package net.orivis.auth.role_validator;

import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.security.Keys;
import java.nio.charset.StandardCharsets;
import java.util.Calendar;
import java.util.Date;
import java.util.UUID;
import lombok.Generated;
import net.orivis.auth.entity.ActiveToken;
import net.orivis.auth.entity.RefreshToken;
import net.orivis.auth.form.UserInScopeForm;
import net.orivis.auth.repository.ActiveTokensRepo;
import net.orivis.auth.repository.RefreshTokenRepository;
import net.orivis.auth.service.RefreshTokenService;
import net.orivis.shared.annotations.DataRetrieverDescription;
import net.orivis.shared.auth_client.form.UserData;
import net.orivis.shared.config.WebContext;
import net.orivis.shared.model.IDPresenter;
import net.orivis.shared.postgres.service.PaginationService;
import net.orivis.shared.scopes.model.ScopeModel;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@DataRetrieverDescription(model = RefreshToken.class, form = UserInScopeForm.class, repo = RefreshTokenRepository.class)
@Component
/* loaded from: input_file:net/orivis/auth/role_validator/RefreshTokenProvider.class */
public class RefreshTokenProvider extends PaginationService<RefreshToken> {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(RefreshTokenProvider.class);
    private final RefreshTokenRepository refreshTokenRepository;
    private final ActiveTokensRepo activeTokensRepo;

    public RefreshTokenProvider(WebContext webContext, RefreshTokenRepository refreshTokenRepository, ActiveTokensRepo activeTokensRepo) {
        super(webContext);
        this.refreshTokenRepository = refreshTokenRepository;
        this.activeTokensRepo = activeTokensRepo;
    }

    public RefreshToken createRefreshToken(UserData userData, String str, ScopeModel scopeModel) {
        IDPresenter active = getActive(userData.getId(), str, scopeModel);
        if (active != null) {
            active.setActive(false);
            active.setClosed(new Date());
            IDPresenter iDPresenter = (ActiveToken) this.activeTokensRepo.findByRefreshTokenId(active.getId()).orElse(null);
            if (iDPresenter != null) {
                iDPresenter.setActive(false);
                iDPresenter.setClosed(new Date());
                this.activeTokensRepo.save(iDPresenter);
            }
            this.refreshTokenRepository.save(active);
        }
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date());
        calendar.add(12, getRefreshTokenValidity());
        log.debug("We start refresh Jwts Building...");
        String compact = Jwts.builder().setSubject(userData.getEmail()).setIssuer(TokenProvider.ISSUER).setId(UUID.randomUUID().toString()).claim("scope", scopeModel).claim(TokenProvider.USER_EMAIL, userData.getEmail()).claim("login", userData.getLogin()).claim("type", str).signWith(Keys.hmacShaKeyFor(scopeModel.getRefreshSecretKey().getBytes(StandardCharsets.UTF_8))).setExpiration(calendar.getTime()).compact();
        IDPresenter refreshToken = new RefreshToken();
        refreshToken.setRefreshToken(compact);
        refreshToken.setDue(calendar.getTime());
        refreshToken.setActive(true);
        refreshToken.setType(str);
        refreshToken.setScope(scopeModel);
        refreshToken.setUserDataId(userData.getId());
        return this.refreshTokenRepository.save(refreshToken);
    }

    public void removeRefreshToken(RefreshToken refreshToken) {
        if (refreshToken != null) {
            refreshToken.setActive(false);
            refreshToken.setClosed(new Date());
            ((RefreshTokenService) getContext().getBean(RefreshTokenService.class)).save(refreshToken);
        }
    }

    private RefreshToken getActive(Long l, String str, ScopeModel scopeModel) {
        return (RefreshToken) filteredFirst(getFilterImpl().eq("userDataId", l).and(getFilterImpl().eq("active", true)).and(getFilterImpl().eq("type", str)).and(getFilterImpl().eq("scope", scopeModel)).and(getFilterImpl().isNull("closed"))).orElse(null);
    }

    private int getRefreshTokenValidity() {
        return ((Integer) getContext().getEnv("dennis.systems.security.refresh.validity", 10000)).intValue();
    }
}
