package net.coder966.spring.multisecurityrealms.converter;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import net.coder966.spring.multisecurityrealms.authentication.SecurityRealmAuthentication;
import net.coder966.spring.multisecurityrealms.configuration.SecurityRealmConfigurationProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:net/coder966/spring/multisecurityrealms/converter/AuthenticationTokenConverter.class */
public class AuthenticationTokenConverter implements InitializingBean {
    private static final Logger log = LoggerFactory.getLogger(AuthenticationTokenConverter.class);
    private final String secret;
    private final Duration tokenExpirationDuration;
    private Algorithm algorithm;
    private JWTVerifier verifier;

    public AuthenticationTokenConverter(SecurityRealmConfigurationProperties securityRealmConfigurationProperties) {
        this.secret = securityRealmConfigurationProperties.getSigningSecret();
        this.tokenExpirationDuration = securityRealmConfigurationProperties.getTokenExpirationDuration();
    }

    public void afterPropertiesSet() {
        this.algorithm = Algorithm.HMAC512(this.secret);
        this.verifier = JWT.require(this.algorithm).build();
    }

    public String createToken(SecurityRealmAuthentication securityRealmAuthentication) {
        return JWT.create().withSubject(securityRealmAuthentication.getName()).withClaim("realm", securityRealmAuthentication.getRealmName()).withClaim("nextAuthenticationStep", securityRealmAuthentication.getNextAuthenticationStep()).withClaim("authorities", (List) securityRealmAuthentication.m0getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).collect(Collectors.toList())).withExpiresAt(Instant.now().plus((TemporalAmount) this.tokenExpirationDuration)).sign(this.algorithm);
    }

    public SecurityRealmAuthentication verifyToken(String str) {
        try {
            DecodedJWT verify = this.verifier.verify(str);
            String subject = verify.getSubject();
            String asString = verify.getClaim("realm").asString();
            SecurityRealmAuthentication securityRealmAuthentication = new SecurityRealmAuthentication(subject, (Set) verify.getClaim("authorities").asList(String.class).stream().map(SimpleGrantedAuthority::new).collect(Collectors.toSet()), verify.getClaim("nextAuthenticationStep").asString());
            securityRealmAuthentication.setRealmName(asString);
            return securityRealmAuthentication;
        } catch (Exception e) {
            return null;
        }
    }
}
