package com.supwisdom.infras.security.reactive.jwt;

import com.supwisdom.infras.security.core.userdetails.InfrasUser;
import com.supwisdom.infras.security.utils.JWTTokenUtil;
import io.jsonwebtoken.Claims;
import java.util.HashMap;
import java.util.Iterator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.beans.propertyeditors.StringArrayPropertyEditor;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.ReactiveAuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Mono;

@RestController
/* loaded from: input_file:BOOT-INF/lib/infras-security-0.1.2-SNAPSHOT.jar:com/supwisdom/infras/security/reactive/jwt/JWTTokenController.class */
public class JWTTokenController {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) JWTTokenController.class);

    @Value("${infras.security.jwt.token.sign.enabled:false}")
    private boolean signEnabled;

    @Value("${infras.security.jwt.token.sign.key:}")
    private String signKey;

    @Value("${infras.security.jwt.token.authorization.prefix:Bearer}")
    private String authorizationPrefix;

    @Autowired
    private ReactiveAuthenticationManager reactiveAuthenticationManager;

    @Autowired
    private ReactiveUserDetailsService reactiveUserDetailsService;

    @Autowired
    private AuthenticationEventPublisher eventPublisher;

    @Autowired
    private JWTTokenUtil jwtTokenUtil;

    @PostMapping(path = {"/jwt/token/login"}, consumes = {"application/json"})
    public Mono<String> login(@RequestBody LoginRequest loginRequest) throws AuthenticationException {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loginRequest.getUsername(), loginRequest.getPassword());
        return Mono.just(usernamePasswordAuthenticationToken).flatMap(usernamePasswordAuthenticationToken2 -> {
            return this.reactiveAuthenticationManager.authenticate(usernamePasswordAuthenticationToken2);
        }).onErrorResume(th -> {
            if (AuthenticationException.class.isInstance(th)) {
                this.eventPublisher.publishAuthenticationFailure((AuthenticationException) th, usernamePasswordAuthenticationToken);
            } else {
                this.eventPublisher.publishAuthenticationFailure(new BadCredentialsException(th.getMessage()), usernamePasswordAuthenticationToken);
            }
            return Mono.error(th);
        }).map(authentication -> {
            if (authentication.isAuthenticated() && InfrasUser.class.isInstance(authentication.getPrincipal())) {
                this.eventPublisher.publishAuthenticationSuccess(authentication);
            } else {
                this.eventPublisher.publishAuthenticationFailure(new BadCredentialsException("Invalid Credentials"), authentication);
            }
            return authentication;
        }).filter(authentication2 -> {
            return authentication2.isAuthenticated() && (authentication2.getPrincipal() instanceof InfrasUser);
        }).switchIfEmpty(Mono.defer(() -> {
            return Mono.error(new BadCredentialsException("Invalid Credentials"));
        })).map((v0) -> {
            return v0.getPrincipal();
        }).cast(InfrasUser.class).map(infrasUser -> {
            return generateToken(infrasUser);
        });
    }

    private String generateToken(InfrasUser infrasUser) {
        HashMap hashMap = new HashMap();
        hashMap.put(Claims.SUBJECT, infrasUser.getUsername());
        String str = "";
        Iterator<GrantedAuthority> it = infrasUser.getAuthorities().iterator();
        while (it.hasNext()) {
            str = str + (str.length() > 0 ? StringArrayPropertyEditor.DEFAULT_SEPARATOR : "") + it.next().getAuthority();
        }
        hashMap.put("ROLES", str);
        for (String str2 : infrasUser.getAttributes().keySet()) {
            hashMap.put("ATTR_" + str2, infrasUser.getAttributes().get(str2));
        }
        return this.jwtTokenUtil.generateToken(hashMap);
    }

    @GetMapping(path = {"/jwt/token/refreshToken"})
    public String refreshToken(@RequestHeader("Authorization") String str) throws AuthenticationException {
        if (str == null || !str.toLowerCase().startsWith(this.authorizationPrefix.toLowerCase())) {
            return "authorization error";
        }
        return this.jwtTokenUtil.refreshToken(str.substring(this.authorizationPrefix.length() + 1));
    }

    @GetMapping(path = {"/jwt/token/logout"})
    public String expireToken(@RequestHeader("Authorization") String str) throws AuthenticationException {
        if (str == null || !str.toLowerCase().startsWith(this.authorizationPrefix.toLowerCase())) {
            return "authorization error";
        }
        this.jwtTokenUtil.expireToken(str.substring(this.authorizationPrefix.length() + 1));
        return "success";
    }
}
