (ExpiredJwtException e2) {
            throw new JwtTokenException(TokenResultCode.TOKEN_EXPIRED, e2);
        } catch (Exception e3) {
            throw new JwtTokenException(TokenResultCode.TOKEN_ILLEGAL, e3);
        }
    }

    @Override // com.swak.security.authentication.UserTokenService
    public JwtTokenConfig getJwtTokenConfig() {
        return this.jwtTokenConfig;
    }

    @Override // com.swak.security.authentication.UserTokenService
    public SecurityAuthClientService getAuthClientService() {
        return this.securityAuthClientService;
    }

    @Override // com.swak.security.authentication.UserTokenService
    public Set<String> getAuthWhitelist() {
        this.whitelistConfig = (WhitelistConfig) Optional.ofNullable(this.whitelistConfig).orElse(new WhitelistConfig());
        HashSet hashSet = new HashSet();
        Stream map = ((List) Optional.ofNullable(this.jwtTokenConfig.getPermitUrls()).orElse(Collections.emptyList())).stream().filter((v0) -> {
            return StringUtils.isNotEmpty(v0);
        }).map(StringUtils::trim);
        hashSet.getClass();
        map.forEach((v1) -> {
            r1.add(v1);
        });
        hashSet.add(this.jwtTokenConfig.getLoginUrl());
        hashSet.addAll(this.whitelistConfig.getAuthWhitelist());
        hashSet.addAll(Sets.newHashSet(JwtConstants.AuthWhiteList.AUTH_WHITELIST));
        return hashSet;
    }

    @Override // com.swak.security.authentication.UserTokenService
    public Set<String> getStaticWhitelist() {
        this.whitelistConfig = (WhitelistConfig) Optional.ofNullable(this.whitelistConfig).orElse(new WhitelistConfig());
        HashSet hashSet = new HashSet(Sets.newHashSet(JwtConstants.AuthWhiteList.AUTH_WHITELIST));
        hashSet.addAll(this.whitelistConfig.getStaticWhitelist());
        return hashSet;
    }

    @Override // com.swak.security.authentication.UserTokenService
    public LoginExtInfo getLoginExtInfo(HttpServletRequest httpServletRequest) {
        LoginExtInfo loginExtInfo = new LoginExtInfo();
        UserAgent parseUserAgentString = UserAgent.parseUserAgentString(httpServletRequest.getHeader("User-Agent"));
        String ipAddr = ServletUtils.getIpAddr();
        loginExtInfo.setIpaddr(ipAddr);
        loginExtInfo.setLoginLocation(AddressUtils.getRealAddressByIP(ipAddr, this.jwtTokenConfig.getAddressEnabled()));
        loginExtInfo.setBrowser(parseUserAgentString.getBrowser().getName());
        loginExtInfo.setOs(parseUserAgentString.getOperatingSystem().getName());
        return loginExtInfo;
    }

    public void setJwtTokenConfig(JwtTokenConfig jwtTokenConfig) {
        this.jwtTokenConfig = jwtTokenConfig;
    }

    public void setSecurityAuthClientService(SecurityAuthClientService securityAuthClientService) {
        this.securityAuthClientService = securityAuthClientService;
    }

    public void afterPropertiesSet() throws Exception {
        SwakAssert.notNull(this.securityAuthClientService, "[Swak-Security] securityAuthClientService cannot be null");
        SwakAssert.notNull(this.jwtTokenConfig, "[Swak-Security] jwtTokenConfig cannot be null");
    }
}
