package com.edu.user.api.manager.impl;

import com.edu.admin.model.common.enums.ReturnCodeEnum;
import com.edu.admin.model.common.exception.BizException;
import com.edu.user.api.manager.IAuthManager;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.time.temporal.TemporalUnit;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.PostConstruct;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.jwt.crypto.sign.MacSigner;
import org.springframework.security.jwt.crypto.sign.SignatureVerifier;
import org.springframework.security.jwt.crypto.sign.Signer;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/edu/user/api/manager/impl/AuthManagerImpl.class */
public class AuthManagerImpl implements IAuthManager {
    private static final Logger log = LoggerFactory.getLogger(AuthManagerImpl.class);
    private static final String EXPIRED = "exp";
    private static final String SOME_FILED = "some";
    private Signer signer;
    private SignatureVerifier verifier;
    private final ObjectMapper objectMapper = new ObjectMapper();

    @Value("${edu.jwt.secret}")
    private String applicationConfig;

    @PostConstruct
    public void init() {
        String str = this.applicationConfig;
        if (StringUtils.isEmpty(str)) {
            str = "WidusilfbtCDCWubOfson";
        }
        this.signer = new MacSigner(str);
        this.verifier = new MacSigner(str);
    }

    @Override // com.edu.user.api.manager.IAuthManager
    public String generateTokenByUserId(Long l) {
        if (l == null) {
            throw new BizException(ReturnCodeEnum.RESTFUL_REQUEST_OBJECT_INVALID);
        }
        try {
            HashMap hashMap = new HashMap();
            HashMap hashMap2 = new HashMap();
            hashMap2.put("2", true);
            hashMap.put("a", hashMap2);
            hashMap.put(SOME_FILED, l);
            hashMap.put(EXPIRED, Long.valueOf(Instant.now().plus(1L, (TemporalUnit) ChronoUnit.DAYS).toEpochMilli() / 1000));
            return "EDU|" + JwtHelper.encode(this.objectMapper.writeValueAsString(hashMap), this.signer).getEncoded();
        } catch (IOException e) {
            log.error("Cannot convert jwt to JSON", e);
            throw new IllegalArgumentException("Cannot convert jwt to JSON", e);
        }
    }

    @Override // com.edu.user.api.manager.IAuthManager
    public Map<String, Object> decodeToken(String str) {
        if (StringUtils.isEmpty(str) || !str.startsWith("EDU|")) {
            log.error("Token not started with edu prefix");
            throw new IllegalArgumentException("Token not started with edu prefix");
        }
        try {
            Map<String, Object> map = (Map) this.objectMapper.readValue(JwtHelper.decodeAndVerify(str.substring("EDU|".length()), this.verifier).getClaims(), Map.class);
            if (map.containsKey(EXPIRED) && (map.get(EXPIRED) instanceof Integer)) {
                map.put(EXPIRED, map.get(EXPIRED));
                return map;
            }
            log.error("error_auth  expired");
            throw new BizException(ReturnCodeEnum.UNAUTHORIZED);
        } catch (Exception e) {
            log.error("jwt helper error ", e);
            throw new BizException(ReturnCodeEnum.UNAUTHORIZED);
        }
    }

    @Override // com.edu.user.api.manager.IAuthManager
    public Authentication loadAuthentication(String str) {
        Map<String, Object> decodeToken = decodeToken(str);
        if (decodeToken.containsKey(EXPIRED)) {
            if (Instant.now().isAfter(Instant.ofEpochMilli(Long.parseLong(String.valueOf(decodeToken.get(EXPIRED))) * 1000))) {
                throw new BizException(ReturnCodeEnum.UNAUTHORIZED);
            }
        }
        if (decodeToken.containsKey(SOME_FILED)) {
            return new UsernamePasswordAuthenticationToken(loadUserByUsername(String.valueOf(decodeToken.get(SOME_FILED))), "N/A", (Collection) null);
        }
        throw new BizException(ReturnCodeEnum.UNAUTHORIZED);
    }

    public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
        throw new UsernameNotFoundException("fail to find user");
    }
}
