package org.tinycloud.security.provider;

import java.util.HashMap;
import java.util.HashSet;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.redis.core.Cursor;
import org.springframework.data.redis.core.ScanOptions;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.util.Assert;
import org.tinycloud.security.config.GlobalConfigUtils;
import org.tinycloud.security.consts.AuthConsts;
import org.tinycloud.security.util.CredentialsGenUtil;
import org.tinycloud.security.util.JsonUtil;
import org.tinycloud.security.util.JwtUtil;

/* loaded from: input_file:org/tinycloud/security/provider/RedisAuthProvider.class */
public class RedisAuthProvider extends AbstractAuthProvider implements AuthProvider {
    private static final Logger log = LoggerFactory.getLogger(RedisAuthProvider.class);
    private final StringRedisTemplate redisTemplate;

    public RedisAuthProvider(StringRedisTemplate stringRedisTemplate) {
        this.redisTemplate = stringRedisTemplate;
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public boolean refreshByCredentials(String str) {
        Assert.hasText(str, "The credentials cannot be empty!");
        try {
            return this.redisTemplate.expire("tiny:security:credentials:" + str, GlobalConfigUtils.getGlobalConfig().getTimeout().intValue(), TimeUnit.SECONDS).booleanValue();
        } catch (Exception e) {
            log.error("RedisAuthProvider refreshByCredentials failed, Exception：{e}", e);
            return false;
        }
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public boolean refreshByCredentials(String str, LoginSubject loginSubject) {
        Assert.hasText(str, "The credentials cannot be empty!");
        try {
            this.redisTemplate.opsForValue().set("tiny:security:credentials:" + str, JsonUtil.writeValueAsString(loginSubject), GlobalConfigUtils.getGlobalConfig().getTimeout().intValue(), TimeUnit.SECONDS);
            return true;
        } catch (Exception e) {
            log.error("RedisAuthProvider refreshByCredentials failed, Exception：{e}", e);
            return false;
        }
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public boolean checkByCredentials(String str) {
        Assert.hasText(str, "The credentials cannot be empty!");
        try {
            return this.redisTemplate.hasKey("tiny:security:credentials:" + str).booleanValue();
        } catch (Exception e) {
            log.error("RedisAuthProvider checkByCredentials failed, Exception：{e}", e);
            return false;
        }
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public LoginSubject getSubject(String str) {
        Assert.hasText(str, "The credentials cannot be empty!");
        try {
            String str2 = (String) this.redisTemplate.opsForValue().get("tiny:security:credentials:" + str);
            if (str2 == null) {
                return null;
            }
            return (LoginSubject) JsonUtil.readValue(str2, LoginSubject.class);
        } catch (Exception e) {
            log.error("RedisAuthProvider getSubject failed, Exception：{e}", e);
            return null;
        }
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public String createAuth(Object obj) {
        Assert.notNull(obj, "The loginId cannot be null!");
        try {
            String generate = CredentialsGenUtil.generate(GlobalConfigUtils.getGlobalConfig().getCredentialsStyle());
            HashMap hashMap = new HashMap();
            hashMap.put("credentials", generate);
            String sign = JwtUtil.sign(GlobalConfigUtils.getGlobalConfig().getJwtSecret(), GlobalConfigUtils.getGlobalConfig().getJwtSubject(), hashMap);
            LoginSubject loginSubject = new LoginSubject();
            loginSubject.setLoginId(obj);
            long currentTimeMillis = System.currentTimeMillis();
            loginSubject.setLoginTime(Long.valueOf(currentTimeMillis));
            loginSubject.setLoginExpireTime(Long.valueOf(currentTimeMillis + (GlobalConfigUtils.getGlobalConfig().getTimeout().intValue() * 1000)));
            this.redisTemplate.opsForValue().set("tiny:security:credentials:" + generate, JsonUtil.writeValueAsString(loginSubject), GlobalConfigUtils.getGlobalConfig().getTimeout().intValue(), TimeUnit.SECONDS);
            return AuthConsts.JWT_TOKEN_PREFIX + sign;
        } catch (Exception e) {
            log.error("RedisAuthProvider createAuth failed, Exception：{e}", e);
            return null;
        }
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public boolean deleteByToken(String str) {
        Assert.hasText(str, "The token cannot be empty!");
        try {
            return this.redisTemplate.delete("tiny:security:credentials:" + getCredentialsByToken(str)).booleanValue();
        } catch (Exception e) {
            log.error("RedisAuthProvider deleteToken failed, Exception：{e}", e);
            return false;
        }
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public boolean deleteByCredentials(String str) {
        Assert.hasText(str, "The credentials cannot be empty!");
        try {
            return this.redisTemplate.delete("tiny:security:credentials:" + str).booleanValue();
        } catch (Exception e) {
            log.error("RedisAuthProvider deleteByCredentials failed, Exception：{e}", e);
            return false;
        }
    }

    @Override // org.tinycloud.security.provider.AuthProvider
    public boolean deleteByLoginId(Object obj) {
        Assert.notNull(obj, "The loginId cannot be null!");
        try {
            Set<String> scanKeys = scanKeys(AuthConsts.AUTH_CREDENTIALS_KEY.concat("*"));
            if (!Objects.nonNull(scanKeys) || scanKeys.isEmpty()) {
                return true;
            }
            for (String str : scanKeys) {
                LoginSubject loginSubject = (LoginSubject) JsonUtil.readValue((String) this.redisTemplate.opsForValue().get(str), LoginSubject.class);
                if (Objects.nonNull(loginSubject)) {
                    Object loginId = loginSubject.getLoginId();
                    if (Objects.nonNull(loginId) && loginId.equals(obj)) {
                        this.redisTemplate.delete(str);
                    }
                }
            }
            return true;
        } catch (Exception e) {
            log.error("RedisAuthProvider deleteByLoginId failed, Exception：{e}", e);
            return false;
        }
    }

    public Set<String> scanKeys(String str) {
        HashSet hashSet = new HashSet();
        try {
            Cursor scan = this.redisTemplate.getConnectionFactory().getConnection().scan(ScanOptions.scanOptions().match(str).count(100L).build());
            while (scan.hasNext()) {
                try {
                    hashSet.add(new String((byte[]) scan.next()));
                } finally {
                }
            }
            if (scan != null) {
                scan.close();
            }
        } catch (Exception e) {
            log.error("RedisAuthProvider scanKeys failed, Exception：{e}", e);
        }
        return hashSet;
    }
}
