package com.inspur.frame.security;

import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
import io.jsonwebtoken.JwtParser;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Optional;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.springframework.web.context.request.RequestContextHolder;

/* loaded from: input_file:com/inspur/frame/security/SecurityUtil.class */
public class SecurityUtil {
    public static Optional<String> getCurrentUserLogin() {
        return null != RequestContextHolder.getRequestAttributes() ? Optional.ofNullable((String) RequestContextHolder.getRequestAttributes().getAttribute("TINY-AUTH-USERACCOUNT", 0)) : getCurrentUserLoginFromThreadLocal();
    }

    private static Optional<String> getCurrentUserLoginFromThreadLocal() {
        Object obj = ThreadLocalUtil.get("TINY-AUTH-USERACCOUNT");
        return null != obj ? Optional.ofNullable((String) obj) : Optional.empty();
    }

    public static Optional<Claims> getCurrentUser() {
        return null != RequestContextHolder.getRequestAttributes() ? Optional.ofNullable((Claims) RequestContextHolder.getRequestAttributes().getAttribute(PredefinedHeaderKey.AUTH_USER_INFO, 0)) : getCurrentUserFromThreadLocal();
    }

    private static Optional<Claims> getCurrentUserFromThreadLocal() {
        Object obj = ThreadLocalUtil.get(PredefinedHeaderKey.AUTH_USER_INFO);
        return null != obj ? Optional.ofNullable((Claims) obj) : Optional.empty();
    }

    public static Optional<String> getRequestId() {
        return null != RequestContextHolder.getRequestAttributes() ? Optional.ofNullable((String) RequestContextHolder.getRequestAttributes().getAttribute(PredefinedHeaderKey.WEB_REQUEST_ID, 0)) : getRequestIdFromThreadLocal();
    }

    public static Optional<String> getTxContext() {
        return null != RequestContextHolder.getRequestAttributes() ? Optional.ofNullable((String) RequestContextHolder.getRequestAttributes().getAttribute(PredefinedHeaderKey.TX_CONTEXT, 0)) : getTxContextFromThreadLocal();
    }

    private static Optional<String> getTxContextFromThreadLocal() {
        Object obj = ThreadLocalUtil.get(PredefinedHeaderKey.TX_CONTEXT);
        return null != obj ? Optional.ofNullable((String) obj) : Optional.empty();
    }

    private static Optional<String> getRequestIdFromThreadLocal() {
        Object obj = ThreadLocalUtil.get(PredefinedHeaderKey.WEB_REQUEST_ID);
        return null != obj ? Optional.ofNullable((String) obj) : Optional.empty();
    }

    public static Optional<String> getCurrentUserJWT() {
        return null != RequestContextHolder.getRequestAttributes() ? Optional.ofNullable((String) RequestContextHolder.getRequestAttributes().getAttribute(PredefinedHeaderKey.AUTHORIZATION_HEADER, 0)) : getCurrentUserJWTFromThreadLocal();
    }

    private static Optional<String> getCurrentUserJWTFromThreadLocal() {
        Object obj = ThreadLocalUtil.get(PredefinedHeaderKey.AUTHORIZATION_HEADER);
        return null != obj ? Optional.ofNullable((String) obj) : Optional.empty();
    }

    public static Optional<Key> generateSecretKey(String str) throws Exception {
        return Optional.ofNullable(Keys.hmacShaKeyFor(Base64.decodeBase64(str)));
    }

    public static Optional<Key> generateSecretKey(String str, String str2) throws Exception {
        return Optional.ofNullable(new SecretKeySpec(Base64.decodeBase64(str), SignatureAlgorithm.forName(str2).getJcaName()));
    }

    public static Optional<Key> generatePublicKey(String str) throws Exception {
        return Optional.ofNullable(KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(str))));
    }

    public static Optional<Key> generatePrivateKey(String str) throws Exception {
        return Optional.ofNullable(KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(str))));
    }

    public static Optional<String> generateToken(Claims claims, Key key) throws Exception {
        JwtBuilder builder = Jwts.builder();
        builder.setClaims(claims);
        if (null != key) {
            builder.signWith(key);
        }
        return Optional.ofNullable(builder.compact());
    }

    public static Optional<Claims> parseToken(String str, Key key) throws Exception {
        if (str.isEmpty()) {
            return Optional.empty();
        }
        JwtParser parser = Jwts.parser();
        if (null != key) {
            parser.setSigningKey(key);
        }
        return Optional.ofNullable((Claims) parser.setAllowedClockSkewSeconds(60L).parseClaimsJws(str).getBody());
    }

    public static void main(String[] strArr) {
        System.out.println("密钥：" + Base64.encodeBase64String(Keys.secretKeyFor(SignatureAlgorithm.HS512).getEncoded()));
        KeyPair keyPairFor = Keys.keyPairFor(SignatureAlgorithm.RS256);
        System.out.println("私钥：" + Base64.encodeBase64String(keyPairFor.getPrivate().getEncoded()));
        System.out.println("公钥：" + Base64.encodeBase64String(keyPairFor.getPublic().getEncoded()));
    }
}
