package org.apache.shenyu.plugin.jwt;

import io.jsonwebtoken.Jwt;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.JwtParserBuilder;
import io.jsonwebtoken.Jwts;
import java.nio.charset.StandardCharsets;
import java.util.Map;
import java.util.Objects;
import org.apache.commons.lang3.StringUtils;
import org.apache.shenyu.common.dto.RuleData;
import org.apache.shenyu.common.dto.SelectorData;
import org.apache.shenyu.common.enums.PluginEnum;
import org.apache.shenyu.common.utils.Singleton;
import org.apache.shenyu.plugin.api.ShenyuPluginChain;
import org.apache.shenyu.plugin.api.result.ShenyuResultEnum;
import org.apache.shenyu.plugin.api.result.ShenyuResultWrap;
import org.apache.shenyu.plugin.api.utils.WebFluxResultUtils;
import org.apache.shenyu.plugin.base.AbstractShenyuPlugin;
import org.apache.shenyu.plugin.base.utils.CacheKeyUtils;
import org.apache.shenyu.plugin.jwt.config.JwtConfig;
import org.apache.shenyu.plugin.jwt.exception.ThrowingFunction;
import org.apache.shenyu.plugin.jwt.handle.JwtPluginDataHandler;
import org.apache.shenyu.plugin.jwt.rule.JwtRuleHandle;
import org.apache.shenyu.plugin.jwt.strategy.JwtConvertStrategyFactory;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/apache/shenyu/plugin/jwt/JwtPlugin.class */
public class JwtPlugin extends AbstractShenyuPlugin {
    private static final String TOKEN = "token";
    private static final String AUTH2_TOKEN = "Bearer";

    protected Mono<Void> doExecute(ServerWebExchange serverWebExchange, ShenyuPluginChain shenyuPluginChain, SelectorData selectorData, RuleData ruleData) {
        JwtConfig jwtConfig = (JwtConfig) Singleton.INST.get(JwtConfig.class);
        String first = serverWebExchange.getRequest().getHeaders().getFirst("Authorization");
        String first2 = serverWebExchange.getRequest().getHeaders().getFirst(TOKEN);
        if (StringUtils.isEmpty(jwtConfig.getSecretKey())) {
            return WebFluxResultUtils.result(serverWebExchange, ShenyuResultWrap.error(serverWebExchange, ShenyuResultEnum.SECRET_KEY_MUST_BE_CONFIGURED));
        }
        Map<String, Object> checkAuthorization = checkAuthorization(compatible(first2, first), jwtConfig.getSecretKey());
        return Objects.isNull(checkAuthorization) ? WebFluxResultUtils.result(serverWebExchange, ShenyuResultWrap.error(serverWebExchange, ShenyuResultEnum.ERROR_TOKEN)) : (Objects.isNull(ruleData) || Objects.isNull(ruleData.getHandle())) ? shenyuPluginChain.execute(serverWebExchange) : shenyuPluginChain.execute(executeRuleHandle(ruleData, serverWebExchange, checkAuthorization));
    }

    public String named() {
        return PluginEnum.JWT.getName();
    }

    public int getOrder() {
        return PluginEnum.JWT.getCode();
    }

    private ServerWebExchange executeRuleHandle(RuleData ruleData, ServerWebExchange serverWebExchange, Map<String, Object> map) {
        JwtRuleHandle jwtRuleHandle = (JwtRuleHandle) JwtPluginDataHandler.CACHED_HANDLE.get().obtainHandle(CacheKeyUtils.INST.getKey(ruleData));
        return Objects.isNull(jwtRuleHandle) ? serverWebExchange : JwtConvertStrategyFactory.newInstance(jwtRuleHandle.getHandleType()).convert(jwtRuleHandle, serverWebExchange, map);
    }

    private String compatible(String str, String str2) {
        String str3;
        if (StringUtils.isNotEmpty(str)) {
            str3 = str;
        } else {
            if (!StringUtils.isNotEmpty(str2)) {
                return null;
            }
            str3 = str2;
        }
        return isAuth2(str3) ? str3.split(" ")[1] : str3;
    }

    private boolean isAuth2(String str) {
        return str.contains(AUTH2_TOKEN);
    }

    private Map<String, Object> checkAuthorization(String str, String str2) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        JwtParserBuilder parserBuilder = Jwts.parserBuilder();
        if (!parserBuilder.build().isSigned(str)) {
            return null;
        }
        parserBuilder.setSigningKey(str2.getBytes(StandardCharsets.UTF_8));
        JwtParser build = parserBuilder.build();
        Jwt jwt = (Jwt) ThrowingFunction.wrap(() -> {
            return build.parse(str);
        });
        if (jwt == null) {
            return null;
        }
        return (Map) jwt.getBody();
    }
}
