package cn.hamm.airpower.util;

import cn.hamm.airpower.config.Constant;
import cn.hamm.airpower.enums.ServiceError;
import cn.hamm.airpower.exception.ServiceException;
import cn.hamm.airpower.model.Json;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.jetbrains.annotations.Contract;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;

/* loaded from: input_file:cn/hamm/airpower/util/TokenUtil.class */
public class TokenUtil {
    private static final Logger log = LoggerFactory.getLogger(TokenUtil.class);
    public static final String ACCESS_TOKEN_INVALID = "身份令牌无效，请重新获取身份令牌";
    private static final String HMAC_SHA_256 = "HmacSHA256";
    private static final String PAYLOADS_IS_EMPTY = "没有任何负载数据";
    private static final String HMAC_SHA_256_ERROR = "HMAC-SHA-256发生错误";
    private static final int TOKEN_PART_COUNT = 3;
    private final VerifiedToken verifiedToken = new VerifiedToken();

    /* loaded from: input_file:cn/hamm/airpower/util/TokenUtil$VerifiedToken.class */
    public static class VerifiedToken {
        private Map<String, Object> payloads = new HashMap();
        private long expireTimestamps = 0;

        @Nullable
        public final Object getPayload(String str) {
            return this.payloads.get(str);
        }

        public Map<String, Object> getPayloads() {
            return this.payloads;
        }

        public long getExpireTimestamps() {
            return this.expireTimestamps;
        }

        public VerifiedToken setPayloads(Map<String, Object> map) {
            this.payloads = map;
            return this;
        }

        public VerifiedToken setExpireTimestamps(long j) {
            this.expireTimestamps = j;
            return this;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof VerifiedToken)) {
                return false;
            }
            VerifiedToken verifiedToken = (VerifiedToken) obj;
            if (!verifiedToken.canEqual(this) || getExpireTimestamps() != verifiedToken.getExpireTimestamps()) {
                return false;
            }
            Map<String, Object> payloads = getPayloads();
            Map<String, Object> payloads2 = verifiedToken.getPayloads();
            return payloads == null ? payloads2 == null : payloads.equals(payloads2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof VerifiedToken;
        }

        public int hashCode() {
            long expireTimestamps = getExpireTimestamps();
            int i = (1 * 59) + ((int) ((expireTimestamps >>> 32) ^ expireTimestamps));
            Map<String, Object> payloads = getPayloads();
            return (i * 59) + (payloads == null ? 43 : payloads.hashCode());
        }

        public String toString() {
            return "TokenUtil.VerifiedToken(payloads=" + getPayloads() + ", expireTimestamps=" + getExpireTimestamps() + ")";
        }
    }

    public final String create(String str) {
        ServiceError.PARAM_INVALID.whenEquals(Constant.AIRPOWER, str, "身份令牌创建失败，请在环境变量配置 airpower.accessTokenSecret");
        if (this.verifiedToken.getPayloads().isEmpty()) {
            throw new ServiceException(PAYLOADS_IS_EMPTY);
        }
        Base64.getUrlEncoder().encodeToString(Json.toString(this.verifiedToken.getPayloads()).getBytes(StandardCharsets.UTF_8));
        long expireTimestamps = this.verifiedToken.getExpireTimestamps();
        return Base64.getUrlEncoder().encodeToString((expireTimestamps + "." + expireTimestamps + "." + hmacSha256(str, this.verifiedToken.getExpireTimestamps() + "." + expireTimestamps)).getBytes(StandardCharsets.UTF_8));
    }

    @Contract("_, _ -> this")
    public final TokenUtil addPayload(String str, Object obj) {
        this.verifiedToken.getPayloads().put(str, obj);
        return this;
    }

    @Contract("_ -> this")
    public final TokenUtil removePayload(String str) {
        this.verifiedToken.getPayloads().remove(str);
        return this;
    }

    @Contract("_ -> this")
    public final TokenUtil setExpireMillisecond(long j) {
        if (j <= 0) {
            throw new ServiceException(ServiceError.PARAM_INVALID, "过期毫秒数必须大于0");
        }
        this.verifiedToken.setExpireTimestamps(System.currentTimeMillis() + j);
        return this;
    }

    public final VerifiedToken verify(@NotNull String str, String str2) {
        try {
            String str3 = new String(Base64.getUrlDecoder().decode(str.getBytes(StandardCharsets.UTF_8)));
            if (!StringUtils.hasText(str3)) {
                throw new ServiceException(ServiceError.UNAUTHORIZED, ACCESS_TOKEN_INVALID);
            }
            String[] split = str3.split(Constant.DOT_REGEX);
            if (split.length != TOKEN_PART_COUNT) {
                throw new ServiceException(ServiceError.UNAUTHORIZED);
            }
            if (!hmacSha256(str2, split[0] + "." + split[2]).equals(split[1])) {
                throw new ServiceException(ServiceError.UNAUTHORIZED, ACCESS_TOKEN_INVALID);
            }
            if (Long.parseLong(split[0]) < System.currentTimeMillis() && Long.parseLong(split[0]) != 0) {
                throw new ServiceException(ServiceError.UNAUTHORIZED, ACCESS_TOKEN_INVALID);
            }
            return new VerifiedToken().setExpireTimestamps(Long.parseLong(split[0])).setPayloads(Json.parse2Map(new String(Base64.getUrlDecoder().decode(split[2].getBytes(StandardCharsets.UTF_8)))));
        } catch (Exception e) {
            throw new ServiceException(ServiceError.UNAUTHORIZED, ACCESS_TOKEN_INVALID);
        }
    }

    @NotNull
    private String hmacSha256(@NotNull String str, @NotNull String str2) {
        try {
            Mac mac = Mac.getInstance(HMAC_SHA_256);
            mac.init(new SecretKeySpec(str.getBytes(StandardCharsets.UTF_8), HMAC_SHA_256));
            StringBuilder sb = new StringBuilder();
            for (byte b : mac.doFinal(str2.getBytes(StandardCharsets.UTF_8))) {
                sb.append(String.format("%02x", Integer.valueOf(b & 255)));
            }
            return sb.toString();
        } catch (Exception e) {
            log.error("hmacSha256 error", e);
            throw new ServiceException(HMAC_SHA_256_ERROR);
        }
    }
}
