package com.sinosoftgz.starter.shiro.jwt.support;

import com.auth0.jwt.interfaces.DecodedJWT;
import com.sinosoftgz.starter.jwt.model.JwtPrincipal;
import com.sinosoftgz.starter.jwt.utils.JwtUtils;
import com.sinosoftgz.starter.shiro.jwt.biz.UserAuthBiz;
import com.sinosoftgz.starter.shiro.jwt.model.UserInfo;
import java.util.Set;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

@Component
/* loaded from: input_file:com/sinosoftgz/starter/shiro/jwt/support/ShiroJwtRealm.class */
public class ShiroJwtRealm extends AuthorizingRealm {
    private static final Logger logger = LoggerFactory.getLogger(ShiroJwtRealm.class);

    @Autowired
    JwtUtils jwtUtils;

    @Autowired
    UserAuthBiz userAuthBiz;

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof JWTToken;
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        UserInfo userInfo = this.userAuthBiz.getUserInfo(((JwtPrincipal) principalCollection.getPrimaryPrincipal()).getAccount());
        if (StringUtils.isEmpty(userInfo)) {
            throw new RuntimeException("获取用户授权信息失败");
        }
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        Set<String> permissions = userInfo.getPermissions();
        if (permissions != null && !permissions.isEmpty()) {
            simpleAuthorizationInfo.addStringPermissions(permissions);
        }
        Set<String> roles = userInfo.getRoles();
        if (roles != null) {
            simpleAuthorizationInfo.addRoles(roles);
        }
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String str = (String) authenticationToken.getCredentials();
        String account = this.jwtUtils.getAccount(str);
        if (account == null) {
            throw new AuthenticationException("无效的请求");
        }
        UserInfo userInfo = this.userAuthBiz.getUserInfo(account);
        if (userInfo == null) {
            throw new AuthenticationException("未找到用户信息");
        }
        DecodedJWT checkToken = this.jwtUtils.checkToken(str, userInfo.getSecret());
        if (checkToken == null) {
            throw new AuthenticationException("token已经过期，请重新登录");
        }
        JwtPrincipal jwtPrincipal = new JwtPrincipal();
        jwtPrincipal.setAccount(userInfo.getAccount());
        jwtPrincipal.setExpiresAt(checkToken.getExpiresAt().getTime());
        return new SimpleAuthenticationInfo(jwtPrincipal, str, getName());
    }
}
