package org.springblade.gateway.util;

import cn.hutool.json.JSONUtil;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Date;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.util.Base64Utils;

@Configuration
/* loaded from: input_file:org/springblade/gateway/util/XIdTokenUtils.class */
public class XIdTokenUtils {

    @Value("${X-Id-Token.publicKeyUrl}")
    private String publicKeyUrl;

    @Value("${request.token.config.enableVerify}")
    private boolean enableVerify;
    private static final Logger log = LoggerFactory.getLogger(XIdTokenUtils.class);
    public static String publicKeyPem = null;

    public boolean isTokenExpired(String str) {
        try {
            Claims claimsFromToken = getClaimsFromToken(str);
            if (claimsFromToken == null || !claimsFromToken.getExpiration().after(new Date())) {
                return true;
            }
            log.info(claimsFromToken.toString());
            return false;
        } catch (Exception e) {
            e.printStackTrace();
            return true;
        }
    }

    public String getSubject(String str) {
        if (!this.enableVerify) {
            return getSubjectByNoVerify(str);
        }
        try {
            Claims claimsFromToken = getClaimsFromToken(str);
            if (claimsFromToken == null || !claimsFromToken.getExpiration().after(new Date())) {
                return null;
            }
            log.info(claimsFromToken.toString());
            return claimsFromToken.getSubject();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    private String getSubjectByNoVerify(String str) {
        String[] split = str.split("\\.");
        if (split.length != 3) {
            return null;
        }
        return JSONUtil.parseObj(new String(Base64Utils.decodeFromUrlSafeString(split[1]), StandardCharsets.UTF_8)).getStr("sub");
    }

    private Claims getClaimsFromToken(String str) {
        Claims claims;
        try {
            claims = (Claims) Jwts.parser().setSigningKey(getPublicKey()).parseClaimsJws(str).getBody();
        } catch (Exception e) {
            log.error("解析出异常的token = {}", str);
            e.printStackTrace();
            try {
                getKeyByUrl();
                claims = (Claims) Jwts.parser().setSigningKey(getPublicKey()).parseClaimsJws(str).getBody();
            } catch (Exception e2) {
                log.error("重置 public key 后 解析出异常的token = {}", str);
                claims = null;
            }
        }
        return claims;
    }

    public void getKeyByUrl() {
        try {
            System.out.println("*************** 重新 拉取 public key  ***************");
            if (!StringUtils.isNotBlank(this.publicKeyUrl)) {
                throw new RuntimeException("无法获取请求公钥地址 publicKeyUrl");
            }
            HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(this.publicKeyUrl).openConnection();
            httpURLConnection.setRequestMethod("GET");
            httpURLConnection.connect();
            String ConvertToString = ConvertToString(httpURLConnection.getInputStream());
            System.out.println(ConvertToString);
            publicKeyPem = ConvertToString;
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private String ConvertToString(InputStream inputStream) {
        InputStreamReader inputStreamReader = new InputStreamReader(inputStream);
        BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
        StringBuilder sb = new StringBuilder();
        while (true) {
            try {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    sb.append(readLine);
                } catch (IOException e) {
                    e.printStackTrace();
                    try {
                        inputStreamReader.close();
                        inputStream.close();
                        bufferedReader.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                    }
                }
            } catch (Throwable th) {
                try {
                    inputStreamReader.close();
                    inputStream.close();
                    bufferedReader.close();
                } catch (IOException e3) {
                    e3.printStackTrace();
                }
                throw th;
            }
        }
        try {
            inputStreamReader.close();
            inputStream.close();
            bufferedReader.close();
        } catch (IOException e4) {
            e4.printStackTrace();
        }
        return sb.toString();
    }

    public RSAPublicKey stringToPublicKey(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(str.replaceAll("-----BEGIN PUBLIC KEY-----", "").replaceAll("-----END PUBLIC KEY-----", "").replaceAll("\n", ""))));
    }

    public Key getPublicKey() {
        if (StringUtils.isBlank(publicKeyPem)) {
            getKeyByUrl();
        }
        RSAPublicKey rSAPublicKey = null;
        try {
            rSAPublicKey = stringToPublicKey(publicKeyPem);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            e.printStackTrace();
        }
        return rSAPublicKey;
    }

    public String getPublicKeyUrl() {
        return this.publicKeyUrl;
    }

    public void setPublicKeyUrl(String str) {
        this.publicKeyUrl = str;
    }

    public boolean isEnableVerify() {
        return this.enableVerify;
    }

    public void setEnableVerify(boolean z) {
        this.enableVerify = z;
    }
}
