package cn.fightingguys.security.web.wechat.auth;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:cn/fightingguys/security/web/wechat/auth/WeChatMiniProgramAuthenticationFilter.class */
public class WeChatMiniProgramAuthenticationFilter extends OncePerRequestFilter {
    public static final String DEFAULT_AUTH_TOKEN_TYPE = "WxToken";
    public static final String DEFAULT_JS_CODE_PARAM_KEY = "jsCode";
    public static final AntPathRequestMatcher DEFAULT_ANT_PATH_REQUEST_MATCHER = new AntPathRequestMatcher("/wxLogin", "POST");
    private String filterAuthTokenType;
    private RequestMatcher requestMatcher;
    private final AuthenticationManager authenticationManager;

    public WeChatMiniProgramAuthenticationFilter(AuthenticationManager authenticationManager) {
        this.filterAuthTokenType = DEFAULT_AUTH_TOKEN_TYPE;
        this.requestMatcher = DEFAULT_ANT_PATH_REQUEST_MATCHER;
        this.authenticationManager = authenticationManager;
    }

    public WeChatMiniProgramAuthenticationFilter(AuthenticationManager authenticationManager, RequestMatcher requestMatcher, String str) {
        this.filterAuthTokenType = DEFAULT_AUTH_TOKEN_TYPE;
        this.requestMatcher = DEFAULT_ANT_PATH_REQUEST_MATCHER;
        this.authenticationManager = authenticationManager;
        this.requestMatcher = requestMatcher;
        this.filterAuthTokenType = str;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (this.requestMatcher.matches(httpServletRequest)) {
            String obtainJsCode = obtainJsCode(httpServletRequest);
            String str = obtainJsCode != null ? obtainJsCode : "";
            if (str.length() == 0) {
                sendErrorResponse(httpServletResponse, "The jsCode cannot be null");
                return;
            }
            try {
                sendAuthTokenResponse(httpServletResponse, (WeChatMiniProgramAuthenticationToken) this.authenticationManager.authenticate(new WeChatMiniProgramAuthenticationToken(str, false)));
                return;
            } catch (AuthenticationException e) {
                sendErrorResponse(httpServletResponse, e.getMessage());
                return;
            }
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String[] split = header.split(" ", 2);
        if (split.length != 2) {
            sendErrorResponse(httpServletResponse, "Auth token format is wrong");
            return;
        }
        String str2 = split[0];
        String str3 = split[1];
        if (!str2.equals(this.filterAuthTokenType)) {
            sendErrorResponse(httpServletResponse, "Auth token type is wrong");
            return;
        }
        try {
            SecurityContextHolder.getContext().setAuthentication(this.authenticationManager.authenticate(new WeChatMiniProgramAuthenticationToken(str3, true)));
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (AuthenticationException e2) {
            sendErrorResponse(httpServletResponse, e2.getMessage());
        }
    }

    private String obtainJsCode(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(DEFAULT_JS_CODE_PARAM_KEY);
    }

    private void sendErrorResponse(HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setStatus(HttpStatus.BAD_REQUEST.value());
        httpServletResponse.setHeader("Content-Type", "application/json");
        httpServletResponse.getWriter().print(String.format("{\"msg\": \"%s\"}", str));
    }

    private void sendAuthTokenResponse(HttpServletResponse httpServletResponse, WeChatMiniProgramAuthenticationToken weChatMiniProgramAuthenticationToken) throws IOException {
        httpServletResponse.setStatus(HttpStatus.OK.value());
        httpServletResponse.setHeader("Content-Type", "application/json");
        httpServletResponse.getWriter().print(String.format("{\"token\": \"%s\"}", weChatMiniProgramAuthenticationToken.getCredentials()));
    }
}
