package act.session;

import act.conf.AppConfig;
import act.util.Lazy;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.Claim;
import java.io.UnsupportedEncodingException;
import java.util.Date;
import java.util.Map;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.osgl.$;
import org.osgl.http.H;
import org.osgl.util.E;
import org.osgl.util.S;

@Singleton
@Lazy
/* loaded from: input_file:act/session/JsonWebTokenSessionCodec.class */
public class JsonWebTokenSessionCodec implements SessionCodec {
    private final Algorithm algorithm;
    private final boolean sessionWillExpire;
    private final int ttl;
    private final String pingPath;

    @Inject
    public JsonWebTokenSessionCodec(AppConfig appConfig) {
        try {
            this.algorithm = Algorithm.HMAC256(appConfig.secret());
            this.ttl = appConfig.sessionTtl();
            this.sessionWillExpire = this.ttl > 0;
            this.pingPath = appConfig.pingPath();
        } catch (UnsupportedEncodingException e) {
            throw E.unexpected(e);
        }
    }

    @Override // act.session.SessionCodec
    public String encodeSession(H.Session session) {
        return builder(session, JWT.create().withJWTId(session.id())).sign(this.algorithm);
    }

    @Override // act.session.SessionCodec
    public String encodeFlash(H.Flash flash) {
        return builder(flash, JWT.create()).sign(this.algorithm);
    }

    @Override // act.session.SessionCodec
    public H.Session decodeSession(String str, H.Request request) {
        H.Session session = new H.Session();
        boolean z = true;
        if (S.notBlank(str)) {
            resolveFromJwtToken(session, str, true);
            z = false;
        }
        DefaultSessionCodec.processExpiration(session, $.ms(), z, this.sessionWillExpire, this.ttl, this.pingPath, request);
        return session;
    }

    @Override // act.session.SessionCodec
    public H.Flash decodeFlash(String str) {
        H.Flash flash = new H.Flash();
        if (S.notBlank(str)) {
            resolveFromJwtToken(flash, str, false);
            flash.discard();
        }
        return flash;
    }

    private JWTCreator.Builder builder(H.KV<?> kv, JWTCreator.Builder builder) {
        for (String str : kv.keySet()) {
            String str2 = kv.get(str);
            if ("___TS".equals(str)) {
                builder.withExpiresAt(new Date(Long.parseLong(str2)));
            } else if (!"___ID".equals(str)) {
                builder.withClaim(str, str2);
            }
        }
        return builder.withIssuer("act");
    }

    private void resolveFromJwtToken(H.KV<?> kv, String str, boolean z) {
        try {
            for (Map.Entry entry : JWT.require(this.algorithm).withIssuer("act").build().verify(str).getClaims().entrySet()) {
                String str2 = (String) entry.getKey();
                String asString = ((Claim) entry.getValue()).asString();
                if ("jti".equals(str2)) {
                    if (z) {
                        kv.put("___ID", asString);
                    }
                } else if (!"iss".equals(str2)) {
                    kv.put(str2, asString);
                }
            }
        } catch (JWTVerificationException e) {
        }
    }
}
