package org.yaukie.auth.service.impl;

import eu.bitwalker.useragentutils.UserAgent;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.Date;
import java.util.HashMap;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Component;
import org.yaukie.auth.constant.AuthCons;
import org.yaukie.auth.entity.LoginUser;
import org.yaukie.auth.service.api.TokenHandlerService;
import org.yaukie.base.redis.RedisOrMapCache;
import org.yaukie.base.util.IpUtil;
import org.yaukie.base.util.SpringContextUtil;
import org.yaukie.base.util.StringTools;
import org.yaukie.base.uuid.IdUtils;

@Component
/* loaded from: input_file:org/yaukie/auth/service/impl/TokenHandlerServiceImpl.class */
public class TokenHandlerServiceImpl implements TokenHandlerService {
    private static final Logger log = LoggerFactory.getLogger(TokenHandlerServiceImpl.class);

    @Autowired
    private RedisOrMapCache redisCache;

    @Value("${yaukie.token.header:Authorization}")
    private String tokenHeader;

    @Value("${yaukie.token.expire:10}")
    private String tokenExpired;

    @Value("${yaukie.token.secret:}")
    private String secret;

    @Value("${yaukie.token.refresh:1}")
    private String refreshExpired;

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public String buildToken(LoginUser loginUser) {
        String fastUUID = IdUtils.fastUUID();
        loginUser.setToken(fastUUID);
        loginUser.setExpireTime(Long.valueOf(System.currentTimeMillis() + (Long.parseLong(this.tokenExpired) * 60 * 1000)));
        loginUser.setLoginTime(new Date());
        setUserAgent(loginUser);
        refreshToken(loginUser);
        HashMap hashMap = new HashMap();
        hashMap.put(AuthCons.LOGIN_USER_KEY, fastUUID);
        return Jwts.builder().setClaims(hashMap).signWith(SignatureAlgorithm.HS512, AuthCons.JWT_SECRET).compact();
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public boolean verifyToken(HttpServletRequest httpServletRequest) {
        if (log.isInfoEnabled()) {
            log.info("令牌验证开始....");
        }
        String token = getToken(httpServletRequest);
        if (StringTools.isEmpty(token)) {
            return false;
        }
        LoginUser loginUser = (LoginUser) this.redisCache.getCacheObject(getTokenKey(token));
        if (StringTools.isNull(loginUser)) {
            return false;
        }
        long longValue = loginUser.getExpireTime().longValue();
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis > longValue) {
            log.info("用户会话标识[token]已经过期...");
            return false;
        }
        if (longValue - currentTimeMillis <= Long.parseLong(this.refreshExpired)) {
            refreshToken(loginUser);
            log.info("登录令牌{}刷新成功", token);
        }
        if (!log.isInfoEnabled()) {
            return true;
        }
        log.info("令牌验证结束....");
        return true;
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public void refreshToken(LoginUser loginUser) {
        String token = loginUser.getToken();
        loginUser.setExpireTime(Long.valueOf(System.currentTimeMillis() + (Integer.parseInt(this.tokenExpired) * 60 * 1000)));
        this.redisCache.setCacheObject(getTokenKey(token), loginUser, Integer.valueOf(Integer.parseInt(this.tokenExpired)), TimeUnit.MINUTES);
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public void delLoginUser(String str) {
        if (StringTools.isNotEmpty(str)) {
            this.redisCache.deleteObject(getTokenKey(str));
        }
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public String getToken(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.tokenHeader);
        if (StringTools.isEmpty(header)) {
            header = httpServletRequest.getHeader(AuthCons.TOKEN);
        } else if (header.contains(AuthCons.TOKEN_PREFIX) && (header.startsWith(AuthCons.TOKEN_PREFIX) || header.indexOf(AuthCons.TOKEN_PREFIX) != -1)) {
            header = parseToken(header.replace(AuthCons.TOKEN_PREFIX, "")).get(AuthCons.LOGIN_USER_KEY) + "";
        }
        if (StringTools.isEmpty(header)) {
            header = "";
        }
        return header;
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public Claims parseToken(String str) {
        return (Claims) Jwts.parser().setSigningKey(AuthCons.JWT_SECRET).parseClaimsJws(str).getBody();
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public LoginUser getLoginUser(HttpServletRequest httpServletRequest) {
        LoginUser loginUser = null;
        String token = getToken(httpServletRequest);
        if (!isTokenExpired(token)) {
            loginUser = (LoginUser) this.redisCache.getCacheObject(getTokenKey(token));
        }
        return loginUser;
    }

    public String getTokenKey(String str) {
        return AuthCons.LOGIN_TOKEN_KEY + str;
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public Authentication getAuthenticationFromToken(HttpServletRequest httpServletRequest) {
        Authentication authentication = null;
        String token = getToken(httpServletRequest);
        if (StringTools.isEmpty(token)) {
            return null;
        }
        if (!isTokenExpired(token)) {
            authentication = SecurityContextHolder.getContext().getAuthentication();
        }
        return authentication;
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public String getUserNameFromAuthentication(HttpServletRequest httpServletRequest) {
        Object principal;
        Authentication authenticationFromToken = getAuthenticationFromToken(httpServletRequest);
        String str = null;
        if (null != authenticationFromToken && (principal = authenticationFromToken.getPrincipal()) != null && (principal instanceof UserDetails)) {
            str = ((UserDetails) principal).getUsername();
        }
        return str;
    }

    @Override // org.yaukie.auth.service.api.TokenHandlerService
    public boolean isTokenExpired(String str) {
        LoginUser loginUser = (LoginUser) this.redisCache.getCacheObject(getTokenKey(str));
        if (StringTools.isNull(loginUser)) {
            return true;
        }
        return System.currentTimeMillis() > loginUser.getExpireTime().longValue();
    }

    private void setUserAgent(LoginUser loginUser) {
        UserAgent parseUserAgentString = UserAgent.parseUserAgentString(SpringContextUtil.getRequest().getHeader("User-Agent"));
        loginUser.setBrowser(parseUserAgentString.getBrowser().getName());
        loginUser.setOs(parseUserAgentString.getOperatingSystem().getName());
        loginUser.setIpaddr(IpUtil.getIpAddr(SpringContextUtil.getRequest()));
        loginUser.setLoginLocation(IpUtil.getRealAddressByIP(IpUtil.getIpAddr(SpringContextUtil.getRequest())));
    }
}
