using Microsoft.IdentityModel.Tokens;
using System;
using System.Collections.Generic;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Security.Claims;
using System.Text;
using System.Threading.Tasks;

namespace LearningOfficer.OA.Common.Helpers
{
    public class JwtHelper
    {
        /// <summary>
        /// 生成token
        /// </summary>
        /// <param name="uid"></param>
        /// <param name="secretKey"></param>
        /// <param name="issuer"></param>
        /// <param name="audience"></param>
        /// <param name="expires"></param>
        /// <param name="claims"></param>
        /// <returns></returns>
        public static string CreateToken(string uid, string secretKey, string issuer, string audience, double expires, List<Claim> claims = null)
        {
            if (claims.IsNullOrEmpty())
                claims = new();
            claims.AddRange(new List<Claim>
            {
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
                new Claim(ClaimTypes.NameIdentifier, uid),
            });

            // 2. 从 appsettings.json 中读取SecretKey
            var secret = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey));

            // 3. 选择加密算法
            var algorithm = SecurityAlgorithms.HmacSha256;

            // 4. 生成Credentials
            var signingCredentials = new SigningCredentials(secret, algorithm);

            // 5. 根据以上，生成token
            var jwtSecurityToken = new JwtSecurityToken(
                issuer,     //Issuer
                audience,   //Audience
                claims,                          //Claims,
                DateTime.Now,                    //notBefore
                DateTime.Now.AddSeconds(expires),    //expires
                signingCredentials               //Credentials
            );

            // 6. 将token变为string
            var token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);

            return token;
        }
    }
}