package io.mosaicboot.core.auth.service;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.jose.JWEAlgorithm;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jwt.JWTClaimsSet;
import io.mosaicboot.core.auth.config.MosaicAuthProperties;
import io.mosaicboot.core.auth.oauth2.MosaicOAuth2RegisterToken;
import io.mosaicboot.core.auth.oauth2.OAuth2BasicInfo;
import io.mosaicboot.core.auth.oauth2.OAuth2RegisterTokenData;
import io.mosaicboot.core.domain.user.Authentication;
import io.mosaicboot.core.domain.user.TenantUser;
import io.mosaicboot.core.domain.user.User;
import io.mosaicboot.core.jwt.JweHelper;
import io.mosaicboot.core.jwt.JwkHelper;
import io.mosaicboot.core.jwt.JwtHelper;
import io.mosaicboot.core.user.auth.MosaicAuthenticatedToken;
import io.mosaicboot.core.user.model.ActiveTenantUser;
import io.mosaicboot.core.user.model.AuthTokenData;
import io.mosaicboot.core.user.model.OAuth2AccessTokenJson;
import io.mosaicboot.core.user.model.OAuth2RefreshTokenJson;
import io.mosaicboot.core.user.model.TenantLoginStatus;
import io.mosaicboot.core.user.service.UserService;
import io.mosaicboot.core.util.WebClientInfo;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.springframework.stereotype.Service;

/* compiled from: AuthTokenService.kt */
@Metadata(mv = {1, 9, 0}, k = 1, xi = 48, d1 = {"��\u0088\u0001\n\u0002\u0018\u0002\n\u0002\u0010��\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0017\u0018��2\u00020\u0001B\u001d\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007¢\u0006\u0002\u0010\bJ\u0010\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u0014H\u0016J:\u0010\u0015\u001a\u00020\u00162\u0006\u0010\u0013\u001a\u00020\u00142\u0006\u0010\u0017\u001a\u00020\u00182\u0006\u0010\u0019\u001a\u00020\u001a2\u0018\u0010\u001b\u001a\u0014\u0012\u0010\u0012\u000e\u0012\u0004\u0012\u00020\u001e\u0012\u0004\u0012\u00020\u001f0\u001d0\u001cH\u0016J*\u0010 \u001a\u00020!2\u0006\u0010\u0013\u001a\u00020\u00142\u0006\u0010\"\u001a\u00020#2\u0006\u0010$\u001a\u00020%2\b\u0010&\u001a\u0004\u0018\u00010'H\u0016J\u001a\u0010(\u001a\u00020\u00162\u0006\u0010)\u001a\u00020\u00122\b\u0010*\u001a\u0004\u0018\u00010+H\u0016J\u0010\u0010,\u001a\u00020!2\u0006\u0010)\u001a\u00020\u0012H\u0016R\u000e\u0010\t\u001a\u00020\nX\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u000b\u001a\u00020\fX\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\r\u001a\u00020\u000eX\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u000f\u001a\u00020\u0010X\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u0002\u001a\u00020\u0003X\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u0004\u001a\u00020\u0005X\u0092\u0004¢\u0006\u0002\n��R\u000e\u0010\u0006\u001a\u00020\u0007X\u0092\u0004¢\u0006\u0002\n��¨\u0006-"}, d2 = {"Lio/mosaicboot/core/auth/service/AuthTokenService;", "", "mosaicAuthProperties", "Lio/mosaicboot/core/auth/config/MosaicAuthProperties;", "objectMapper", "Lcom/fasterxml/jackson/databind/ObjectMapper;", "userService", "Lio/mosaicboot/core/user/service/UserService;", "(Lio/mosaicboot/core/auth/config/MosaicAuthProperties;Lcom/fasterxml/jackson/databind/ObjectMapper;Lio/mosaicboot/core/user/service/UserService;)V", "jweConfig", "Lio/mosaicboot/core/auth/config/MosaicAuthProperties$Jwe;", "jweTokenHelper", "Lio/mosaicboot/core/jwt/JweHelper;", "jwtConfig", "Lio/mosaicboot/core/auth/config/MosaicAuthProperties$Jwt;", "jwtTokenHelper", "Lio/mosaicboot/core/jwt/JwtHelper;", "getIss", "", "webClientInfo", "Lio/mosaicboot/core/util/WebClientInfo;", "issueAuthenticatedToken", "Lio/mosaicboot/core/user/auth/MosaicAuthenticatedToken;", "user", "Lio/mosaicboot/core/domain/user/User;", "authentication", "Lio/mosaicboot/core/domain/user/Authentication;", "tenantUsers", "", "Lkotlin/Pair;", "Lio/mosaicboot/core/domain/user/TenantUser;", "Lio/mosaicboot/core/user/model/TenantLoginStatus;", "issueSocialRegisterTokenData", "Lio/mosaicboot/core/auth/oauth2/MosaicOAuth2RegisterToken;", "basicInfo", "Lio/mosaicboot/core/auth/oauth2/OAuth2BasicInfo;", "accessToken", "Lio/mosaicboot/core/user/model/OAuth2AccessTokenJson;", "refreshToken", "Lio/mosaicboot/core/user/model/OAuth2RefreshTokenJson;", "verifyAuthenticatedToken", "token", "activeTenantUser", "Lio/mosaicboot/core/user/model/ActiveTenantUser;", "verifySocialRegisterTokenData", "mosaic-boot-core"})
@Service
@SourceDebugExtension({"SMAP\nAuthTokenService.kt\nKotlin\n*S Kotlin\n*F\n+ 1 AuthTokenService.kt\nio/mosaicboot/core/auth/service/AuthTokenService\n+ 2 fake.kt\nkotlin/jvm/internal/FakeKt\n+ 3 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n*L\n1#1,146:1\n1#2:147\n1549#3:148\n1620#3,3:149\n*S KotlinDebug\n*F\n+ 1 AuthTokenService.kt\nio/mosaicboot/core/auth/service/AuthTokenService\n*L\n85#1:148\n85#1:149,3\n*E\n"})
/* loaded from: input_file:io/mosaicboot/core/auth/service/AuthTokenService.class */
public class AuthTokenService {

    @NotNull
    private final MosaicAuthProperties mosaicAuthProperties;

    @NotNull
    private final ObjectMapper objectMapper;

    @NotNull
    private final UserService userService;

    @NotNull
    private final MosaicAuthProperties.Jwt jwtConfig;

    @NotNull
    private final JwtHelper jwtTokenHelper;

    @NotNull
    private final MosaicAuthProperties.Jwe jweConfig;

    @NotNull
    private final JweHelper jweTokenHelper;

    public AuthTokenService(@NotNull MosaicAuthProperties mosaicAuthProperties, @NotNull ObjectMapper objectMapper, @NotNull UserService userService) {
        Intrinsics.checkNotNullParameter(mosaicAuthProperties, "mosaicAuthProperties");
        Intrinsics.checkNotNullParameter(objectMapper, "objectMapper");
        Intrinsics.checkNotNullParameter(userService, "userService");
        this.mosaicAuthProperties = mosaicAuthProperties;
        this.objectMapper = objectMapper;
        this.userService = userService;
        this.jwtConfig = this.mosaicAuthProperties.getJwt();
        String upperCase = this.jwtConfig.getAlgorithm().toUpperCase(Locale.ROOT);
        Intrinsics.checkNotNullExpressionValue(upperCase, "toUpperCase(...)");
        JWSAlgorithm parse = JWSAlgorithm.parse(upperCase);
        Intrinsics.checkNotNull(parse);
        this.jwtTokenHelper = new JwtHelper(parse, JwkHelper.loadSecret$default(JwkHelper.INSTANCE, parse, this.jwtConfig.getSecret(), (String) null, 4, (Object) null), this.objectMapper, this.jwtConfig.getExpiration());
        this.jweConfig = this.mosaicAuthProperties.getJwe();
        String upperCase2 = this.jweConfig.getAlgorithm().toUpperCase(Locale.ROOT);
        Intrinsics.checkNotNullExpressionValue(upperCase2, "toUpperCase(...)");
        JWEAlgorithm parse2 = JWEAlgorithm.parse(upperCase2);
        Intrinsics.checkNotNull(parse2);
        this.jweTokenHelper = new JweHelper(parse2, JwkHelper.loadSecret$default(JwkHelper.INSTANCE, parse2, this.jweConfig.getSecret(), (String) null, 4, (Object) null), this.objectMapper, Long.valueOf(this.jweConfig.getExpiration()));
    }

    @NotNull
    public String getIss(@NotNull WebClientInfo webClientInfo) {
        Intrinsics.checkNotNullParameter(webClientInfo, "webClientInfo");
        String issuer = this.jwtConfig.getIssuer();
        String str = issuer.length() > 0 ? issuer : null;
        return str == null ? webClientInfo.getHost() : str;
    }

    @NotNull
    public MosaicAuthenticatedToken issueAuthenticatedToken(@NotNull WebClientInfo webClientInfo, @NotNull User user, @NotNull Authentication authentication, @NotNull List<? extends Pair<? extends TenantUser, ? extends TenantLoginStatus>> list) {
        Intrinsics.checkNotNullParameter(webClientInfo, "webClientInfo");
        Intrinsics.checkNotNullParameter(user, "user");
        Intrinsics.checkNotNullParameter(authentication, "authentication");
        Intrinsics.checkNotNullParameter(list, "tenantUsers");
        JWTClaimsSet.Builder subject = new JWTClaimsSet.Builder().issuer(getIss(webClientInfo)).subject(user.getId());
        JwtHelper jwtHelper = this.jwtTokenHelper;
        Intrinsics.checkNotNull(subject);
        String id = user.getId();
        String id2 = authentication.getId();
        List<? extends Pair<? extends TenantUser, ? extends TenantLoginStatus>> list2 = list;
        ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(list2, 10));
        Iterator<T> it = list2.iterator();
        while (it.hasNext()) {
            Pair pair = (Pair) it.next();
            arrayList.add(new AuthTokenData.TenantItem(((TenantUser) pair.getFirst()).getTenantId(), ((TenantUser) pair.getFirst()).getId(), (TenantLoginStatus) pair.getSecond()));
        }
        return new MosaicAuthenticatedToken(jwtHelper.encode(subject, new AuthTokenData(id, id2, arrayList)), user.getId(), authentication.getId(), null);
    }

    @NotNull
    public MosaicAuthenticatedToken verifyAuthenticatedToken(@NotNull String str, @Nullable ActiveTenantUser activeTenantUser) {
        Intrinsics.checkNotNullParameter(str, "token");
        AuthTokenData authTokenData = (AuthTokenData) this.jwtTokenHelper.decode(str, AuthTokenData.class);
        return new MosaicAuthenticatedToken(str, authTokenData.getUserId(), authTokenData.getAuthId(), null);
    }

    @NotNull
    public MosaicOAuth2RegisterToken issueSocialRegisterTokenData(@NotNull WebClientInfo webClientInfo, @NotNull OAuth2BasicInfo oAuth2BasicInfo, @NotNull OAuth2AccessTokenJson oAuth2AccessTokenJson, @Nullable OAuth2RefreshTokenJson oAuth2RefreshTokenJson) {
        Intrinsics.checkNotNullParameter(webClientInfo, "webClientInfo");
        Intrinsics.checkNotNullParameter(oAuth2BasicInfo, "basicInfo");
        Intrinsics.checkNotNullParameter(oAuth2AccessTokenJson, "accessToken");
        JWTClaimsSet.Builder issuer = new JWTClaimsSet.Builder().issuer(getIss(webClientInfo));
        OAuth2RegisterTokenData oAuth2RegisterTokenData = new OAuth2RegisterTokenData(oAuth2BasicInfo.getProvider(), oAuth2BasicInfo.getId(), oAuth2BasicInfo.getName(), oAuth2BasicInfo.getEmail(), oAuth2AccessTokenJson, oAuth2RefreshTokenJson);
        JweHelper jweHelper = this.jweTokenHelper;
        Intrinsics.checkNotNull(issuer);
        return new MosaicOAuth2RegisterToken(jweHelper.encode(issuer, oAuth2RegisterTokenData), oAuth2RegisterTokenData);
    }

    @NotNull
    public MosaicOAuth2RegisterToken verifySocialRegisterTokenData(@NotNull String str) {
        Intrinsics.checkNotNullParameter(str, "token");
        return new MosaicOAuth2RegisterToken(str, (OAuth2RegisterTokenData) this.jweTokenHelper.decode(str, OAuth2RegisterTokenData.class));
    }
}
