package com.alibaba.nacos.plugin.auth.impl.token.impl;

import com.alibaba.nacos.plugin.auth.exception.AccessException;
import com.alibaba.nacos.plugin.auth.impl.token.TokenManager;
import com.alibaba.nacos.plugin.auth.impl.users.NacosUser;
import java.util.ArrayList;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.security.core.Authentication;

/* loaded from: input_file:com/alibaba/nacos/plugin/auth/impl/token/impl/CachedJwtTokenManager.class */
public class CachedJwtTokenManager implements TokenManager {
    private volatile Map<String, TokenEntity> tokenMap = new ConcurrentHashMap(1024);
    private volatile Map<String, TokenEntity> userMap = new ConcurrentHashMap(128);
    private final JwtTokenManager jwtTokenManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/alibaba/nacos/plugin/auth/impl/token/impl/CachedJwtTokenManager$TokenEntity.class */
    public static class TokenEntity {
        private String token;
        private String userName;
        private long expiredTimeMills;
        private Authentication authentication;
        private NacosUser nacosUser;

        public TokenEntity(String str, String str2, long j, Authentication authentication, NacosUser nacosUser) {
            this.token = str;
            this.userName = str2;
            this.expiredTimeMills = j;
            this.authentication = authentication;
            this.nacosUser = nacosUser;
        }

        public String getToken() {
            return this.token;
        }

        public void setToken(String str) {
            this.token = str;
        }

        public String getUserName() {
            return this.userName;
        }

        public void setUserName(String str) {
            this.userName = str;
        }

        public long getExpiredTimeMills() {
            return this.expiredTimeMills;
        }

        public void setExpiredTimeMills(long j) {
            this.expiredTimeMills = j;
        }

        public Authentication getAuthentication() {
            return this.authentication;
        }

        public void setAuthentication(Authentication authentication) {
            this.authentication = authentication;
        }

        public NacosUser getNacosUser() {
            return this.nacosUser;
        }

        public void setNacosUser(NacosUser nacosUser) {
            this.nacosUser = nacosUser;
        }

        public String toString() {
            String str = this.token;
            String str2 = this.userName;
            long j = this.expiredTimeMills;
            String valueOf = String.valueOf(this.authentication);
            String.valueOf(this.nacosUser);
            return "TokenEntity{token='" + str + "', userName='" + str2 + "', expiredTimeMills=" + j + ", authentication=" + str + ", nacosUser=" + valueOf + "}";
        }
    }

    public CachedJwtTokenManager(JwtTokenManager jwtTokenManager) {
        this.jwtTokenManager = jwtTokenManager;
    }

    @Scheduled(initialDelay = 30000, fixedDelay = 60000)
    private void cleanExpiredToken() {
        ArrayList arrayList = new ArrayList();
        this.tokenMap.forEach((str, tokenEntity) -> {
            if (tokenEntity.getExpiredTimeMills() < System.currentTimeMillis()) {
                arrayList.add(str);
            }
        });
        arrayList.forEach(str2 -> {
            this.tokenMap.remove(str2);
        });
        ArrayList arrayList2 = new ArrayList();
        this.userMap.forEach((str3, tokenEntity2) -> {
            if (tokenEntity2.getExpiredTimeMills() < System.currentTimeMillis()) {
                arrayList2.add(str3);
            }
        });
        arrayList2.forEach(str4 -> {
            this.userMap.remove(str4);
        });
    }

    @Override // com.alibaba.nacos.plugin.auth.impl.token.TokenManager
    public String createToken(Authentication authentication) throws AccessException {
        return createToken(authentication.getName());
    }

    @Override // com.alibaba.nacos.plugin.auth.impl.token.TokenManager
    public String createToken(String str) throws AccessException {
        if (this.userMap.containsKey(str)) {
            String token = this.userMap.get(str).getToken();
            if (!needRefresh(this.userMap.get(str).getExpiredTimeMills())) {
                return token;
            }
        }
        String createToken = this.jwtTokenManager.createToken(str);
        TokenEntity tokenEntity = new TokenEntity(createToken, str, System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(getTokenValidityInSeconds()), this.jwtTokenManager.getAuthentication(createToken), this.jwtTokenManager.parseToken(createToken));
        this.tokenMap.put(createToken, tokenEntity);
        this.userMap.put(str, tokenEntity);
        return createToken;
    }

    @Override // com.alibaba.nacos.plugin.auth.impl.token.TokenManager
    public Authentication getAuthentication(String str) throws AccessException {
        return !this.tokenMap.containsKey(str) ? this.jwtTokenManager.getAuthentication(str) : this.tokenMap.get(str).getAuthentication();
    }

    @Override // com.alibaba.nacos.plugin.auth.impl.token.TokenManager
    public void validateToken(String str) throws AccessException {
        if (this.tokenMap.containsKey(str)) {
            return;
        }
        this.jwtTokenManager.validateToken(str);
        Authentication authentication = this.jwtTokenManager.getAuthentication(str);
        String name = authentication.getName();
        if (name == null || name.isEmpty()) {
            return;
        }
        long millis = TimeUnit.SECONDS.toMillis(this.jwtTokenManager.getExpiredTimeInSeconds(str));
        if (millis <= System.currentTimeMillis()) {
            return;
        }
        this.tokenMap.putIfAbsent(str, new TokenEntity(str, name, millis, authentication, this.jwtTokenManager.parseToken(str)));
    }

    @Override // com.alibaba.nacos.plugin.auth.impl.token.TokenManager
    public NacosUser parseToken(String str) throws AccessException {
        if (this.tokenMap.containsKey(str)) {
            return this.tokenMap.get(str).getNacosUser();
        }
        Authentication authentication = this.jwtTokenManager.getAuthentication(str);
        String name = authentication.getName();
        if (name == null || name.isEmpty()) {
            throw new AccessException("invalid token, username is empty");
        }
        long millis = TimeUnit.SECONDS.toMillis(this.jwtTokenManager.getExpiredTimeInSeconds(str));
        if (millis <= System.currentTimeMillis()) {
            throw new AccessException("expired token");
        }
        NacosUser parseToken = this.jwtTokenManager.parseToken(str);
        this.tokenMap.putIfAbsent(str, new TokenEntity(str, name, millis, authentication, parseToken));
        return parseToken;
    }

    @Override // com.alibaba.nacos.plugin.auth.impl.token.TokenManager
    public long getTokenTtlInSeconds(String str) throws AccessException {
        return this.tokenMap.containsKey(str) ? TimeUnit.MILLISECONDS.toSeconds(this.tokenMap.get(str).getExpiredTimeMills() - System.currentTimeMillis()) : this.jwtTokenManager.getTokenTtlInSeconds(str);
    }

    @Override // com.alibaba.nacos.plugin.auth.impl.token.TokenManager
    public long getTokenValidityInSeconds() {
        return this.jwtTokenManager.getTokenValidityInSeconds();
    }

    private boolean needRefresh(long j) {
        return System.currentTimeMillis() + TimeUnit.SECONDS.toMillis(getTokenValidityInSeconds() / 10) > j;
    }
}
