using DS.Module.Core.Extensions;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;

namespace DS.Module.Core;

public class JwtHelper
{
    /// <summary>
    /// 生成JWT字符串
    /// </summary>
    /// <param name="Jti"></param>
    /// <returns></returns>
    public static string GetJWT(string Jti)
    {
        DateTime utc = DateTime.UtcNow;
        string iss = AppSetting.app(new string[] { "JwtSettings", "Issuer" });
        string aud = AppSetting.app(new string[] { "JwtSettings", "Audience" });
        string secret = AppSetting.app(new string[] { "JwtSettings", "SecretKey" });
        var claims = new List<Claim>
        {
            new Claim(JwtRegisteredClaimNames.Jti, Jti),
            // 令牌颁发时间
            new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"),
            new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"),
            // 过期时间 2小时
            new Claim(JwtRegisteredClaimNames.Exp,
                $"{new DateTimeOffset(DateTime.Now).AddMinutes(120).ToUnixTimeSeconds()}"),
            new Claim(JwtRegisteredClaimNames.Iss, iss), // 签发者
            new Claim(JwtRegisteredClaimNames.Aud, aud) // 接收者
        };

        // 密钥
        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
        var tokenHandler = new JwtSecurityTokenHandler();
        JwtSecurityToken jwt = new JwtSecurityToken(
            issuer: iss,
            claims: claims, // 声明的集合
            //expires: .AddSeconds(36), // token的有效时间
            signingCredentials: creds
        );
        var handler = new JwtSecurityTokenHandler();
        // 生成 jwt字符串
        var strJWT = handler.WriteToken(jwt);
        return strJWT;
    }

    public static string Encrypt(JwtTokenModel data)
    {
        DateTime utc = DateTime.UtcNow;
        string iss = AppSetting.app(new string[] { "JwtSettings", "Issuer" });
        string aud = AppSetting.app(new string[] { "JwtSettings", "Audience" });
        string secret = AppSetting.app(new string[] { "JwtSettings", "SecretKey" });
        var claims = new List<Claim>
        {
            new Claim(JwtRegisteredClaimNames.Jti, data.Uid),
            // 令牌颁发时间
            new Claim(JwtRegisteredClaimNames.Iat, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"),
            new Claim(JwtRegisteredClaimNames.Nbf, $"{new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds()}"),
            // 过期时间 2小时
            new Claim(JwtRegisteredClaimNames.Exp,
                $"{new DateTimeOffset(DateTime.Now).AddMinutes(120).ToUnixTimeSeconds()}"),
            new Claim(JwtRegisteredClaimNames.Iss, iss), // 签发者
            new Claim(JwtRegisteredClaimNames.Aud, aud), // 接收者

            // new Claim("CompanyId", data.CompanyId), // 公司ID

            new Claim("TenantId", data.TenantId), // 租户ID

            // new Claim("GID", data.GID.ToString()) // 用户GID
        };

        // 密钥
        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
        var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
        var tokenHandler = new JwtSecurityTokenHandler();
        JwtSecurityToken jwt = new JwtSecurityToken(
            issuer: iss,
            claims: claims, // 声明的集合
            //expires: .AddSeconds(36), // token的有效时间
            signingCredentials: creds
        );
        var handler = new JwtSecurityTokenHandler();
        // 生成 jwt字符串
        var strJWT = handler.WriteToken(jwt);
        return strJWT;
    }

    /// <summary>
    /// 解析
    /// </summary>
    /// <param name="jwtStr"></param>
    /// <returns></returns>
    public static string SerializeJwt(string jwtStr)
    {
        var jwtHandler = new JwtSecurityTokenHandler();

        string userId = string.Empty;
        // token校验
        if (jwtStr.IsNullOrEmpty() && jwtHandler.CanReadToken(jwtStr))
        {
            JwtSecurityToken jwtToken = jwtHandler.ReadJwtToken(jwtStr);
            userId = jwtToken.Claims.First().Value;
        }

        return userId;
    }

    /// <summary>
    /// token实体
    /// </summary>
    public class JwtTokenModel
    {
        /// <summary>
        /// Id
        /// </summary>
        public string Uid { get; set; }

        /// <summary>
        /// GID
        /// </summary>
        public Guid? GID { get; set; }

        /// <summary>
        /// 公司ID
        /// </summary>
        public string CompanyId { get; set; }

        /// <summary>
        /// 租户ID
        /// </summary>
        public string TenantId { get; set; }
    }
}