package dev.tindersamurai.jwtea.security.filter;

import dev.tindersamurai.jwtea.security.auth.AuthenticationProcessor;
import dev.tindersamurai.jwtea.security.callback.AuthenticationCallback;
import dev.tindersamurai.jwtea.security.callback.data.HttpServlet;
import dev.tindersamurai.jwtea.security.callback.data.Token;
import dev.tindersamurai.jwtea.security.details.JWTeaAuthUserDetails;
import dev.tindersamurai.jwtea.security.props.JwtSecretProperties;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import java.util.Calendar;
import java.util.Date;
import java.util.List;
import java.util.UUID;
import java.util.stream.Collectors;
import javax.servlet.FilterChain;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/* loaded from: input_file:dev/tindersamurai/jwtea/security/filter/JwtAuthenticationFilter.class */
public class JwtAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(JwtAuthenticationFilter.class);
    private final AuthenticationProcessor authenticationProcessor;
    private final JwtSecretProperties jwtSecretProperties;
    private AuthenticationCallback authenticationCallback;

    public JwtAuthenticationFilter(AuthenticationProcessor authenticationProcessor, JwtSecretProperties jwtSecretProperties, AuthenticationCallback authenticationCallback, String str) {
        this(authenticationProcessor, jwtSecretProperties, str);
        this.authenticationCallback = authenticationCallback;
    }

    public JwtAuthenticationFilter(AuthenticationProcessor authenticationProcessor, JwtSecretProperties jwtSecretProperties, String str) {
        this.jwtSecretProperties = jwtSecretProperties;
        this.authenticationProcessor = authenticationProcessor;
        setAuthenticationManager(authenticationProcessor.getAuthenticationManager());
        setFilterProcessesUrl(str);
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.authenticationProcessor.attemptAuthentication(httpServletRequest, httpServletResponse);
    }

    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) {
        log.debug("successfulAuthentication: {}, {}, {}, {}", new Object[]{httpServletRequest, httpServletResponse, filterChain, authentication});
        HttpServlet httpServlet = new HttpServlet(httpServletRequest, httpServletResponse);
        JWTeaAuthUserDetails jWTeaAuthUserDetails = (JWTeaAuthUserDetails) authentication.getPrincipal();
        List list = (List) jWTeaAuthUserDetails.getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).collect(Collectors.toList());
        byte[] bytes = this.jwtSecretProperties.getJwtSecretKey().getBytes();
        Token token = new Token(jWTeaAuthUserDetails.getUsername(), UUID.randomUUID().toString(), createExpTime(), null);
        if (this.authenticationCallback != null) {
            this.authenticationCallback.preAuthentication(token, httpServlet);
        }
        String compact = Jwts.builder().signWith(Keys.hmacShaKeyFor(bytes), SignatureAlgorithm.HS512).setHeaderParam("type", this.jwtSecretProperties.getJwtTokenType()).setIssuer(this.jwtSecretProperties.getJwtTokenIssuer()).setAudience(this.jwtSecretProperties.getJwtTokenAudience()).setExpiration(token.getExpires()).setSubject(jWTeaAuthUserDetails.getUsername()).setId(token.getTokenId()).claim("role", list).compact();
        Token token2 = new Token(token.getUserId(), token.getTokenId(), token.getExpires(), compact);
        httpServletResponse.addHeader(this.jwtSecretProperties.getJwtTokenHeader(), this.jwtSecretProperties.getJwtTokenPrefix() + compact);
        httpServletResponse.addDateHeader(this.jwtSecretProperties.getJwtExpireHeader(), token.getExpires().getTime());
        httpServletResponse.addHeader(this.jwtSecretProperties.getJwtExpireEpochHeader(), Long.toString(token.getExpires().getTime()));
        if (this.jwtSecretProperties.isCookieEnabled()) {
            Cookie cookie = new Cookie(this.jwtSecretProperties.getJwtTokenHeader(), compact);
            int tokenLiveTimeSec = !this.jwtSecretProperties.isCookieSession() ? getTokenLiveTimeSec(token2.getExpires()) : -1;
            cookie.setHttpOnly(this.jwtSecretProperties.isCookieHttpOnly());
            cookie.setSecure(this.jwtSecretProperties.isCookieSecure());
            cookie.setPath(this.jwtSecretProperties.getCookiePath());
            cookie.setMaxAge(tokenLiveTimeSec);
            String cookieDomain = this.jwtSecretProperties.getCookieDomain();
            if (cookieDomain != null) {
                cookie.setDomain(cookieDomain);
            }
            httpServletResponse.addCookie(cookie);
        }
        if (this.authenticationCallback != null) {
            this.authenticationCallback.postAuthentication(token2, httpServlet);
        }
    }

    private Date createExpTime() {
        return new Date(System.currentTimeMillis() + this.jwtSecretProperties.getJwtTokenLiveTime());
    }

    private int getTokenLiveTimeSec(Date date) {
        return (int) ((date.getTime() - Calendar.getInstance().getTime().getTime()) / 1000);
    }

    public void setAuthenticationCallback(AuthenticationCallback authenticationCallback) {
        this.authenticationCallback = authenticationCallback;
    }
}
