package org.springblade.auth.utils;

import java.util.Base64;
import java.util.Calendar;
import java.util.Date;
import org.springblade.core.tenant.BladeTenantProperties;
import org.springblade.core.tool.jackson.JsonUtil;
import org.springblade.core.tool.utils.Charsets;
import org.springblade.core.tool.utils.DateUtil;
import org.springblade.core.tool.utils.DesUtil;
import org.springblade.core.tool.utils.SpringUtil;
import org.springblade.core.tool.utils.StringUtil;
import org.springblade.core.tool.utils.WebUtil;
import org.springblade.system.entity.Tenant;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException;
import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;

/* loaded from: input_file:org/springblade/auth/utils/TokenUtil.class */
public class TokenUtil {
    public static final String AVATAR = "avatar";
    public static final String ACCOUNT = "account";
    public static final String USER_NAME = "user_name";
    public static final String NICK_NAME = "nick_name";
    public static final String REAL_NAME = "real_name";
    public static final String USER_ID = "user_id";
    public static final String DEPT_ID = "dept_id";
    public static final String POST_ID = "post_id";
    public static final String ROLE_ID = "role_id";
    public static final String ROLE_NAME = "role_name";
    public static final String ROLE_ID_NAME = "role_id_name";
    public static final String TENANT_ID = "tenant_id";
    public static final String OAUTH_ID = "oauth_id";
    public static final String CLIENT_ID = "client_id";
    public static final String DETAIL = "detail";
    public static final String LICENSE = "license";
    public static final String LICENSE_NAME = "powered by bladex";
    public static final String GRANT_TYPE = "grant_type";
    public static final String DEPT_HEADER_KEY = "Dept-Id";
    public static final String ROLE_HEADER_KEY = "Role-Id";
    public static final String CAPTCHA_HEADER_KEY = "Captcha-Key";
    public static final String CAPTCHA_HEADER_CODE = "Captcha-Code";
    public static final String CAPTCHA_NOT_CORRECT = "验证码不正确";
    public static final String TENANT_HEADER_KEY = "Tenant-Id";
    public static final String TENANT_PARAM_KEY = "tenant_id";
    public static final String DEFAULT_TENANT_ID = "000000";
    public static final String TENANT_NOT_FOUND = "租户ID未找到";
    public static final String USER_TYPE_HEADER_KEY = "User-Type";
    public static final String DEFAULT_USER_TYPE = "web";
    public static final String USER_NOT_FOUND = "用户名或密码错误";
    public static final String USER_HAS_NO_ROLE = "未获得用户的角色信息";
    public static final String USER_HAS_NO_TENANT = "未获得用户的租户信息";
    public static final String USER_SINGLE_ROLE_NOT_FOUNDD = "所选择角色不存在";
    public static final String ACCOUNT_NOT_FOUND = "用户不存在";
    public static final String USER_SINGLE_ROLE_HAS_NO_PERMISSION = "所选择角色未授权";
    public static final String USER_HAS_NO_TENANT_PERMISSION = "租户授权已过期,请联系管理员";
    public static final String USER_HAS_TOO_MANY_FAILS = "登录错误次数过多,请稍后再试";
    public static final String HEADER_KEY = "Authorization";
    public static final String HEADER_PREFIX = "Basic ";
    public static final String DEFAULT_AVATAR = "";
    public static final String PASSWORD_KEY = "password";
    public static final String GRANT_TYPE_KEY = "grant_type";
    public static final String REFRESH_TOKEN_KEY = "refresh_token";
    public static final String ROLE_ALIAS_TEACHER = "teacher";
    public static final String ROLE_ALIAS_STUDENT = "student";
    private static BladeTenantProperties tenantProperties;

    private static BladeTenantProperties getTenantProperties() {
        if (tenantProperties == null) {
            tenantProperties = (BladeTenantProperties) SpringUtil.getBean(BladeTenantProperties.class);
        }
        return tenantProperties;
    }

    public static String[] extractAndDecodeHeader() {
        String header = WebUtil.getRequest().getHeader(HEADER_KEY);
        if (header == null || !header.startsWith(HEADER_PREFIX)) {
            throw new UnapprovedClientAuthenticationException("请求头中无client信息");
        }
        try {
            String str = new String(Base64.getDecoder().decode(header.substring(6).getBytes(Charsets.UTF_8_NAME)), Charsets.UTF_8_NAME);
            int indexOf = str.indexOf(":");
            if (indexOf == -1) {
                throw new BadCredentialsException("Invalid basic authentication token");
            }
            return new String[]{str.substring(0, indexOf), str.substring(indexOf + 1)};
        } catch (IllegalArgumentException e) {
            throw new BadCredentialsException("Failed to decode basic authentication token");
        }
    }

    public static String getClientIdFromHeader() {
        return extractAndDecodeHeader()[0];
    }

    public static int getTokenValiditySecond() {
        Calendar calendar = Calendar.getInstance();
        calendar.add(6, 1);
        calendar.set(11, 3);
        calendar.set(13, 0);
        calendar.set(12, 0);
        calendar.set(14, 0);
        return ((int) (calendar.getTimeInMillis() - System.currentTimeMillis())) / 1000;
    }

    public static int getRefreshTokenValiditySeconds() {
        return 1296000;
    }

    public static boolean judgeTenant(Tenant tenant) {
        if (tenant == null || tenant.getId() == null) {
            throw new UserDeniedAuthorizationException(USER_HAS_NO_TENANT);
        }
        if (StringUtil.equalsIgnoreCase(tenant.getTenantId(), DEFAULT_TENANT_ID)) {
            return false;
        }
        Date expireTime = tenant.getExpireTime();
        if (getTenantProperties().getLicense().booleanValue()) {
            expireTime = ((Tenant) JsonUtil.parse(DesUtil.decryptFormHex(tenant.getLicenseKey(), "0000000000000000"), Tenant.class)).getExpireTime();
        }
        if (expireTime == null || !expireTime.before(DateUtil.now())) {
            return false;
        }
        throw new UserDeniedAuthorizationException(USER_HAS_NO_TENANT_PERMISSION);
    }
}
