package shz.auth;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
import java.util.Date;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import shz.auth.util.TokenHelp;
import shz.core.NullHelp;
import shz.core.ToMap;
import shz.core.encrypt.EncryptDetail;
import shz.core.encrypt.EncryptManager;
import shz.core.msg.ServerFailureMsg;

/* loaded from: input_file:shz/auth/AbstractJwtService.class */
public abstract class AbstractJwtService {
    private static final String SIGNATURE = "JWT_SIGNATURE";
    private static final String USERID = "JWT_USERID";
    private static final String USERNAME = "JWT_USERNAME";

    protected Map<String, Object> headerClaims() {
        return (Map) ToMap.get(2).put("alg", "HS256").put("typ", "JWT").build();
    }

    protected abstract EncryptManager encryptManager();

    protected abstract EncryptDetail encryptDetail(Long l, String str);

    public int expireSecond(Long l, String str) {
        return 43200;
    }

    public int delaySecond(Long l, String str) {
        return 0;
    }

    protected Algorithm algorithm(Long l, String str, String str2) {
        return Algorithm.HMAC256(str2);
    }

    public final String create(String str, Long l, String str2, Object obj, Map<String, ?> map) {
        JWTCreator.Builder withHeader = JWT.create().withHeader(headerClaims());
        EncryptManager encryptManager = encryptManager();
        ServerFailureMsg.requireNonNull(encryptManager, "缺少加密实例");
        EncryptDetail encryptDetail = encryptDetail(l, str2);
        ServerFailureMsg.requireNonNull(encryptDetail, "userid:%d,username:%s 缺少加密信息", new Object[]{l, str2});
        withHeader.withClaim(SIGNATURE, encryptManager.sign(encryptDetail, obj));
        if (NullHelp.nonBlank(str)) {
            withHeader.withJWTId(str);
        }
        if (NullHelp.nonBlank(l)) {
            withHeader.withClaim(USERID, l);
        }
        if (NullHelp.nonBlank(str2)) {
            withHeader.withClaim(USERNAME, str2);
        }
        long currentTimeMillis = System.currentTimeMillis();
        withHeader.withIssuedAt(new Date(currentTimeMillis));
        int expireSecond = expireSecond(l, str2);
        int delaySecond = delaySecond(l, str2);
        if (delaySecond > 0 && delaySecond < expireSecond) {
            withHeader.withNotBefore(new Date(currentTimeMillis + (delaySecond * 1000)));
        }
        if (NullHelp.nonEmpty(map)) {
            withHeader.withPayload(map);
        }
        return withHeader.sign(algorithm(l, str2, encryptDetail.getSecretKey()));
    }

    public final String create(Long l, String str, Object obj, Map<String, ?> map) {
        return create(null, l, str, obj, map);
    }

    public final String create(Long l, String str, Object obj) {
        return create(l, str, obj, null);
    }

    public String getToken(HttpServletRequest httpServletRequest) {
        return TokenHelp.getToken(httpServletRequest, "Authorization");
    }

    public static DecodedJWT decode(String str) {
        try {
            return JWT.decode(str);
        } catch (Exception e) {
            return null;
        }
    }

    public static Long getUserid(DecodedJWT decodedJWT) {
        Claim claim;
        if (decodedJWT == null || (claim = decodedJWT.getClaim(USERID)) == null) {
            return null;
        }
        return claim.asLong();
    }

    public static String getUsername(DecodedJWT decodedJWT) {
        Claim claim;
        if (decodedJWT == null || (claim = decodedJWT.getClaim(USERNAME)) == null) {
            return null;
        }
        return claim.asString();
    }

    public final boolean verify(DecodedJWT decodedJWT, Long l, String str, Object obj) {
        if (decodedJWT == null) {
            return false;
        }
        EncryptManager encryptManager = encryptManager();
        ServerFailureMsg.requireNonNull(encryptManager, "缺少加密实例");
        EncryptDetail encryptDetail = encryptDetail(l, str);
        if (encryptDetail == null) {
            return false;
        }
        try {
            JWT.require(algorithm(l, str, encryptDetail.getSecretKey())).build().verify(decodedJWT);
            if (obj == null) {
                return true;
            }
            Claim claim = decodedJWT.getClaim(SIGNATURE);
            if (claim == null) {
                return false;
            }
            String asString = claim.asString();
            if (NullHelp.isBlank(asString)) {
                return false;
            }
            return encryptManager.checkSign(encryptDetail, asString, obj);
        } catch (Exception e) {
            return false;
        }
    }
}
