package tao.web.jwt;

import cn.hutool.core.date.DateUtil;
import cn.hutool.core.lang.Assert;
import com.alibaba.fastjson.JSON;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.Date;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import tao.base.cache.ICache;
import tao.base.util.string.StringUtil;

/* loaded from: input_file:tao/web/jwt/JWTService.class */
public class JWTService {
    public static final String JWT_CACHE_REGION = "jwtToken";

    @Value("${ab.jwt.header:Authorization}")
    private String header;

    @Value("${ab.jwt.tokenHead:Bearer-}")
    private String tokenHead;

    @Value("${ab.jwt.enabled:false}")
    private Boolean enabled;

    @Value("${ab.jwt.secret:asd%WE^@&fas156dfa}")
    private String secret;

    @Value("${ab.jwt.issuer:taoBPM}")
    private String issuer;

    @Value("${ab.jwt.notBeforeMinute:15}")
    private Long notBeforeMinute;

    @Autowired
    private ICache<String> icache;
    private final Logger logger = LoggerFactory.getLogger(getClass());

    @Value("${ab.jwt.expiration: 86400}")
    private Long expirationSecond = 86400L;

    public String getJwtHeader() {
        return this.header;
    }

    public String getJwtTokenHead() {
        return this.tokenHead;
    }

    public Boolean getJwtEnabled() {
        return this.enabled;
    }

    private Claims getClaimsFromToken(String str) {
        return (Claims) Jwts.parser().setSigningKey(this.secret).parseClaimsJws(str).getBody();
    }

    public String getSubjectFromToken(String str) {
        String str2;
        try {
            str2 = getClaimsFromToken(str).getSubject();
        } catch (Exception e) {
            this.logger.debug("从令牌中获取认证失败", e);
            str2 = null;
        }
        return str2;
    }

    public Boolean validateToken(String str) {
        try {
            Claims claimsFromToken = getClaimsFromToken(str);
            return Boolean.valueOf(new Date().after(claimsFromToken.getNotBefore()) && new Date().before(claimsFromToken.getExpiration()));
        } catch (Exception e) {
            this.logger.debug("验证令牌是否时间有效失败", e);
            return false;
        }
    }

    public String getValidSubjectFromRedisToken(String str) {
        if (StringUtil.isEmpty(str)) {
            return null;
        }
        try {
            Claims claimsFromToken = getClaimsFromToken(str);
            if (claimsFromToken != null) {
                String str2 = (String) this.icache.getByKey(JWT_CACHE_REGION, String.format("jwt:%s:%s", claimsFromToken.getAudience(), claimsFromToken.getSubject()));
                if (StringUtil.isEmpty(str2)) {
                    this.logger.debug("JWT token 校验失败，token 已过期,签发时间 " + DateUtil.formatDateTime(claimsFromToken.getIssuedAt()));
                    return null;
                }
                if (str.equals(str2)) {
                    this.icache.add2Region(JWT_CACHE_REGION, String.format("jwt:%s:%s", claimsFromToken.getAudience(), claimsFromToken.getSubject()), str2);
                    return claimsFromToken.getSubject();
                }
                this.logger.info("JWT token 校验失败，服务器 token 与 被校验 token 不一致！ 同一签发对象的 token 不支持多地登录 {}", claimsFromToken.toString());
            }
            return null;
        } catch (Exception e) {
            this.logger.warn("解析令牌失败", e);
            return null;
        }
    }

    public void logoutRedisToken(String str) {
        if (StringUtil.isEmpty(str)) {
            return;
        }
        try {
            Claims claimsFromToken = getClaimsFromToken(str);
            if (claimsFromToken != null) {
                this.icache.delByKey(JWT_CACHE_REGION, String.format("jwt:%s:%s", claimsFromToken.getAudience(), claimsFromToken.getSubject()));
            }
        } catch (Exception e) {
            this.logger.warn("解析令牌失败", e);
        }
    }

    public String generateToken(String str, String str2) {
        Assert.notBlank(str2, "生成token 签发对象 不能为空", new Object[0]);
        String compact = Jwts.builder().setIssuer(this.issuer).setSubject(str).setAudience(str2).setIssuedAt(new Date()).signWith(SignatureAlgorithm.HS512, this.secret).compact();
        if (this.icache != null) {
            this.icache.add2Region(JWT_CACHE_REGION, String.format("jwt:%s:%s", str2, str), compact);
        }
        return compact;
    }

    public static void main(String[] strArr) {
        JWTService jWTService = new JWTService();
        jWTService.tokenHead = "Bearer-";
        jWTService.header = "Authorization";
        jWTService.header = "Bearer-";
        jWTService.issuer = "taoBPM";
        jWTService.secret = "asd%WE^@&fas156dfa";
        jWTService.notBeforeMinute = 15L;
        System.out.println(JSON.toJSONString(jWTService));
        String generateToken = jWTService.generateToken("admin", "pc");
        System.out.println(generateToken);
        Claims claimsFromToken = jWTService.getClaimsFromToken(generateToken);
        System.out.println(claimsFromToken);
        System.out.println(DateUtil.formatDateTime(claimsFromToken.getIssuedAt()));
    }
}
