package at.letto.security;

import at.letto.tools.ENCRYPT;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Header;
import io.jsonwebtoken.Jwt;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Optional;
import java.util.function.Function;

/* loaded from: input_file:BOOT-INF/lib/tools-1.2.jar:at/letto/security/LettoToken.class */
public class LettoToken {
    public static final String ROLE_GLOBAL = "global";
    public static final String ROLE_EXTERN = "extern";
    public static final String ROLE_CHANGE_ABOS = "changeabos";
    public static final String ROLE_MULTIPLE_LOGIN = "multiplelogin";
    public static final String ROLE_PAYINGSTUDENT = "payingstudent";
    public static final String ROLE_STUDENT = "student";
    public static final String ROLE_TEACHER = "teacher";
    public static final String ROLE_ADMIN = "admin";
    public static final String ROLE_DISABLED = "disabled";
    public static final String ROLE_USER_ABOS_CATEGORY = "useraboscategory";
    public static final String ROLE_USER_ABOS_USER = "userabosusers";
    public static final String ROLE_USE_CURRENT_YEAR = "usecurrentyear";
    public static final String ROLE_PREFIX_ORIGINUSER = "originuser";
    public static final String ROLE_SERVER = "server";
    public static final String ROLE_CREATE_CATEGORY = "createcategory";
    private final String token;
    private final String secret;
    private final boolean created;
    private Claims claims;
    private Jwt jwt;

    private String checkSecret(String str) {
        if (str == null || str.length() == 0) {
            str = SecurityConstants.JWT_SECRET;
        }
        if (str.length() < 72) {
            while (str.length() < 72) {
                str = str + str;
            }
            str = ENCRYPT.base64Encode(str);
        }
        return str;
    }

    public LettoToken(String str, String str2) {
        this.claims = null;
        this.jwt = null;
        this.token = str;
        this.secret = checkSecret(str2);
        this.created = false;
        try {
            this.claims = getAllClaimsFromToken();
        } catch (Exception e) {
        }
    }

    public LettoToken(String str, Long l, String str2, String str3, String str4, String str5, String str6, String str7, Integer num, Integer num2, String str8, String str9, String str10, List<String> list) {
        this(str, SecurityConstants.TOKEN_ISSUER, SecurityConstants.TOKEN_AUDIENCE, l, str2, str3, str4, str5, str6, str7, num, num2, str8, str9, str10, list);
    }

    public LettoToken(String str, String str2, String str3, Long l, String str4, String str5, String str6, String str7, String str8, String str9, Integer num, Integer num2, String str10, String str11, String str12, List<String> list) {
        this(str, str2, str3, l, str4, str5, str6, str7, str8, str9, num, num2, str10, str11, str12, list, null);
    }

    public LettoToken(String str, String str2, String str3, Long l, String str4, String str5, String str6, String str7, String str8, String str9, Integer num, Integer num2, String str10, String str11, String str12, List<String> list, HashMap<String, String> hashMap) {
        this.claims = null;
        this.jwt = null;
        Date date = new Date();
        Date calculateExpirationDate = calculateExpirationDate(date, l);
        this.secret = checkSecret(str);
        this.created = true;
        this.token = Jwts.builder().setClaims(new HashMap()).setSubject(str4).setIssuedAt(date).setExpiration(calculateExpirationDate).setHeaderParam(Header.TYPE, "JWT").setIssuer(str2).setAudience(str3).signWith(SignatureAlgorithm.HS512, this.secret).claim("idschule", num2).claim("roles", list).claim("vorname", str5).claim("nachname", str6).claim("ADname", str7).claim("email", str8).claim("sprache", str9).claim("id", num).claim("school", str10).claim("lettoUri", str11).claim("serverRestkey", str12).claim("payload", hashMap).compact();
        this.claims = getAllClaimsFromToken();
    }

    public LettoToken refreshToken(String str, long j) {
        return new LettoToken(str, getIssuer(), getAudience(), Long.valueOf(j), getUsername(), getVorname(), getNachname(), getActiveDirectoryName(), getEmail(), getSprache(), getIdUser(), getIdSchule(), getSchool(), getLettoUri(), getServerRestkey(), getRoles(), getPayload());
    }

    public String toString() {
        return getToken();
    }

    private Date calculateExpirationDate(Date date, Long l) {
        if (l == null || l.longValue() < 1) {
            l = Long.valueOf(SecurityConstants.EXPIRATION_TIME);
        }
        return new Date(date.getTime() + l.longValue());
    }

    public long getValidMillis() {
        try {
            return getExpirationDate().getTime() - new Date().getTime();
        } catch (Exception e) {
            return -1L;
        }
    }

    public String getUsername() {
        try {
            return this.claims.getSubject();
        } catch (Exception e) {
            return null;
        }
    }

    public Date getExpirationDate() {
        try {
            return this.claims.getExpiration();
        } catch (Exception e) {
            return null;
        }
    }

    public Date getCreatedDate() {
        try {
            return this.claims.getIssuedAt();
        } catch (Exception e) {
            return null;
        }
    }

    public Integer getIdUser() {
        return getId();
    }

    public Integer getIdSchule() {
        try {
            return (Integer) this.claims.get("idschule", Integer.class);
        } catch (Exception e) {
            return null;
        }
    }

    public Integer getId() {
        try {
            return (Integer) this.claims.get("id", Integer.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getVorname() {
        try {
            return (String) this.claims.get("vorname", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getNachname() {
        try {
            return (String) this.claims.get("nachname", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getActiveDirectoryName() {
        try {
            return (String) this.claims.get("ADname", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getEmail() {
        try {
            return (String) this.claims.get("email", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getSprache() {
        try {
            return (String) this.claims.get("sprache", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getSchool() {
        try {
            return (String) this.claims.get("school", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getLettoUri() {
        try {
            return (String) this.claims.get("lettoUri", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getServerRestkey() {
        try {
            return (String) this.claims.get("serverRestkey", String.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getIssuer() {
        try {
            return this.claims.getIssuer();
        } catch (Exception e) {
            return null;
        }
    }

    public String getAudience() {
        try {
            return this.claims.getAudience();
        } catch (Exception e) {
            return null;
        }
    }

    public List<String> getRoles() {
        try {
            return (List) this.claims.get("roles", List.class);
        } catch (Exception e) {
            return null;
        }
    }

    public HashMap<String, String> getPayload() {
        try {
            return (HashMap) this.claims.get("payload", HashMap.class);
        } catch (Exception e) {
            return null;
        }
    }

    public String getPayload(String str) {
        try {
            return getPayload().get(str);
        } catch (Exception e) {
            return null;
        }
    }

    public String[] getRolesArray() {
        List<String> roles = getRoles();
        if (roles == null) {
            return new String[0];
        }
        String[] strArr = new String[roles.size()];
        for (int i = 0; i < roles.size(); i++) {
            strArr[i] = roles.get(i);
        }
        return strArr;
    }

    private <T> T getClaimFromToken(Function<Claims, T> function) {
        return function.apply(getAllClaimsFromToken());
    }

    private Claims getAllClaimsFromToken() {
        if (this.claims == null) {
            this.claims = Jwts.parserBuilder().setSigningKey(this.secret).build().parseClaimsJws(this.token).getBody();
        }
        return this.claims;
    }

    public Jwt getJwt() {
        if (this.jwt == null) {
            this.jwt = Jwts.parserBuilder().setSigningKey(this.secret).build().parse(this.token);
        }
        return this.jwt;
    }

    public boolean isTokenNotExpired() {
        try {
            return getExpirationDate().after(new Date());
        } catch (Exception e) {
            return false;
        }
    }

    public boolean isValid() {
        return this.claims != null;
    }

    public Optional<Boolean> validateToken() {
        return isTokenNotExpired() ? Optional.of(Boolean.TRUE) : Optional.empty();
    }

    public boolean hasRole(String str) {
        for (String str2 : getRolesArray()) {
            if (str2.trim().equalsIgnoreCase(str.trim())) {
                return true;
            }
        }
        return false;
    }

    public String getOriginUser() {
        for (String str : getRolesArray()) {
            if (str.trim().startsWith(ROLE_PREFIX_ORIGINUSER)) {
                return str.trim().substring(ROLE_PREFIX_ORIGINUSER.length());
            }
        }
        return "";
    }

    public boolean isAdmin() {
        return !hasRole("disabled") && hasRole("admin");
    }

    public boolean isGlobal() {
        return !hasRole("disabled") && hasRole("global");
    }

    public boolean isTeacher() {
        return !hasRole("disabled") && hasRole(ROLE_TEACHER);
    }

    public boolean isStudent() {
        return !hasRole("disabled") && hasRole(ROLE_STUDENT);
    }

    public boolean isPayingStudent() {
        return !hasRole("disabled") && hasRole(ROLE_PAYINGSTUDENT);
    }

    public boolean isMultipleLogin() {
        return !hasRole("disabled") && hasRole(ROLE_MULTIPLE_LOGIN);
    }

    public boolean isExtern() {
        return !hasRole("disabled") && hasRole(ROLE_EXTERN);
    }

    public boolean isAlias() {
        return getOriginUser().length() > 0;
    }

    public String getToken() {
        return this.token;
    }
}
