package net.orivis.shared.auth_client.client;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.UnsupportedJwtException;
import java.io.Serializable;
import java.util.Date;
import java.util.List;
import lombok.Generated;
import net.orivis.shared.auth_client.exception.ScopeException;
import net.orivis.shared.auth_client.exception.TokenExpiredException;
import net.orivis.shared.auth_client.form.UserData;
import net.orivis.shared.auth_client.form.UserTokenDTO;
import net.orivis.shared.config.WebContext;
import net.orivis.shared.entity.TokenData;
import net.orivis.shared.utils.ApplicationContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:net/orivis/shared/auth_client/client/TokenProviderClient.class */
public class TokenProviderClient<ID_TYPE extends Serializable> extends ApplicationContext {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(TokenProviderClient.class);
    public static final String AUTHORITIES_KEY = "groups";
    public static final String USER_ID = "user_id";
    public static final String USER_EMAIL = "email";
    public static final String USER_LOGIN = "bid";
    public static final String USER_INNER_NUMBER = "userDataId";
    public static final String ISSUER = "usb";
    public static final String PURCHASES = "prchs";
    public static final String LANG = "lang";

    public TokenProviderClient(WebContext webContext) {
        super(webContext);
    }

    public UserTokenDTO validateToken(TokenData tokenData) {
        UserTokenDTO userTokenDTO = new UserTokenDTO();
        userTokenDTO.setToken(tokenData.getToken());
        userTokenDTO.setScope(tokenData.getScope());
        return validateToken(userTokenDTO);
    }

    public UserTokenDTO validateToken(UserTokenDTO userTokenDTO) {
        try {
            try {
                try {
                    try {
                        Date expiration = ((Claims) Jwts.parser().setSigningKey(getSecretKey(userTokenDTO.getScope()).getBytes()).build().parseSignedClaims(userTokenDTO.getToken().replace("Bearer ", "")).getPayload()).getExpiration();
                        if (expiration.getTime() < new Date().getTime()) {
                            throw new TokenExpiredException(userTokenDTO.getToken());
                        }
                        userTokenDTO.setDue(expiration);
                        return userTokenDTO;
                    } catch (UnsupportedJwtException e) {
                        log.info("Unsupported JWT token.");
                        log.trace("Unsupported JWT token trace: {0}", e);
                        return null;
                    }
                } catch (ExpiredJwtException e2) {
                    log.info("Expired JWT token.");
                    log.trace("Expired JWT token trace: {0}", e2);
                    return null;
                }
            } catch (SecurityException | MalformedJwtException e3) {
                log.info("Invalid JWT signature.");
                log.trace("Invalid JWT signature trace: {0}", e3);
                return null;
            }
        } catch (IllegalArgumentException e4) {
            log.info("JWT token compact of handler are invalid.");
            log.trace("JWT token compact of handler are invalid trace: {0}", e4);
            return null;
        }
    }

    public UserTokenDTO getAuthentication(TokenData tokenData) {
        String token = tokenData.getToken();
        if (token == null || token.trim().isEmpty() || token.equals("null")) {
            return null;
        }
        Claims claims = (Claims) Jwts.parser().setSigningKey(getSecretKey(tokenData.getScope()).getBytes()).build().parseSignedClaims(token).getPayload();
        UserTokenDTO userTokenDTO = new UserTokenDTO();
        userTokenDTO.setDue(claims.getExpiration());
        userTokenDTO.setRoleListFromGD((List) claims.get(AUTHORITIES_KEY));
        userTokenDTO.setToken(token);
        userTokenDTO.setScope(String.valueOf(claims.get("s")));
        UserData userData = new UserData();
        userData.setLogin(claims.getSubject());
        userData.setId((Serializable) claims.get(USER_ID));
        userData.setEmail(String.valueOf(claims.get(USER_EMAIL)));
        userData.setLogin(String.valueOf(claims.get(USER_LOGIN)));
        userData.setPurchases((List) claims.get(PURCHASES));
        userTokenDTO.setUserData(userData);
        return userTokenDTO;
    }

    public String getSecretKey(String str) {
        try {
            Object env = getContext().getEnv("dennis.systems.security.secret_" + str);
            if (env == null) {
                throw new RuntimeException();
            }
            return String.valueOf(env);
        } catch (Exception e) {
            throw new ScopeException("global.scope.not_supported");
        }
    }
}
