package com.ohaotian.plugin.security.filter;

import com.alibaba.boot.hsf.annotation.HSFConsumer;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.ohaotian.authority.login.bo.LoginExpTimeReqBO;
import com.ohaotian.authority.login.bo.LoginExpTimeRspBO;
import com.ohaotian.authority.login.service.LoginService;
import com.ohaotian.plugin.cache.CacheClient;
import com.ohaotian.plugin.security.constants.CustomConstants;
import com.ohaotian.plugin.security.constants.SercurityConstants;
import com.ohaotian.plugin.security.entity.AuthUserDetails;
import com.ohaotian.plugin.security.entity.UserInfo;
import com.ohaotian.plugin.security.jwt.Jwt;
import com.ohaotian.plugin.security.jwt.TokenState;
import com.ohaotian.plugin.security.service.GetUserInfoByUserIdService;
import com.ohaotian.plugin.security.utils.RegexUtils;
import com.ohaotian.plugin.security.utils.SecurityHelper;
import java.io.IOException;
import java.io.PrintWriter;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:com/ohaotian/plugin/security/filter/TokenAuthenticationFilter.class */
public class TokenAuthenticationFilter extends GenericFilterBean {

    @Value("${static.resources}")
    private String staticResources;

    @Value("${login.expTime:7200}")
    private Long expTime;

    @Autowired
    private CacheClient cacheService;

    @Autowired
    private GetUserInfoByUserIdService getUserInfoByTokenService;

    @HSFConsumer(serviceVersion = "1.0.0", serviceGroup = "AUTH_GROUP_DEV")
    private LoginService loginService;
    private static final Logger LOGGER = LoggerFactory.getLogger(TokenAuthenticationFilter.class);
    private static ThreadLocal<Boolean> allowSessionCreation = new ThreadLocal<>();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.ohaotian.plugin.security.filter.TokenAuthenticationFilter$1, reason: invalid class name */
    /* loaded from: input_file:com/ohaotian/plugin/security/filter/TokenAuthenticationFilter$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$ohaotian$plugin$security$jwt$TokenState = new int[TokenState.values().length];

        static {
            try {
                $SwitchMap$com$ohaotian$plugin$security$jwt$TokenState[TokenState.VALID.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$com$ohaotian$plugin$security$jwt$TokenState[TokenState.EXPIRED.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException {
        Cookie[] cookies;
        String header = httpServletRequest.getHeader("auth-token");
        if (StringUtils.isEmpty(header) && (cookies = httpServletRequest.getCookies()) != null) {
            for (int i = 0; i < cookies.length; i++) {
                if (cookies[i].getName().equals("auth-token")) {
                    header = cookies[i].getValue();
                }
            }
        }
        JSONObject jSONObject = new JSONObject();
        JSONObject jSONObject2 = new JSONObject();
        LOGGER.debug("获取当前tocken" + header);
        if (!StringUtils.isEmpty(header)) {
            LoginExpTimeReqBO loginExpTimeReqBO = new LoginExpTimeReqBO();
            loginExpTimeReqBO.setToken(header);
            LoginExpTimeRspBO loginExpTime = this.loginService.getLoginExpTime(loginExpTimeReqBO);
            Long l = 0L;
            LOGGER.debug("调用获取到期时间服务" + JSON.toJSONString(loginExpTime));
            if ("0".equals(loginExpTime.getCode())) {
                l = loginExpTime.getExpTime();
                LOGGER.debug("获取到期时间" + l);
            }
            if (l != null) {
                LOGGER.debug(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date(l.longValue())));
            }
            Map<String, Object> validToken = Jwt.validToken(header, l);
            switch (AnonymousClass1.$SwitchMap$com$ohaotian$plugin$security$jwt$TokenState[TokenState.getTokenState((String) validToken.get("state")).ordinal()]) {
                case CustomConstants.LOGIN_VF_TYPE_CODE /* 1 */:
                    net.minidev.json.JSONObject jSONObject3 = (net.minidev.json.JSONObject) validToken.get("data");
                    httpServletRequest.setAttribute("data", jSONObject3);
                    String asString = jSONObject3.getAsString("appCode");
                    loginExpTimeReqBO.setUserId((Long) jSONObject3.get("userId"));
                    loginExpTimeReqBO.setLoginSource((String) jSONObject3.get("loginSource"));
                    this.loginService.updateLoginExpTime(loginExpTimeReqBO);
                    AuthUserDetails userInfoByUserId = this.getUserInfoByTokenService.getUserInfoByUserId((Long) jSONObject3.get("userId"), header, asString, httpServletRequest.getRequestURI());
                    if ("0".equals(userInfoByUserId.getCode())) {
                        return new UsernamePasswordAuthenticationToken(userInfoByUserId.getUserDetails(), userInfoByUserId.getUserDetails().getPassword(), userInfoByUserId.getUserDetails().getAuthorities());
                    }
                    jSONObject2.put("respCode", userInfoByUserId.getCode());
                    jSONObject2.put("respDesc", userInfoByUserId.getMessage());
                    jSONObject.put("data", jSONObject2);
                    break;
                case CustomConstants.LOGIN_VF_TYPE_CAPTCHA /* 2 */:
                    jSONObject2.put("respCode", SercurityConstants.LOGIN_FORBIDDEN);
                    jSONObject2.put("respDesc", "登录超时，请重新登录");
                    jSONObject.put("data", jSONObject2);
                    break;
                default:
                    jSONObject2.put("respCode", SercurityConstants.LOGIN_FORBIDDEN);
                    jSONObject2.put("respDesc", "登录信息无效，请重新登录");
                    jSONObject.put("data", jSONObject2);
                    break;
            }
        } else {
            jSONObject2.put("respCode", SercurityConstants.LOGIN_FORBIDDEN);
            jSONObject2.put("respDesc", "登录信息无效，请重新登录");
            jSONObject.put("data", jSONObject2);
        }
        httpServletResponse.setStatus(401);
        if (SercurityConstants.MENU_FORBIDDEN.equals(jSONObject2.getString("respCode"))) {
            httpServletResponse.setStatus(403);
        } else {
            httpServletResponse.setStatus(401);
        }
        httpServletResponse.setContentType("text/html;charset=UTF-8");
        PrintWriter writer = httpServletResponse.getWriter();
        jSONObject.put("code", "1");
        jSONObject.put("message", "失败");
        writer.write(JSON.toJSONString(jSONObject, new SerializerFeature[]{SerializerFeature.WriteMapNullValue, SerializerFeature.WriteNullStringAsEmpty}));
        writer.close();
        return null;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        ServletRequest servletRequest2 = null;
        String requestURI = httpServletRequest.getRequestURI();
        LOGGER.debug("获取当前url" + requestURI);
        boolean z = true;
        if (StringUtils.isNoneBlank(new CharSequence[]{this.staticResources})) {
            for (String str : this.staticResources.split(";")) {
                if (RegexUtils.wildcardEquals(str, requestURI)) {
                    z = false;
                }
            }
        }
        if (RegexUtils.wildcardEquals("**/**/users/signup/**", requestURI)) {
            z = false;
        }
        if (RegexUtils.wildcardEquals("**/**/noauth/**", requestURI)) {
            z = false;
        }
        if (RegexUtils.wildcardEquals("**/**/api/token/get", requestURI)) {
            z = false;
        }
        LOGGER.debug("获取当前needToken" + z);
        allowSessionCreation.set(true);
        if (z) {
            Authentication attemptAuthentication = attemptAuthentication(httpServletRequest, httpServletResponse);
            if (attemptAuthentication == null) {
                return;
            }
            allowSessionCreation.set(false);
            SecurityContextHolder.getContext().setAuthentication(attemptAuthentication);
            servletRequest2 = parameterRequest(httpServletRequest.getHeader("auth-token"), httpServletRequest, httpServletResponse);
        }
        if (servletRequest2 == null) {
            LOGGER.debug("UserInfoWrapperFilter---1：");
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            LOGGER.debug("UserInfoWrapperFilter---2：");
            filterChain.doFilter(servletRequest2, httpServletResponse);
        }
    }

    private ServletRequest parameterRequest(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        UserInfo currentUser = SecurityHelper.getCurrentUser();
        ParameterRequestWrapper parameterRequestWrapper = null;
        if (currentUser != null && currentUser.getUserId() != null && (httpServletRequest instanceof HttpServletRequest)) {
            LOGGER.debug("UserInfoWrapperFilter---自定义包装器：");
            parameterRequestWrapper = new ParameterRequestWrapper(httpServletRequest);
        }
        LOGGER.debug("UserInfoWrapperFilter---requestWrapper：");
        return parameterRequestWrapper;
    }

    public static boolean isAllowSessionCreation() {
        return allowSessionCreation.get().booleanValue();
    }
}
