package com.xforceplus.delivery.cloud.secure.oauth;

import com.xforceplus.delivery.cloud.common.util.BeanUtils;
import com.xforceplus.delivery.cloud.secure.SecureConsts;
import com.xforceplus.delivery.cloud.secure.component.RolePermsCache;
import com.xforceplus.delivery.cloud.secure.jjwt.JwtParser;
import com.xforceplus.delivery.cloud.secure.jjwt.JwtVadator;
import com.xforceplus.delivery.cloud.secure.oauth.OAuth2Principal;
import io.jsonwebtoken.Claims;
import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.apache.commons.lang3.math.NumberUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/xforceplus/delivery/cloud/secure/oauth/OAuth2Jwt.class */
public class OAuth2Jwt {
    private static final Logger log = LoggerFactory.getLogger(OAuth2Jwt.class);

    @Autowired
    private JwtVadator jwtVadator;

    @Autowired
    private JwtParser jwtParser;

    public Optional<OAuth2Principal> getPrincipal(String str) {
        return this.jwtParser.getClaimsJwsBody(str).map(this::getPrincipal);
    }

    /* JADX WARN: Type inference failed for: r0v19, types: [com.xforceplus.delivery.cloud.secure.oauth.OAuth2Principal$OAuth2PrincipalBuilder] */
    /* JADX WARN: Type inference failed for: r0v22, types: [com.xforceplus.delivery.cloud.secure.oauth.OAuth2Principal$OAuth2PrincipalBuilder] */
    private OAuth2Principal getPrincipal(Claims claims) {
        if (this.jwtVadator.isTokenExpired(claims)) {
            return null;
        }
        Collection<String> collection = null;
        Map map = (Map) claims.get("additionalInfo", LinkedHashMap.class);
        OAuth2Principal.OAuth2PrincipalBuilder<?, ?> builder = OAuth2Principal.builder();
        if (map != null) {
            OAuth2AdditionalInfo oAuth2AdditionalInfo = (OAuth2AdditionalInfo) BeanUtils.mapToBean(map, OAuth2AdditionalInfo.class);
            Collection<String> roles = oAuth2AdditionalInfo.getRoles();
            collection = roles;
            builder.roles(roles);
            builder.userId(Integer.valueOf(NumberUtils.toInt(oAuth2AdditionalInfo.getUserId())));
        }
        Collection<String> collection2 = (Collection) claims.get("authorities", Collection.class);
        log.trace("perms authorities from jwt claims - {}:::{}", collection, collection2);
        builder.allPerms(collection2 != null && collection2.contains(SecureConsts.ALL_PERM));
        Collection<String> process = RolePermsCache.getInstance().process(collection, collection2);
        log.trace("perms authorities from roles - {}", process);
        builder.username((String) claims.get("user_name", String.class)).perms(process);
        return builder.scope((List) claims.get("scope", List.class)).clientId((String) claims.get("client_id", String.class)).build();
    }
}
