package tech.mhuang.pacebox.springboot.auth;

import com.alibaba.fastjson2.JSON;
import io.jsonwebtoken.ExpiredJwtException;
import java.io.IOException;
import java.util.Enumeration;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import tech.mhuang.pacebox.core.exception.BusinessException;
import tech.mhuang.pacebox.core.util.ObjectUtil;
import tech.mhuang.pacebox.core.util.StringUtil;
import tech.mhuang.pacebox.jwt.admin.JwtFramework;
import tech.mhuang.pacebox.jwt.admin.bean.Jwt;
import tech.mhuang.pacebox.springboot.core.constans.Global;
import tech.mhuang.pacebox.springboot.core.local.GlobalHeaderThreadLocal;
import tech.mhuang.pacebox.springboot.core.servlet.WebServletRequest;
import tech.mhuang.pacebox.springboot.core.spring.start.SpringContextHolder;
import tech.mhuang.pacebox.springboot.core.spring.util.DataUtil;
import tech.mhuang.pacebox.springboot.core.spring.util.IpUtil;
import tech.mhuang.pacebox.springboot.protocol.GlobalHeader;
import tech.mhuang.pacebox.springboot.protocol.Result;

/* loaded from: input_file:tech/mhuang/pacebox/springboot/auth/AuthFilter.class */
public class AuthFilter implements Filter {
    private String defaultAuthTypeValue;
    private Logger logger = LoggerFactory.getLogger(getClass());
    private final String BASIC = "Basic";

    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest instanceof HttpServletRequest) {
            try {
                WebServletRequest webServletRequest = (WebServletRequest) servletRequest;
                this.logger.debug("请求的URL:{},请求类型:{}", webServletRequest.getRequestURL().toString(), webServletRequest.getMethod());
                GlobalHeader globalHeader = new GlobalHeader();
                globalHeader.setIp(IpUtil.getIp(webServletRequest));
                globalHeader.setSource(webServletRequest.getHeader("source"));
                globalHeader.setVersion(webServletRequest.getHeader("version"));
                globalHeader.setTenantId(webServletRequest.getHeader("tenantId"));
                globalHeader.setLang(webServletRequest.getHeader("language"));
                Enumeration headerNames = webServletRequest.getHeaderNames();
                while (headerNames.hasMoreElements()) {
                    String str = (String) headerNames.nextElement();
                    if (!Global.IGNORE_HEADER.contains(str)) {
                        globalHeader.getExtraMap().put(str, webServletRequest.getHeader(str).replaceAll("\"", "'"));
                    }
                }
                JwtFramework jwtFramework = (JwtFramework) SpringContextHolder.getBean(JwtFramework.class);
                String header = webServletRequest.getHeader("authType");
                String str2 = null;
                String str3 = null;
                if (StringUtil.isEmpty(header)) {
                    header = this.defaultAuthTypeValue;
                    if (StringUtil.isEmpty(header)) {
                        filterChain.doFilter(webServletRequest, servletResponse);
                        return;
                    }
                }
                Jwt.JwtBean jwtBean = (Jwt.JwtBean) jwtFramework.getJwt().getBeanMap().get(header);
                if (ObjectUtil.isNotEmpty(jwtBean)) {
                    str2 = webServletRequest.getHeader(jwtBean.getType());
                    str3 = jwtBean.getHeaderName();
                }
                if (StringUtil.isBlank(str2)) {
                    GlobalHeaderThreadLocal.set(globalHeader);
                    webServletRequest.putHeader("global_header", JSON.toJSONString(globalHeader));
                } else if (StringUtil.indexOf(str2, "Basic") == 0) {
                    GlobalHeaderThreadLocal.set(globalHeader);
                    webServletRequest.putHeader("global_header", JSON.toJSONString(globalHeader));
                } else {
                    if (StringUtil.length(str2) <= str3.length()) {
                        this.logger.error("token:{}无效，长度不一致", str2);
                        throw new BusinessException(401, "非法访问,请重新登录");
                    }
                    this.logger.debug("当前调用的token:{}", str2);
                    String substringAfter = StringUtil.substringAfter(str2, str3);
                    try {
                        try {
                            Map parse = jwtFramework.getProducer(header).parse(substringAfter);
                            if (parse == null) {
                                throw new BusinessException(401, "非法访问,请重新登录");
                            }
                            globalHeader.setToken(substringAfter.trim());
                            globalHeader.setType((String) parse.get("type"));
                            globalHeader.setCompanyId((String) parse.get("companyId"));
                            globalHeader.setUserId((String) parse.get("userId"));
                            GlobalHeaderThreadLocal.set(globalHeader);
                            webServletRequest.putHeader("global_header", JSON.toJSONString(globalHeader));
                        } catch (ExpiredJwtException e) {
                            this.logger.error("token已过期:{}", e);
                            throw new BusinessException(401, "当前用户登录已过期,请重新登录");
                        }
                    } catch (Exception e2) {
                        this.logger.error("token异常:{}", e2);
                        throw new BusinessException(401, "非法访问,请重新登录");
                    }
                }
                filterChain.doFilter(webServletRequest, servletResponse);
            } catch (BusinessException e3) {
                setResponseCors(servletResponse, e3);
            }
        }
    }

    private void setResponseCors(ServletResponse servletResponse, BusinessException businessException) throws IOException {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, OPTIONS, DELETE");
        httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, client_id, uuid, Authorization");
        httpServletResponse.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
        httpServletResponse.setHeader("Pragma", "no-cache");
        httpServletResponse.setContentType("application/json;charset=utf-8");
        httpServletResponse.getWriter().write(JSON.toJSONString((Result) DataUtil.copyTo(businessException, Result.class)));
        httpServletResponse.getWriter().flush();
    }

    public void destroy() {
        GlobalHeaderThreadLocal.remove();
    }

    public void setDefaultAuthTypeValue(String str) {
        this.defaultAuthTypeValue = str;
    }

    public String getDefaultAuthTypeValue() {
        return this.defaultAuthTypeValue;
    }
}
