package com.vincent.rsf.openApi.security.utils;

import com.vincent.rsf.openApi.entity.constant.Constants;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import io.jsonwebtoken.security.Keys;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.crypto.SecretKey;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/**
 * JWT Token 工具类
 */
public class TokenUtils {
    private static final Logger log = LoggerFactory.getLogger(TokenUtils.class);

    private static final SecretKey SECRET_KEY = Keys.secretKeyFor(SignatureAlgorithm.HS256);
    private static final long TOKEN_EXPIRATION = 60 * 60 * 1000L;

    public static String generateToken(Map<String, Object> claims) {
        long now = System.currentTimeMillis();
        Date expiration = new Date(now + TOKEN_EXPIRATION);
        return Jwts.builder()
                .setClaims(claims)
                .setExpiration(expiration)
                .signWith(SECRET_KEY, SignatureAlgorithm.HS256)
                .compact();
    }

    public static String generateToken(String appId, String appSecret) {
        Map<String, Object> claims = new HashMap<>();
        claims.put("appId", appId);
        claims.put("appSecret", appSecret);
        claims.put("created", System.currentTimeMillis());
        return generateToken(claims);
    }

    public static Claims parseToken(String token) {
        try {
            return Jwts.parserBuilder()
                    .setSigningKey(SECRET_KEY)
                    .build()
                    .parseClaimsJws(token)
                    .getBody();
        } catch (JwtException e) {
            log.error("解析Token失败: {}", e.getMessage());
            return null;
        }
    }

    public static boolean validateTokenTime(String token) {
        try {
            Claims claims = parseToken(token);
            if (claims == null) {
                return false;
            }
            Date expiration = claims.getExpiration();
            return expiration != null && expiration.after(new Date());
        } catch (JwtException e) {
            log.error("验证Token失败: {}", e.getMessage());
            return false;
        }
    }

    public static String getAppIdFromToken(String token) {
        Claims claims = parseToken(token);
        return claims != null ? (String) claims.get("appId") : null;
    }

    public static String getSecretFromToken(String token) {
        Claims claims = parseToken(token);
        return claims != null ? (String) claims.get("appSecret") : null;
    }

    public static String extractTokenFromHeader(String authHeader) {
        if (authHeader != null && authHeader.startsWith(Constants.TOKEN_PREFIX)) {
            return authHeader.substring(Constants.TOKEN_PREFIX.length()).trim();
        }
        return null;
    }
}