package com.alilitech.biz.security.st.authorization;

import com.alilitech.biz.security.ExtensibleSecurity;
import com.alilitech.biz.security.SecurityBizMessageSource;
import com.alilitech.biz.security.authentication.SecurityUser;
import com.alilitech.biz.security.st.SecurityTokenUtils;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/alilitech/biz/security/st/authorization/TokenAuthorizationFilter.class */
public class TokenAuthorizationFilter extends OncePerRequestFilter {
    protected MessageSourceAccessor messages = SecurityBizMessageSource.getAccessor();
    private SecurityTokenUtils securityTokenUtils;
    private ExtensibleSecurity extensibleSecurity;

    public TokenAuthorizationFilter(SecurityTokenUtils securityTokenUtils, ExtensibleSecurity extensibleSecurity) {
        this.extensibleSecurity = extensibleSecurity;
        this.securityTokenUtils = securityTokenUtils;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String resolveToken = resolveToken(httpServletRequest);
        if (resolveToken == null) {
            throw new AccessDeniedException(this.messages.getMessage("Token.Empty", new Object[]{httpServletRequest.getRequestURI()}, "Token error, please check for {0}!"));
        }
        if (!this.securityTokenUtils.exist(resolveToken)) {
            throw new AccessDeniedException(this.messages.getMessage("Token.Invalid", new Object[]{httpServletRequest.getRequestURI()}, "Token error, please check for {0}!"));
        }
        Authentication authentication = this.securityTokenUtils.getAuthentication(resolveToken);
        this.extensibleSecurity.validateToken(((SecurityUser) authentication.getPrincipal()).getBizUser(), httpServletRequest, httpServletResponse);
        SecurityContextHolder.getContext().setAuthentication(authentication);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private String resolveToken(HttpServletRequest httpServletRequest) {
        return this.extensibleSecurity.resolveToken(httpServletRequest);
    }
}
