package inc.yukawa.chain.security.service;

import inc.yukawa.chain.base.core.domain.result.EditResult;
import inc.yukawa.chain.security.domain.AccessToken;
import inc.yukawa.chain.security.domain.Credentials;
import inc.yukawa.chain.security.jwt.token.JwsAccessToken;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jws;
import java.time.Instant;
import java.util.HashMap;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;
import reactor.core.publisher.Mono;

/* loaded from: input_file:inc/yukawa/chain/security/service/TokenAuthService.class */
public class TokenAuthService implements AuthAspect<Mono<Map<String, Object>>> {
    private static final Logger log = LoggerFactory.getLogger(TokenAuthService.class);
    private final ReactiveUserDetailsService userDetailsService;
    private final TokenFactory<Authentication, JwsAccessToken, Jws<Claims>> tokenFactory;
    private final PasswordEncoder passwordEncoder;

    @Autowired
    public TokenAuthService(ReactiveUserDetailsService reactiveUserDetailsService, TokenFactory<Authentication, JwsAccessToken, Jws<Claims>> tokenFactory, PasswordEncoder passwordEncoder) {
        this.userDetailsService = reactiveUserDetailsService;
        this.tokenFactory = tokenFactory;
        this.passwordEncoder = passwordEncoder;
    }

    public Mono<Map<String, Object>> createToken(Credentials credentials) {
        return Mono.just(m3login(credentials)).map(mono -> {
            HashMap hashMap = new HashMap();
            hashMap.put("accessToken", mono);
            return hashMap;
        });
    }

    /* renamed from: login, reason: merged with bridge method [inline-methods] */
    public Mono<Map<String, Object>> m3login(Credentials credentials) {
        String username = credentials.getUsername();
        return this.userDetailsService.findByUsername(username).map(userDetails -> {
            log.debug("login: {} {}", username, userDetails);
            if (hasAccess(credentials, userDetails)) {
                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails.getUsername(), (Object) null, userDetails.getAuthorities());
                return buildTokenMap((AccessToken) this.tokenFactory.createAccessToken(usernamePasswordAuthenticationToken), (AccessToken) this.tokenFactory.createRefreshToken(usernamePasswordAuthenticationToken), userDetails);
            }
            log.debug("login: {} failed - invalid password or status", username);
            throw new BadCredentialsException(username);
        });
    }

    protected boolean hasAccess(Credentials credentials, UserDetails userDetails) {
        return userDetails.isEnabled() && userDetails.isAccountNonExpired() && userDetails.isAccountNonLocked() && userDetails.isCredentialsNonExpired() && this.passwordEncoder.matches(credentials.getPassword(), userDetails.getPassword());
    }

    private Map<String, Object> buildTokenMap(AccessToken<?> accessToken, AccessToken<?> accessToken2, UserDetails userDetails) {
        HashMap hashMap = new HashMap();
        hashMap.put("accessToken", accessToken.getToken());
        hashMap.put("accessExpiration", accessToken.getExpiration());
        hashMap.put("accessRoles", accessToken.getRoles());
        hashMap.put("expires_in", Long.valueOf(accessToken.getExpiration().getTime() - System.currentTimeMillis()));
        hashMap.put("access_expires", accessToken.getExpiration());
        hashMap.put("access_token", accessToken.getToken());
        hashMap.put("access_roles", accessToken.getRoles());
        hashMap.put("username", userDetails.getUsername());
        if (accessToken2 != null) {
            hashMap.put("refreshToken", accessToken2.getToken());
            hashMap.put("refreshExpiration", accessToken2.getExpiration());
            hashMap.put("refresh_token", accessToken2.getToken());
            hashMap.put("refresh_expires", accessToken2.getExpiration());
        }
        return hashMap;
    }

    public Mono<Instant> revokeAllTokens(Instant instant) {
        log.debug("revokeAllTokens: instant = {}", instant);
        this.tokenFactory.revokeAllBefore(instant);
        return Mono.justOrEmpty(instant);
    }

    public Mono<EditResult> revokeToken(String str) {
        return Mono.just(new EditResult("revokeToken", JwsAccessToken.class, ((Claims) ((Jws) this.tokenFactory.revokeRefresh(str)).getBody()).getId()));
    }

    /* renamed from: refresh, reason: merged with bridge method [inline-methods] */
    public Mono<Map<String, Object>> m2refresh(String str) {
        try {
            String subject = ((Claims) ((Jws) this.tokenFactory.validateRefresh(str)).getBody()).getSubject();
            log.debug("refreshToken for {}", subject);
            return this.userDetailsService.findByUsername(subject).map(userDetails -> {
                log.debug("refreshToken: {} {}", subject, userDetails);
                JwsAccessToken jwsAccessToken = (JwsAccessToken) this.tokenFactory.createAccessToken(new UsernamePasswordAuthenticationToken(userDetails.getUsername(), (Object) null, userDetails.getAuthorities()));
                HashMap hashMap = new HashMap();
                hashMap.put("access_token", jwsAccessToken.getToken());
                hashMap.put("access_expires", jwsAccessToken.getExpiration());
                hashMap.put("access_roles", jwsAccessToken.getRoles());
                hashMap.put("expires_in", Long.valueOf(jwsAccessToken.getExpiration().getTime() - System.currentTimeMillis()));
                hashMap.put("accessToken", jwsAccessToken.getToken());
                hashMap.put("accessExpiration", ((Claims) jwsAccessToken.getClaims()).getExpiration());
                hashMap.put("accessRoles", jwsAccessToken.getRoles());
                return hashMap;
            });
        } catch (AuthenticationException e) {
            log.info(e.getClass().getSimpleName() + " : " + e);
            return Mono.empty();
        }
    }
}
