package com.github.sulo.core.common.jwt;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.sulo.core.common.jwt.domain.JwtUser;
import com.github.sulo.core.exception.BizException;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import java.security.Key;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.util.Date;

/* loaded from: input_file:com/github/sulo/core/common/jwt/JwtTool.class */
public abstract class JwtTool {
    private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
    private static final JwtConfig JWT_CONFIG = new JwtConfig();

    /* loaded from: input_file:com/github/sulo/core/common/jwt/JwtTool$JwtConfig.class */
    public static class JwtConfig {
        private String Issuer;
        private String aesKey;
        private boolean aesEncode;
        private Key key;
        private SignatureAlgorithm algorithm;
        private Date expireDate;

        public String getIssuer() {
            return this.Issuer;
        }

        public void setIssuer(String str) {
            this.Issuer = str;
        }

        public String getAesKey() {
            return this.aesKey;
        }

        public void setAesKey(String str) {
            this.aesKey = str;
        }

        public boolean isAesEncode() {
            return this.aesEncode;
        }

        public void setAesEncode(boolean z) {
            this.aesEncode = z;
        }

        public Key getKey() {
            return this.key;
        }

        public void setKey(Key key) {
            this.key = key;
        }

        public SignatureAlgorithm getAlgorithm() {
            return this.algorithm;
        }

        public void setAlgorithm(SignatureAlgorithm signatureAlgorithm) {
            this.algorithm = signatureAlgorithm;
        }

        public Date getExpireDate() {
            return this.expireDate;
        }

        public void setExpireDate(Date date) {
            this.expireDate = date;
        }
    }

    public static String create(JwtUser jwtUser) {
        try {
            String writeValueAsString = OBJECT_MAPPER.writeValueAsString(jwtUser);
            if (JWT_CONFIG.aesEncode) {
                writeValueAsString = Design.encode(writeValueAsString, JWT_CONFIG.aesKey);
            }
            return Jwts.builder().setIssuer(JWT_CONFIG.Issuer).setAudience(writeValueAsString).setNotBefore(new Date()).setExpiration(JWT_CONFIG.expireDate).signWith(JWT_CONFIG.key, JWT_CONFIG.algorithm).compact();
        } catch (Exception e) {
            e.printStackTrace();
            throw new BizException((Integer) 500, "create jwt token exception");
        }
    }

    public static <T extends JwtUser> T parse(String str, Class<T> cls) {
        if (str == null || str.isEmpty()) {
            throw new BizException((Integer) 500, "token must not be null");
        }
        try {
            String audience = ((Claims) Jwts.parserBuilder().requireIssuer(JWT_CONFIG.Issuer).setAllowedClockSkewSeconds(60L).setSigningKey(JWT_CONFIG.key).build().parseClaimsJws(str).getBody()).getAudience();
            if (JWT_CONFIG.aesEncode) {
                audience = Design.decode(audience, JWT_CONFIG.aesKey);
            }
            return (T) OBJECT_MAPPER.readValue(audience, cls);
        } catch (Exception e) {
            e.printStackTrace();
            throw new BizException((Integer) 500, "parse jwt token exception");
        }
    }

    public static JwtConfig getJwtConfig() {
        return JWT_CONFIG;
    }

    static {
        JWT_CONFIG.setAesEncode(false);
        JWT_CONFIG.setAesKey(Design.generatorKey(128));
        JWT_CONFIG.setAlgorithm(SignatureAlgorithm.HS256);
        JWT_CONFIG.setExpireDate(Date.from(LocalDateTime.now().plusHours(12L).toInstant(ZoneOffset.ofHours(8))));
        JWT_CONFIG.setKey(Keys.secretKeyFor(JWT_CONFIG.algorithm));
    }
}
