package com.amaken.security.jwt;

import com.amaken.management.SecurityMetersService;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.UnsupportedJwtException;
import io.jsonwebtoken.io.Decoders;
import io.jsonwebtoken.security.Keys;
import io.jsonwebtoken.security.SignatureException;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.util.Arrays;
import java.util.Collection;
import java.util.Date;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import tech.jhipster.config.JHipsterProperties;

@Component
/* loaded from: input_file:BOOT-INF/classes/com/amaken/security/jwt/TokenProvider.class */
public class TokenProvider {
    private final Logger log = LoggerFactory.getLogger((Class<?>) TokenProvider.class);
    private static final String AUTHORITIES_KEY = "auth";
    private static final String INVALID_JWT_TOKEN = "Invalid JWT token.";
    private final Key key;
    private final JwtParser jwtParser;
    private final long tokenValidityInMilliseconds;
    private final long tokenValidityInMillisecondsForRememberMe;
    private final SecurityMetersService securityMetersService;

    public TokenProvider(JHipsterProperties jHipsterProperties, SecurityMetersService securityMetersService) {
        byte[] bytes;
        String base64Secret = jHipsterProperties.getSecurity().getAuthentication().getJwt().getBase64Secret();
        if (ObjectUtils.isEmpty(base64Secret)) {
            this.log.warn("Warning: the JWT key used is not Base64-encoded. We recommend using the `jhipster.security.authentication.jwt.base64-secret` key for optimum security.");
            bytes = jHipsterProperties.getSecurity().getAuthentication().getJwt().getSecret().getBytes(StandardCharsets.UTF_8);
        } else {
            this.log.debug("Using a Base64-encoded JWT secret key");
            bytes = Decoders.BASE64.decode(base64Secret);
        }
        this.key = Keys.hmacShaKeyFor(bytes);
        this.jwtParser = Jwts.parserBuilder().setSigningKey(this.key).build();
        this.tokenValidityInMilliseconds = 1000 * jHipsterProperties.getSecurity().getAuthentication().getJwt().getTokenValidityInSeconds();
        this.tokenValidityInMillisecondsForRememberMe = 1000 * jHipsterProperties.getSecurity().getAuthentication().getJwt().getTokenValidityInSecondsForRememberMe();
        this.securityMetersService = securityMetersService;
    }

    public String createToken(Authentication authentication, boolean z) {
        String str = (String) authentication.getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).collect(Collectors.joining(","));
        long time = new Date().getTime();
        return Jwts.builder().setSubject(authentication.getName()).claim(AUTHORITIES_KEY, str).signWith(this.key, SignatureAlgorithm.HS512).setExpiration(z ? new Date(time + this.tokenValidityInMillisecondsForRememberMe) : new Date(time + this.tokenValidityInMilliseconds)).compact();
    }

    public Authentication getAuthentication(String str) {
        Claims body = this.jwtParser.parseClaimsJws(str).getBody();
        Collection collection = (Collection) Arrays.stream(body.get(AUTHORITIES_KEY).toString().split(",")).filter(str2 -> {
            return !str2.trim().isEmpty();
        }).map(SimpleGrantedAuthority::new).collect(Collectors.toList());
        return new UsernamePasswordAuthenticationToken(new User(body.getSubject(), "", collection), str, collection);
    }

    public boolean validateToken(String str) {
        try {
            this.jwtParser.parseClaimsJws(str);
            return true;
        } catch (ExpiredJwtException e) {
            this.securityMetersService.trackTokenExpired();
            this.log.trace(INVALID_JWT_TOKEN, (Throwable) e);
            return false;
        } catch (MalformedJwtException e2) {
            this.securityMetersService.trackTokenMalformed();
            this.log.trace(INVALID_JWT_TOKEN, (Throwable) e2);
            return false;
        } catch (UnsupportedJwtException e3) {
            this.securityMetersService.trackTokenUnsupported();
            this.log.trace(INVALID_JWT_TOKEN, (Throwable) e3);
            return false;
        } catch (SignatureException e4) {
            this.securityMetersService.trackTokenInvalidSignature();
            this.log.trace(INVALID_JWT_TOKEN, (Throwable) e4);
            return false;
        } catch (IllegalArgumentException e5) {
            this.log.error("Token validation error {}", e5.getMessage());
            return false;
        }
    }

    public String createNewTokenForUser(String str, String str2) {
        return Jwts.builder().setSubject(str2).claim(AUTHORITIES_KEY, str).signWith(this.key, SignatureAlgorithm.HS512).setExpiration(new Date(new Date().getTime() + this.tokenValidityInMilliseconds)).compact();
    }
}
