package cn.insmart.iam.gateway.service.impl;

import cn.insmart.fx.common.lang.util.Message;
import cn.insmart.iam.auth.bus.v1.dto.AccessDTO;
import cn.insmart.iam.auth.bus.v1.event.TokenAccessEvent;
import cn.insmart.iam.gateway.service.JsonWebKeyService;
import cn.insmart.iam.gateway.service.JsonWebTokenService;
import cn.insmart.iam.gateway.validator.IClaimValidator;
import com.alibaba.fastjson.JSONObject;
import java.time.LocalDateTime;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.cloud.gateway.route.Route;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.stereotype.Service;
import org.springframework.util.Assert;
import reactor.core.publisher.Mono;

@Service
/* loaded from: input_file:cn/insmart/iam/gateway/service/impl/JsonWebTokenServiceImpl.class */
public class JsonWebTokenServiceImpl implements JsonWebTokenService {
    private static final Logger log = LoggerFactory.getLogger(JsonWebTokenServiceImpl.class);
    private final JsonWebKeyService jsonWebKeyService;
    private final List<IClaimValidator> claimValidators;

    @Override // cn.insmart.iam.gateway.service.JsonWebTokenService
    public Mono<Boolean> validate(Route route, String str) {
        String str2 = (String) JwtHelper.headers(str).get("kid");
        Assert.hasText(str2, Message.of("kid is empty! {}", new Object[]{str}));
        return this.jsonWebKeyService.getVerifierById(str2).flatMap(rsaVerifier -> {
            JSONObject parseObject = JSONObject.parseObject(JwtHelper.decodeAndVerify(str, rsaVerifier).getClaims());
            return this.claimValidators.get(0).validate(parseObject).flatMap(bool -> {
                return this.claimValidators.get(1).validate(parseObject);
            }).flatMap(bool2 -> {
                return this.claimValidators.get(2).validate(parseObject);
            }).flatMap(bool3 -> {
                return this.claimValidators.get(3).validate(parseObject);
            }).flatMap(bool4 -> {
                AccessDTO accessDTO = new AccessDTO();
                accessDTO.setKeyId(str2);
                accessDTO.setToken(str);
                accessDTO.setAccessTime(LocalDateTime.now());
                new TokenAccessEvent(this, accessDTO).fire();
                return Mono.just(true);
            });
        });
    }

    public JsonWebTokenServiceImpl(JsonWebKeyService jsonWebKeyService, List<IClaimValidator> list) {
        this.jsonWebKeyService = jsonWebKeyService;
        this.claimValidators = list;
    }
}
