package com.jzt.jk.bigdata.compass.admin.security.token;

import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.ObjectUtil;
import com.alibaba.fastjson.JSON;
import com.jzt.jk.bigdata.compass.admin.dto.JwtUserDto;
import com.jzt.jk.bigdata.compass.admin.security.SecurityProperties;
import com.jzt.jk.redis.util.RedisKey;
import com.jzt.jk.redis.util.RedisUtils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.security.Keys;
import java.security.Key;
import java.time.Duration;
import java.time.LocalDateTime;
import java.time.LocalTime;
import java.time.ZoneId;
import java.time.temporal.TemporalAdjuster;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:BOOT-INF/classes/com/jzt/jk/bigdata/compass/admin/security/token/TokenProvider.class */
public class TokenProvider implements InitializingBean {
    private final SecurityProperties properties;
    private static final String AUTHORITIES_KEY = "auth";
    private Key key;
    private final RedisUtils redisUtils;

    @Override // org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() {
        this.key = Keys.hmacShaKeyFor(Decoders.BASE64.decode(this.properties.getBase64Secret()));
    }

    /* JADX WARN: Type inference failed for: r1v12, types: [java.time.ZonedDateTime] */
    public String createToken(Authentication authentication) {
        String str = (String) authentication.getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).collect(Collectors.joining(","));
        LocalDateTime with = LocalDateTime.now().with((TemporalAdjuster) LocalTime.MAX);
        String compact = Jwts.builder().setSubject(String.valueOf(((JwtUserDto) authentication.getDetails()).getUser().getId())).claim("auth", str).setExpiration(Date.from(with.atZone(ZoneId.systemDefault()).toInstant())).signWith(this.key, SignatureAlgorithm.HS512).setId(IdUtil.simpleUUID()).compact();
        this.redisUtils.set(RedisKey.generateKey("compass", this.properties.getOnlineKey(), compact), JSON.toJSON(authentication.getDetails()), Duration.between(LocalDateTime.now(), with).toMillis(), TimeUnit.MILLISECONDS);
        return compact;
    }

    public Authentication getAuthentication(String str) {
        if (this.redisUtils.get(RedisKey.generateKey("compass", this.properties.getOnlineKey(), str)) == null) {
            return null;
        }
        Claims body = Jwts.parserBuilder().setSigningKey(this.key).build().parseClaimsJws(str).getBody();
        Object obj = body.get("auth");
        Collection emptyList = ObjectUtil.isNotEmpty(obj) ? (Collection) Arrays.stream(obj.toString().split(",")).map(SimpleGrantedAuthority::new).collect(Collectors.toList()) : Collections.emptyList();
        User user = new User(body.getSubject(), "", emptyList);
        Date expiration = body.getExpiration();
        if (expiration != null && new Date().compareTo(expiration) < 0) {
            return new UsernamePasswordAuthenticationToken(user, str, emptyList);
        }
        return null;
    }

    public void loginOut(HttpServletRequest httpServletRequest) {
        String token = getToken(httpServletRequest);
        if (StringUtils.isBlank(token)) {
            return;
        }
        this.redisUtils.del(RedisKey.generateKey("compass", this.properties.getOnlineKey(), token));
    }

    public void checkRenewal(String str) {
    }

    public String getToken(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.properties.getHeader());
        if (header == null || !header.startsWith(this.properties.getTokenStartWith())) {
            return null;
        }
        return header.substring(7);
    }

    public TokenProvider(SecurityProperties securityProperties, RedisUtils redisUtils) {
        this.properties = securityProperties;
        this.redisUtils = redisUtils;
    }
}
