package com.apache.passport.jwt;

import com.apache.jwt.Claims;
import com.apache.jwt.JwtBuilder;
import com.apache.jwt.Jwts;
import com.apache.jwt.SignatureAlgorithm;
import com.apache.passport.entity.UctUser;
import com.apache.tools.StrUtil;
import com.apache.uct.common.ToolsUtil;
import java.io.File;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.HashMap;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.FileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:com/apache/passport/jwt/JwtUtil.class */
public class JwtUtil {

    @Value("${spring.profiles.active}")
    private String profiles;
    private static JwtUtil jwtUtil;
    private Logger log = LoggerFactory.getLogger(getClass());

    private JwtUtil() {
    }

    public static JwtUtil newInstance() {
        if (null == jwtUtil) {
            jwtUtil = new JwtUtil();
        }
        return jwtUtil;
    }

    public String uniCreateJwt(String str, String str2, String str3, long j, String str4) {
        return "rsa".equalsIgnoreCase(StrUtil.doNull(ToolsUtil.getInstance().getValueByKey("secret_key_type"), "rsa")) ? createJwtRsa(str, str2, str3, j, str4) : createJWT(str, str2, str3, j, str4);
    }

    public Claims uniParseJWT(String str) {
        Claims claims = null;
        try {
            claims = "rsa".equalsIgnoreCase(StrUtil.doNull(ToolsUtil.getInstance().getValueByKey("secret_key_type"), ToolsUtil.BLANK)) ? parseJwtRsa(str) : parseJWT(str);
        } catch (Exception e) {
            this.log.warn("异常", e);
        }
        return claims;
    }

    private SecretKey generalKey() {
        byte[] decodeBase64 = Base64.decodeBase64((this.profiles + Constant.JWT_SECRET).getBytes());
        return new SecretKeySpec(decodeBase64, 0, decodeBase64.length, "AES");
    }

    public String createJWT(String str, String str2, String str3, long j, String str4) {
        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
        long currentTimeMillis = System.currentTimeMillis();
        Date date = new Date(currentTimeMillis);
        try {
            SecretKey generalKey = generalKey();
            HashMap hashMap = new HashMap(1);
            hashMap.put("u_info", str4);
            JwtBuilder signWith = Jwts.builder().setId(str).setIssuedAt(date).setSubject(str2).setAudience(str3).setIssuer(ToolsUtil.getInstance().getValueByKey("login.url")).addClaims(hashMap).signWith(signatureAlgorithm, generalKey);
            if (j >= 0) {
                signWith.setExpiration(new Date(currentTimeMillis + j));
            }
            return signWith.compact();
        } catch (Exception e) {
            this.log.warn("异常", e);
            return ToolsUtil.BLANK;
        }
    }

    public Claims parseJWT(String str) {
        return Jwts.parser().setSigningKey(generalKey()).parseClaimsJws(str).getBody();
    }

    private KeyPair getKeyPair(int i) throws Exception {
        KeyPair keyPair;
        if (0 == i) {
            keyPair = new KeyPair(null, KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(FileUtils.readFileToByteArray(new File(ToolsUtil.getInstance().getValueByKey("rsa_private_key"))))));
        } else {
            keyPair = new KeyPair(KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(FileUtils.readFileToByteArray(new File(ToolsUtil.getInstance().getValueByKey("ras_public_key"))))), null);
        }
        return keyPair;
    }

    public String createJwtRsa(String str, String str2, String str3, long j, String str4) {
        SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.RS256;
        long currentTimeMillis = System.currentTimeMillis();
        Date date = new Date(currentTimeMillis);
        try {
            KeyPair keyPair = getKeyPair(0);
            HashMap hashMap = new HashMap(1);
            hashMap.put("u_info", str4);
            JwtBuilder signWith = Jwts.builder().setId(str).setIssuedAt(date).setSubject(str2).setAudience(str3).setIssuer(ToolsUtil.getInstance().getValueByKey("login.url")).addClaims(hashMap).signWith(signatureAlgorithm, keyPair.getPrivate());
            if (j >= 0) {
                signWith.setExpiration(new Date(currentTimeMillis + j));
            }
            return signWith.compact();
        } catch (Exception e) {
            this.log.warn("异常", e);
            return ToolsUtil.BLANK;
        }
    }

    public Claims parseJwtRsa(String str) throws Exception {
        return Jwts.parser().setSigningKey(getKeyPair(1).getPublic()).parseClaimsJws(str).getBody();
    }

    public String generalSubject(UctUser uctUser) {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("userId", uctUser.getUserId());
        jSONObject.put("userEname", uctUser.getUserEname());
        jSONObject.put("email", StrUtil.doNull(uctUser.getEmail(), ToolsUtil.BLANK));
        jSONObject.put("mobile", StrUtil.doNull(uctUser.getMobile(), ToolsUtil.BLANK));
        jSONObject.put("orgEname", StrUtil.doNull(uctUser.getOrgEname(), ToolsUtil.BLANK));
        jSONObject.put("userType", StrUtil.doNull(uctUser.getUserType(), ToolsUtil.BLANK));
        return jSONObject.toString();
    }
}
