package net.guerlab.smart.platform.auth.factory;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Header;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.SignatureException;
import io.jsonwebtoken.UnsupportedJwtException;
import java.time.LocalDateTime;
import java.time.ZoneId;
import java.util.Date;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import net.guerlab.smart.platform.auth.domain.TokenInfo;
import net.guerlab.smart.platform.auth.enums.TokenType;
import net.guerlab.smart.platform.auth.properties.JwtTokenFactoryProperties;

/* loaded from: input_file:BOOT-INF/lib/smart-platform-auth-20.2.0.jar:net/guerlab/smart/platform/auth/factory/AbstractJwtTokenFactory.class */
public abstract class AbstractJwtTokenFactory<T, P extends JwtTokenFactoryProperties> extends AbstractTokenFactory<T, P> {
    private static JwtBuilder builder() {
        JwtBuilder builder = Jwts.builder();
        builder.setHeaderParam(Header.TYPE, Header.JWT_TYPE);
        return builder;
    }

    private static TokenInfo build(String str, JwtBuilder jwtBuilder, long j, String str2) {
        long currentTimeMillis = System.currentTimeMillis();
        Date date = new Date(currentTimeMillis);
        Date date2 = null;
        LocalDateTime localDateTime = null;
        if (j >= 0) {
            date2 = new Date(currentTimeMillis + j);
            localDateTime = LocalDateTime.ofInstant(date2.toInstant(), ZoneId.systemDefault());
            jwtBuilder.setExpiration(date2).setNotBefore(date);
        }
        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
        jwtBuilder.signWith(signatureAlgorithm, new SecretKeySpec(createKey(str2), signatureAlgorithm.getJcaName()));
        TokenInfo tokenInfo = new TokenInfo();
        tokenInfo.setExpire(Long.valueOf(date2 == null ? -1L : j));
        tokenInfo.setExpireAt(localDateTime);
        tokenInfo.setToken(str + jwtBuilder.compact());
        return tokenInfo;
    }

    private static Jws<Claims> parserToken(String str, String str2, TokenType tokenType) {
        try {
            return Jwts.parser().setSigningKey(createKey(str2)).parseClaimsJws(str);
        } catch (ExpiredJwtException e) {
            throw tokenType.expiredException();
        } catch (MalformedJwtException | SignatureException | UnsupportedJwtException | IllegalArgumentException e2) {
            throw tokenType.invalidException();
        }
    }

    private static byte[] createKey(String str) {
        return DatatypeConverter.parseBase64Binary(str == null ? "" : str);
    }

    @Override // net.guerlab.smart.platform.auth.factory.TokenFactory
    public final TokenInfo generateByAccessToken(T t) {
        JwtBuilder builder = builder();
        generateToken0(builder, t);
        return build(getAccessTokenPrefix(), builder, ((JwtTokenFactoryProperties) this.properties).getAccessTokenExpire(), ((JwtTokenFactoryProperties) this.properties).getAccessTokenSigningKey());
    }

    @Override // net.guerlab.smart.platform.auth.factory.TokenFactory
    public final TokenInfo generateByRefreshToken(T t) {
        JwtBuilder builder = builder();
        generateToken0(builder, t);
        return build(getRefreshTokenPrefix(), builder, ((JwtTokenFactoryProperties) this.properties).getRefreshTokenExpire(), ((JwtTokenFactoryProperties) this.properties).getRefreshTokenSigningKey());
    }

    @Override // net.guerlab.smart.platform.auth.factory.TokenFactory
    public final T parseByAccessToken(String str) {
        return parse0(parserToken(str.substring(getAccessTokenPrefix().length()), ((JwtTokenFactoryProperties) this.properties).getAccessTokenSigningKey(), TokenType.ACCESS_TOKEN).getBody());
    }

    @Override // net.guerlab.smart.platform.auth.factory.TokenFactory
    public final T parseByRefreshToken(String str) {
        return parse0(parserToken(str.substring(getRefreshTokenPrefix().length()), ((JwtTokenFactoryProperties) this.properties).getRefreshTokenSigningKey(), TokenType.REFRESH_TOKEN).getBody());
    }

    protected abstract T parse0(Claims claims);

    protected abstract void generateToken0(JwtBuilder jwtBuilder, T t);
}
