package com.lunhan.xxx.common.jwt;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTCreator;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.TokenExpiredException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.lunhan.xxx.common.ConstantFactory;
import com.lunhan.xxx.common.config.SysConfig;
import com.lunhan.xxx.common.enums.EResultCode;
import com.lunhan.xxx.common.exceptions.BusinessException;
import com.lunhan.xxx.common.util.LocalDateTimeUtil;
import com.lunhan.xxx.common.util.NumericUtil;
import com.lunhan.xxx.common.util.StringUtil;

import java.time.LocalDateTime;
import java.util.Date;

public class JWTUtil {
    /**
     * @return token中包含的用户名
     */
    public static LoginUserDTO getUser(String token) {
        if (StringUtil.isNullOrEmpty(token)) {
            throw new BusinessException(EResultCode.UNAUTHORIZED, "尚未登录");
        }
        JWTVerifier verifier = JWT.require(Algorithm.HMAC256(SysConfig.jwt.getSecret()))
                .build();
        DecodedJWT jwt = null;
        try {

            jwt = verifier.verify(token);
        } catch (TokenExpiredException e) {
            throw new BusinessException(EResultCode.UNAUTHORIZED, "token已过期");
        } catch (Exception e) {
            throw new BusinessException(EResultCode.UNAUTHORIZED, "token格式不正确." + token);
        }
        if (null == jwt) {
            throw new BusinessException(EResultCode.UNAUTHORIZED, "token已过期");
        }
        Date expiresAt = jwt.getExpiresAt();

        LocalDateTime dtExpires = LocalDateTimeUtil.getDateTime(expiresAt.getTime());
        if (dtExpires.isBefore(LocalDateTimeUtil.nowDateTime())) {
            throw new BusinessException(EResultCode.UNAUTHORIZED, "token已过期");
        }
        LoginUserDTO loginUser = new LoginUserDTO();
        loginUser.setUserId(jwt.getClaim("userId").asString());
        loginUser.setUserType(NumericUtil.tryParseInt(jwt.getClaim("userType").asString(), 0));
        loginUser.setPhone(jwt.getClaim("phone").asString());
        loginUser.setPhone(jwt.getClaim("phone").asString());
        loginUser.setNickName(jwt.getClaim("nickName").asString());
        loginUser.setHeadImg(jwt.getClaim("headImg").asString());
        loginUser.setListRole(StringUtil.splitLongList(jwt.getClaim("listRole").asString()));
        loginUser.setListRoleName(StringUtil.splitList(jwt.getClaim("listRoleName").asString()));

        return loginUser;
    }

    /**
     * 生成token，并保存到jwt
     *
     * @param loginUser 登录用户信息
     * @return 加密的token
     */
    public static String getToken(LoginUserDTO loginUser) {
        JWTCreator.Builder builder = JWT.create()
                //设置jwt生成时间
                .withIssuedAt(new Date(LocalDateTimeUtil.nowTimeStamp()))
                //设置token有效期
                .withExpiresAt(new Date(LocalDateTimeUtil.nowTimeStamp() + SysConfig.jwt.getExpiration() * ConstantFactory.TIME_LEN_1S));
        builder.withClaim("userId", loginUser.getUserId());
        builder.withClaim("userType", loginUser.getUserType().toString());
        builder.withClaim("phone", loginUser.getPhone());
        builder.withClaim("nickName", loginUser.getNickName());
        builder.withClaim("headImg", loginUser.getHeadImg());
        builder.withClaim("listRole", StringUtil.joinLong(loginUser.getListRole()));
        builder.withClaim("listRoleName", StringUtil.join(loginUser.getListRoleName()));
        return builder
                //生成token字符串
                .sign(Algorithm.HMAC256(SysConfig.jwt.getSecret()))
                ;
    }
}