package com.fr.security;

import com.fr.cert.token.Claims;
import com.fr.cert.token.JwtException;
import com.fr.cert.token.Jwts;
import com.fr.cert.token.SignatureAlgorithm;
import com.fr.cert.token.SignatureException;
import com.fr.cert.token.impl.DefaultClaims;
import com.fr.log.FineLoggerFactory;
import com.fr.stable.CommonCodeUtils;
import com.fr.stable.StringUtils;
import java.io.IOException;
import java.security.Key;
import java.security.SecureRandom;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:com/fr/security/JwtUtils.class */
public class JwtUtils {
    private static final String ISSUER = "fanruan";
    private static final Integer JTI_LENGTH = 36;
    private static final SignatureAlgorithm DEFAULT_ALGORITHM = SignatureAlgorithm.HS256;
    private static final String JWT_TOKEN_KEY_SERVICE = "JwtTokenKeyService";
    private static final String KEY = "key";

    public static String createJWT(String str, String str2, String str3, Date date, Date date2, Date date3, String str4, SignatureAlgorithm signatureAlgorithm, Key key) {
        return Jwts.builder().setIssuer(str).setSubject(str2).setAudience(str3).setExpiration(date).setNotBefore(date2).setIssuedAt(date3).setId(str4).signWith(signatureAlgorithm, key).compact();
    }

    public static String createJWT(String str, String str2, Date date, Date date2, String str3, SignatureAlgorithm signatureAlgorithm, String str4) {
        return Jwts.builder().setIssuer(str).setSubject(str2).setIssuedAt(date).setExpiration(date2).setId(str3).signWith(signatureAlgorithm, str4).compact();
    }

    public static String createDefaultJWT(String str) {
        return Jwts.builder().setIssuer(ISSUER).setIssuedAt(new Date()).setSubject(str).setId(generateJTI()).signWith(DEFAULT_ALGORITHM, getKeyBytes()).compact();
    }

    public static String createDefaultJWT(String str, String str2) {
        return Jwts.builder().setIssuer(ISSUER).setIssuedAt(new Date()).setSubject(str).setDescription(str2).setId(generateJTI()).signWith(DEFAULT_ALGORITHM, getKeyBytes()).compact();
    }

    public static String createDefaultJWT(String str, String str2, long j) {
        Date date = new Date();
        return Jwts.builder().setIssuer(ISSUER).setIssuedAt(date).setExpiration(new Date(date.getTime() + j)).setSubject(str).setDescription(str2).setId(generateJTI()).signWith(DEFAULT_ALGORITHM, getKeyBytes()).compact();
    }

    public static String createDefaultJWT(String str, Map<String, Object> map, long j) {
        if (map == null) {
            throw new IllegalArgumentException();
        }
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            String key = entry.getKey();
            if (StringUtils.isEmpty(key) || Claims.SUBJECT.equals(key) || Claims.ISSUER.equals(key) || Claims.ISSUED_AT.equals(key) || Claims.EXPIRATION.equals(key) || Claims.ID.equals(key)) {
                throw new IllegalArgumentException("custom params contain jwt reserved key.");
            }
            hashMap.put(key, CommonCodeUtils.cjkEncode(String.valueOf(entry.getValue())));
        }
        Date date = new Date();
        return Jwts.builder().setClaims(hashMap).setIssuer(ISSUER).setIssuedAt(date).setExpiration(new Date(date.getTime() + j)).setSubject(str).setId(generateJTI()).signWith(DEFAULT_ALGORITHM, getKeyBytes()).compact();
    }

    public static String createDefaultJWT(String str, long j) {
        Date date = new Date();
        return Jwts.builder().setIssuer(ISSUER).setIssuedAt(date).setExpiration(new Date(date.getTime() + j)).setSubject(str).setId(generateJTI()).signWith(DEFAULT_ALGORITHM, getKeyBytes()).compact();
    }

    public static Claims parseJWT(String str) {
        try {
            Claims body = Jwts.parser().setSigningKey(getKeyBytes()).parseClaimsJws(str).getBody();
            DefaultClaims defaultClaims = new DefaultClaims();
            for (Map.Entry<String, Object> entry : body.entrySet()) {
                defaultClaims.put((DefaultClaims) entry.getKey(), CommonCodeUtils.decodeText(String.valueOf(entry.getValue())));
            }
            return defaultClaims;
        } catch (SignatureException e) {
            FineLoggerFactory.getLogger().warn(e.getMessage());
            return new DefaultClaims();
        }
    }

    public static String createVariedJWT(String str, Map<String, Object> map) {
        return Jwts.builder().setIssuer(ISSUER).setIssuedAt(new Date()).setClaims(map).setId(generateJTI()).signWith(DEFAULT_ALGORITHM, str).compact();
    }

    public static String createVariedJWT(String str, long j, Map<String, Object> map) {
        return Jwts.builder().setIssuer(ISSUER).setIssuedAt(new Date()).setExpiration(new Date(new Date().getTime() + j)).setClaims(map).setId(generateJTI()).signWith(DEFAULT_ALGORITHM, str).compact();
    }

    public static Claims parseJWT(String str, String str2) {
        try {
            Claims body = Jwts.parser().setSigningKey(str2).parseClaimsJws(str).getBody();
            DefaultClaims defaultClaims = new DefaultClaims();
            for (Map.Entry<String, Object> entry : body.entrySet()) {
                defaultClaims.put((DefaultClaims) entry.getKey(), CommonCodeUtils.decodeText(String.valueOf(entry.getValue())));
            }
            return defaultClaims;
        } catch (SignatureException e) {
            FineLoggerFactory.getLogger().warn(e.getMessage());
            return new DefaultClaims();
        }
    }

    public static boolean checkJWTExpired(String str) {
        try {
            Date expiration = parseJWT(str).getExpiration();
            if (expiration != null) {
                if (!expiration.after(new Date())) {
                    return false;
                }
            }
            return true;
        } catch (JwtException e) {
            FineLoggerFactory.getLogger().warn(e.getMessage());
            return false;
        }
    }

    public static boolean checkJWTExpired(String str, String str2) {
        try {
            Date expiration = parseJWT(str, str2).getExpiration();
            if (expiration != null) {
                if (!expiration.after(new Date())) {
                    return false;
                }
            }
            return true;
        } catch (JwtException e) {
            FineLoggerFactory.getLogger().warn(e.getMessage());
            return false;
        }
    }

    public static String generateJTI() {
        byte[] bArr = new byte[JTI_LENGTH.intValue()];
        new SecureRandom().nextBytes(bArr);
        return SecurityToolbox.byte2Base64(bArr);
    }

    private static byte[] getKeyBytes() {
        try {
            return SecurityToolbox.base642Byte(KeySecretSeedConfig.getInstance().getTrustSeed());
        } catch (IOException e) {
            FineLoggerFactory.getLogger().error("key secret seed base64 decode error");
            return new byte[0];
        }
    }
}
