package io.github.censodev.jauthlibcore;

import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.json.JsonMapper;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.jackson.io.JacksonDeserializer;
import io.jsonwebtoken.jackson.io.JacksonSerializer;
import io.jsonwebtoken.security.Keys;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.util.Date;
import java.util.Map;
import lombok.NonNull;

/* loaded from: input_file:io/github/censodev/jauthlibcore/TokenProvider.class */
public class TokenProvider {
    private String header;
    private String prefix;
    private Integer expireInMillisecond;
    private Integer refreshTokenExpireInMillisecond;

    @NonNull
    private String secret;
    private String credentialClaimKey;
    private SignatureAlgorithm signatureAlgorithm;
    private ObjectMapper mapper;

    /* loaded from: input_file:io/github/censodev/jauthlibcore/TokenProvider$TokenProviderBuilder.class */
    public static abstract class TokenProviderBuilder<C extends TokenProvider, B extends TokenProviderBuilder<C, B>> {
        private boolean header$set;
        private String header$value;
        private boolean prefix$set;
        private String prefix$value;
        private boolean expireInMillisecond$set;
        private Integer expireInMillisecond$value;
        private boolean refreshTokenExpireInMillisecond$set;
        private Integer refreshTokenExpireInMillisecond$value;
        private String secret;
        private boolean credentialClaimKey$set;
        private String credentialClaimKey$value;
        private boolean signatureAlgorithm$set;
        private SignatureAlgorithm signatureAlgorithm$value;
        private boolean mapper$set;
        private ObjectMapper mapper$value;

        protected B $fillValuesFrom(C c) {
            $fillValuesFromInstanceIntoBuilder(c, this);
            return self();
        }

        private static void $fillValuesFromInstanceIntoBuilder(TokenProvider tokenProvider, TokenProviderBuilder<?, ?> tokenProviderBuilder) {
            tokenProviderBuilder.header(tokenProvider.header);
            tokenProviderBuilder.prefix(tokenProvider.prefix);
            tokenProviderBuilder.expireInMillisecond(tokenProvider.expireInMillisecond);
            tokenProviderBuilder.refreshTokenExpireInMillisecond(tokenProvider.refreshTokenExpireInMillisecond);
            tokenProviderBuilder.secret(tokenProvider.secret);
            tokenProviderBuilder.credentialClaimKey(tokenProvider.credentialClaimKey);
            tokenProviderBuilder.signatureAlgorithm(tokenProvider.signatureAlgorithm);
            tokenProviderBuilder.mapper(tokenProvider.mapper);
        }

        protected abstract B self();

        public abstract C build();

        public B header(String str) {
            this.header$value = str;
            this.header$set = true;
            return self();
        }

        public B prefix(String str) {
            this.prefix$value = str;
            this.prefix$set = true;
            return self();
        }

        public B expireInMillisecond(Integer num) {
            this.expireInMillisecond$value = num;
            this.expireInMillisecond$set = true;
            return self();
        }

        public B refreshTokenExpireInMillisecond(Integer num) {
            this.refreshTokenExpireInMillisecond$value = num;
            this.refreshTokenExpireInMillisecond$set = true;
            return self();
        }

        public B secret(@NonNull String str) {
            if (str == null) {
                throw new NullPointerException("secret is marked non-null but is null");
            }
            this.secret = str;
            return self();
        }

        public B credentialClaimKey(String str) {
            this.credentialClaimKey$value = str;
            this.credentialClaimKey$set = true;
            return self();
        }

        public B signatureAlgorithm(SignatureAlgorithm signatureAlgorithm) {
            this.signatureAlgorithm$value = signatureAlgorithm;
            this.signatureAlgorithm$set = true;
            return self();
        }

        public B mapper(ObjectMapper objectMapper) {
            this.mapper$value = objectMapper;
            this.mapper$set = true;
            return self();
        }

        public String toString() {
            return "TokenProvider.TokenProviderBuilder(header$value=" + this.header$value + ", prefix$value=" + this.prefix$value + ", expireInMillisecond$value=" + this.expireInMillisecond$value + ", refreshTokenExpireInMillisecond$value=" + this.refreshTokenExpireInMillisecond$value + ", secret=" + this.secret + ", credentialClaimKey$value=" + this.credentialClaimKey$value + ", signatureAlgorithm$value=" + this.signatureAlgorithm$value + ", mapper$value=" + this.mapper$value + ")";
        }
    }

    /* loaded from: input_file:io/github/censodev/jauthlibcore/TokenProvider$TokenProviderBuilderImpl.class */
    private static final class TokenProviderBuilderImpl extends TokenProviderBuilder<TokenProvider, TokenProviderBuilderImpl> {
        private TokenProviderBuilderImpl() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // io.github.censodev.jauthlibcore.TokenProvider.TokenProviderBuilder
        public TokenProviderBuilderImpl self() {
            return this;
        }

        @Override // io.github.censodev.jauthlibcore.TokenProvider.TokenProviderBuilder
        public TokenProvider build() {
            return new TokenProvider(this);
        }
    }

    public <T extends CanAuth> String generateAccessToken(T t) {
        return generateToken(t, this.expireInMillisecond);
    }

    public <T extends CanAuth> String generateRefreshToken(T t) {
        return generateToken(t, this.refreshTokenExpireInMillisecond);
    }

    public Object getPrinciple(String str) {
        return getClaims(str).getSubject();
    }

    public <T extends CanAuth> T getCredential(String str, Class<T> cls) {
        return (T) this.mapper.convertValue((Map) getClaims(str).get(this.credentialClaimKey, Map.class), cls);
    }

    public void validateToken(String str) throws JwtException {
        Jwts.parserBuilder().setSigningKey(getKey()).build().parseClaimsJws(str);
    }

    private <T extends CanAuth> String generateToken(T t, Integer num) {
        Date date = new Date();
        return Jwts.builder().serializeToJsonWith(new JacksonSerializer(this.mapper)).setSubject(t.principle().toString()).claim(this.credentialClaimKey, t).setIssuedAt(date).setExpiration(new Date(date.getTime() + num.intValue())).signWith(getKey(), this.signatureAlgorithm).compact();
    }

    private Key getKey() {
        return Keys.hmacShaKeyFor(this.secret.getBytes(StandardCharsets.UTF_8));
    }

    private Claims getClaims(String str) {
        return (Claims) Jwts.parserBuilder().deserializeJsonWith(new JacksonDeserializer(this.mapper)).setSigningKey(getKey()).build().parseClaimsJws(str).getBody();
    }

    private static String $default$header() {
        return "Authorization";
    }

    private static String $default$prefix() {
        return "Bearer ";
    }

    private static Integer $default$expireInMillisecond() {
        return 3600000;
    }

    private static Integer $default$refreshTokenExpireInMillisecond() {
        return 86400000;
    }

    private static String $default$credentialClaimKey() {
        return "credential";
    }

    private static ObjectMapper $default$mapper() {
        return JsonMapper.builder().findAndAddModules().disable(new SerializationFeature[]{SerializationFeature.WRITE_DATES_AS_TIMESTAMPS}).disable(new DeserializationFeature[]{DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES}).build();
    }

    protected TokenProvider(TokenProviderBuilder<?, ?> tokenProviderBuilder) {
        if (((TokenProviderBuilder) tokenProviderBuilder).header$set) {
            this.header = ((TokenProviderBuilder) tokenProviderBuilder).header$value;
        } else {
            this.header = $default$header();
        }
        if (((TokenProviderBuilder) tokenProviderBuilder).prefix$set) {
            this.prefix = ((TokenProviderBuilder) tokenProviderBuilder).prefix$value;
        } else {
            this.prefix = $default$prefix();
        }
        if (((TokenProviderBuilder) tokenProviderBuilder).expireInMillisecond$set) {
            this.expireInMillisecond = ((TokenProviderBuilder) tokenProviderBuilder).expireInMillisecond$value;
        } else {
            this.expireInMillisecond = $default$expireInMillisecond();
        }
        if (((TokenProviderBuilder) tokenProviderBuilder).refreshTokenExpireInMillisecond$set) {
            this.refreshTokenExpireInMillisecond = ((TokenProviderBuilder) tokenProviderBuilder).refreshTokenExpireInMillisecond$value;
        } else {
            this.refreshTokenExpireInMillisecond = $default$refreshTokenExpireInMillisecond();
        }
        this.secret = ((TokenProviderBuilder) tokenProviderBuilder).secret;
        if (this.secret == null) {
            throw new NullPointerException("secret is marked non-null but is null");
        }
        if (((TokenProviderBuilder) tokenProviderBuilder).credentialClaimKey$set) {
            this.credentialClaimKey = ((TokenProviderBuilder) tokenProviderBuilder).credentialClaimKey$value;
        } else {
            this.credentialClaimKey = $default$credentialClaimKey();
        }
        if (((TokenProviderBuilder) tokenProviderBuilder).signatureAlgorithm$set) {
            this.signatureAlgorithm = ((TokenProviderBuilder) tokenProviderBuilder).signatureAlgorithm$value;
        } else {
            this.signatureAlgorithm = SignatureAlgorithm.HS256;
        }
        if (((TokenProviderBuilder) tokenProviderBuilder).mapper$set) {
            this.mapper = ((TokenProviderBuilder) tokenProviderBuilder).mapper$value;
        } else {
            this.mapper = $default$mapper();
        }
    }

    public static TokenProviderBuilder<?, ?> builder() {
        return new TokenProviderBuilderImpl();
    }

    public TokenProviderBuilder<?, ?> toBuilder() {
        return new TokenProviderBuilderImpl().$fillValuesFrom(this);
    }

    public String getHeader() {
        return this.header;
    }

    public String getPrefix() {
        return this.prefix;
    }

    public Integer getExpireInMillisecond() {
        return this.expireInMillisecond;
    }

    public Integer getRefreshTokenExpireInMillisecond() {
        return this.refreshTokenExpireInMillisecond;
    }

    @NonNull
    public String getSecret() {
        return this.secret;
    }

    public String getCredentialClaimKey() {
        return this.credentialClaimKey;
    }

    public SignatureAlgorithm getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public ObjectMapper getMapper() {
        return this.mapper;
    }
}
