package com.dynfi.services;

import com.dynfi.security.JwtTokenType;
import com.dynfi.storage.entities.User;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.Jws;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.MalformedJwtException;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.UnsupportedJwtException;
import io.jsonwebtoken.security.Keys;
import io.jsonwebtoken.security.SecurityException;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Date;
import java.util.UUID;
import javax.crypto.SecretKey;
import javax.inject.Inject;
import javax.inject.Named;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.tuple.Pair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/dynfi/services/JwtServiceImpl.class */
public class JwtServiceImpl implements JwtService {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) JwtServiceImpl.class);
    public static final String TOKEN_TYPE = "type";
    private final JwtParser jwtParser;
    private final SecretKey key;
    private final UserService userService;

    @Inject
    public JwtServiceImpl(@Named("jwtKey") String str, UserService userService) {
        this.userService = userService;
        if (StringUtils.isBlank(str)) {
            this.key = Keys.secretKeyFor(SignatureAlgorithm.HS512);
        } else {
            this.key = Keys.hmacShaKeyFor(str.getBytes());
            if (!this.key.getAlgorithm().equals(SignatureAlgorithm.HS512.getJcaName())) {
                logger.error("Unable to generate JWT key based on jwtKey in configuration. Please provide jwtKey with at least 64 characters.");
            }
        }
        this.jwtParser = Jwts.parserBuilder().setSigningKey(this.key).build();
    }

    @Override // com.dynfi.services.JwtService
    public Pair<String, JwtTokenType> parseTokenToSubjectAndType(String str) throws ExpiredJwtException, UnsupportedJwtException, MalformedJwtException, SecurityException, IllegalArgumentException {
        Jws<Claims> parseClaimsJws = this.jwtParser.parseClaimsJws(str);
        String subject = parseClaimsJws.getBody().getSubject();
        String str2 = (String) parseClaimsJws.getBody().get("type");
        try {
            return Pair.of(subject, JwtTokenType.valueOf(str2));
        } catch (Exception e) {
            throw new UnsupportedJwtException("Unsupported JWT token type: " + str2);
        }
    }

    @Override // com.dynfi.services.JwtService
    public String parseTokenToSubject(String str) throws ExpiredJwtException, UnsupportedJwtException, MalformedJwtException, SecurityException, IllegalArgumentException {
        return parseTokenToSubjectAndType(str).getLeft();
    }

    @Override // com.dynfi.services.JwtService
    public String issueToken(User user, String str) {
        return issueToken(user, str, JwtTokenType.BASIC);
    }

    @Override // com.dynfi.services.JwtService
    public String issueOneTimePasswordToken(User user, String str) {
        return issueToken(user, str, JwtTokenType.OTP);
    }

    private String issueToken(User user, String str, JwtTokenType jwtTokenType) {
        UUID randomUUID = UUID.randomUUID();
        Date date = new Date();
        return Jwts.builder().setId(randomUUID.toString()).setSubject(user.getLogin()).claim("type", jwtTokenType.toString()).setIssuer(str).setIssuedAt(date).setNotBefore(date).setExpiration(Date.from(Instant.now().plus((TemporalAmount) this.userService.getSessionTimeout(user)))).signWith(this.key).compact();
    }
}
