package com.anji.plus.gaea.security.security;

import com.anji.plus.gaea.GaeaProperties;
import com.anji.plus.gaea.cache.CacheHelper;
import com.anji.plus.gaea.holder.UserContentHolder;
import com.anji.plus.gaea.security.GaeaSecurityProperties;
import com.anji.plus.gaea.security.code.UserResponseCode;
import com.anji.plus.gaea.security.handler.GaeaFilterExceptionHandler;
import com.anji.plus.gaea.utils.GaeaUtils;
import com.anji.plus.gaea.utils.JwtBean;
import com.auth0.jwt.exceptions.SignatureGenerationException;
import com.auth0.jwt.exceptions.SignatureVerificationException;
import com.auth0.jwt.exceptions.TokenExpiredException;
import java.io.IOException;
import java.util.Date;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.stream.Collectors;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/anji/plus/gaea/security/security/JwtTokenAuthenticationFilter.class */
public class JwtTokenAuthenticationFilter extends OncePerRequestFilter {

    @Autowired
    private CacheHelper cacheHelper;

    @Autowired
    private JwtBean jwtBean;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private GaeaSecurityProperties gaeaSecurityProperties;

    @Autowired
    private GaeaProperties gaeaProperties;

    @Autowired
    private GaeaFilterExceptionHandler gaeaFilterExceptionHandler;
    protected AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        try {
            if (GaeaUtils.matchPath(this.gaeaProperties.getSecurity().getWhiteList(), httpServletRequest.getServletPath())) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            if (SecurityContextHolder.getContext().getAuthentication() != null || this.gaeaSecurityProperties.getAuthDisabled()) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            String header = httpServletRequest.getHeader("Authorization");
            if (StringUtils.isBlank(header)) {
                throw new TokenExpiredException(UserResponseCode.USER_TOKEN_EXPIRED);
            }
            String str = null;
            try {
                str = this.jwtBean.getUsername(header);
            } catch (Exception e) {
            }
            if (StringUtils.isBlank(str)) {
                throw new TokenExpiredException(String.format("The Token has expired on %s.", new Date()));
            }
            String str2 = "system:login:token:" + str + ":" + this.jwtBean.getUUID(header);
            if (!this.cacheHelper.exist(str2) || !StringUtils.equals(header, this.cacheHelper.stringGet(str2))) {
                throw new TokenExpiredException(String.format("The Token has expired on %s.", new Date()));
            }
            this.cacheHelper.expire(str2, TimeUnit.MINUTES, this.jwtBean.getGaeaProperties().getSecurity().getJwtTokenTimeout());
            UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(str);
            SecurityContext createEmptyContext = SecurityContextHolder.createEmptyContext();
            createEmptyContext.setAuthentication(createSuccessfulAuthentication(httpServletRequest, loadUserByUsername));
            SecurityContextHolder.setContext(createEmptyContext);
            UserContentHolder.getContext().setAuthorities((Set) loadUserByUsername.getAuthorities().stream().map((v0) -> {
                return v0.getAuthority();
            }).collect(Collectors.toSet()));
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (TokenExpiredException | SignatureGenerationException | SignatureVerificationException e2) {
            this.gaeaFilterExceptionHandler.handler(httpServletRequest, httpServletResponse, e2);
        } catch (Exception e3) {
            this.gaeaFilterExceptionHandler.handler(httpServletRequest, httpServletResponse, e3);
        } finally {
            UserContentHolder.clearContext();
        }
    }

    private Authentication createSuccessfulAuthentication(HttpServletRequest httpServletRequest, UserDetails userDetails) {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails, userDetails.getPassword(), userDetails.getAuthorities());
        usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
        return usernamePasswordAuthenticationToken;
    }
}
