package top.dcenter.ums.security.jwt.claims.service.impl;

import com.nimbusds.jwt.JWTClaimsSet;
import java.time.Instant;
import java.util.Map;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.NonNull;
import org.springframework.lang.Nullable;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import top.dcenter.ums.security.core.api.tenant.handler.TenantContextHolder;
import top.dcenter.ums.security.jwt.api.claims.service.CustomClaimsSetService;
import top.dcenter.ums.security.jwt.api.id.service.JwtIdService;
import top.dcenter.ums.security.jwt.claims.service.GenerateClaimsSetService;
import top.dcenter.ums.security.jwt.enums.JwtCustomClaimNames;

/* loaded from: input_file:top/dcenter/ums/security/jwt/claims/service/impl/UmsGenerateClaimsSetServiceImpl.class */
public class UmsGenerateClaimsSetServiceImpl implements GenerateClaimsSetService {
    private static final Logger log = LoggerFactory.getLogger(UmsGenerateClaimsSetServiceImpl.class);
    private final long timeout;
    private final String iss;
    private final String principalClaimName;
    private final JwtAuthenticationConverter jwtAuthenticationConverter;

    @Autowired(required = false)
    private TenantContextHolder tenantContextHolder;

    @Autowired(required = false)
    private CustomClaimsSetService customClaimsSetService;

    @Autowired
    private JwtIdService jwtIdService;

    public UmsGenerateClaimsSetServiceImpl(@NonNull long j, @Nullable String str, @NonNull String str2, @NonNull JwtAuthenticationConverter jwtAuthenticationConverter) {
        this.timeout = j;
        this.iss = str;
        this.principalClaimName = str2;
        this.jwtAuthenticationConverter = jwtAuthenticationConverter;
    }

    @Override // top.dcenter.ums.security.jwt.claims.service.GenerateClaimsSetService
    @NonNull
    public JWTClaimsSet generateClaimsSet(@NonNull UserDetails userDetails, @Nullable Jwt jwt) {
        String str = null;
        if (Objects.nonNull(this.tenantContextHolder)) {
            str = this.tenantContextHolder.getTenantId(userDetails);
        }
        JWTClaimsSet.Builder jwtClaimsSetBuilder = getJwtClaimsSetBuilder(str, userDetails.getUsername(), jwt);
        if (Objects.nonNull(jwt)) {
            jwtClaimsSetBuilder.claim(JwtCustomClaimNames.REFRESH_TOKEN_JTI.getClaimName(), jwt.getId());
        }
        if (Objects.nonNull(this.customClaimsSetService)) {
            Map claims = this.customClaimsSetService.toClaimsSet(userDetails).getClaims();
            jwtClaimsSetBuilder.getClass();
            claims.forEach(jwtClaimsSetBuilder::claim);
        }
        return jwtClaimsSetBuilder.build();
    }

    @Override // top.dcenter.ums.security.jwt.claims.service.GenerateClaimsSetService
    @NonNull
    public JWTClaimsSet generateClaimsSet(@NonNull Authentication authentication, @Nullable Jwt jwt) {
        String str = null;
        if (Objects.nonNull(this.tenantContextHolder)) {
            str = this.tenantContextHolder.getTenantId(authentication);
        }
        JWTClaimsSet.Builder jwtClaimsSetBuilder = getJwtClaimsSetBuilder(str, authentication.getName(), jwt);
        if (Objects.nonNull(this.customClaimsSetService)) {
            Map claims = this.customClaimsSetService.toClaimsSet(authentication).getClaims();
            jwtClaimsSetBuilder.getClass();
            claims.forEach(jwtClaimsSetBuilder::claim);
        }
        return jwtClaimsSetBuilder.build();
    }

    @Override // top.dcenter.ums.security.jwt.claims.service.GenerateClaimsSetService
    @NonNull
    public JwtAuthenticationConverter getJwtAuthenticationConverter() {
        return this.jwtAuthenticationConverter;
    }

    private JWTClaimsSet.Builder getJwtClaimsSetBuilder(@Nullable String str, @NonNull String str2, @Nullable Jwt jwt) {
        JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder();
        if (Objects.nonNull(str)) {
            builder.claim(JwtCustomClaimNames.TENANT_ID.getClaimName(), str);
        }
        if (Objects.nonNull(this.iss)) {
            builder.issuer(this.iss);
        }
        builder.jwtID(this.jwtIdService.generateJtiId());
        builder.claim(this.principalClaimName, str2).claim("exp", Long.valueOf(Instant.now().plusSeconds(this.timeout).getEpochSecond()));
        if (Objects.nonNull(jwt)) {
            builder.claim(JwtCustomClaimNames.REFRESH_TOKEN_JTI.getClaimName(), jwt.getId());
        }
        return builder;
    }
}
