package com.github.ltsopensource.admin.web.filter;

import com.github.ltsopensource.admin.support.AppConfigurer;
import com.github.ltsopensource.core.commons.utils.Base64;
import com.github.ltsopensource.core.commons.utils.StringUtils;
import java.io.IOException;
import javassist.compiler.TokenId;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpHeaders;
import org.springframework.util.AntPathMatcher;

/* loaded from: input_file:WEB-INF/classes/com/github/ltsopensource/admin/web/filter/LoginAuthFilter.class */
public class LoginAuthFilter implements Filter {
    private static final String AUTH_PREFIX = "Basic ";
    private AntPathMatcher pathMatcher = new AntPathMatcher();
    private String username = "admin";
    private String password = "admin";
    private String[] excludedURLArray;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.username = AppConfigurer.getProperty("console.username", this.username);
        this.password = AppConfigurer.getProperty("console.password", this.password);
        String initParameter = filterConfig.getInitParameter("excludedURLs");
        if (StringUtils.isNotEmpty(initParameter)) {
            String[] split = initParameter.split(",");
            this.excludedURLArray = new String[split.length];
            for (int i = 0; i < split.length; i++) {
                this.excludedURLArray[i] = StringUtils.trim(split[i]);
            }
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isExclude(httpServletRequest.getRequestURI())) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String header = httpServletRequest.getHeader("authorization");
        if (null == header || header.length() <= AUTH_PREFIX.length()) {
            needAuthenticate(httpServletRequest, httpServletResponse);
            return;
        }
        if (!(this.username + ":" + this.password).equals(new String(Base64.decodeFast(header.substring(AUTH_PREFIX.length(), header.length()))))) {
            needAuthenticate(httpServletRequest, httpServletResponse);
        } else {
            authenticateSuccess(httpServletResponse);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    private boolean isExclude(String str) {
        if (this.excludedURLArray == null) {
            return false;
        }
        for (String str2 : this.excludedURLArray) {
            if (this.pathMatcher.match(str2, str)) {
                return true;
            }
        }
        return false;
    }

    private void authenticateSuccess(HttpServletResponse httpServletResponse) {
        httpServletResponse.setStatus(200);
        httpServletResponse.setHeader(HttpHeaders.PRAGMA, "No-cache");
        httpServletResponse.setHeader(HttpHeaders.CACHE_CONTROL, "no-store");
        httpServletResponse.setDateHeader(HttpHeaders.EXPIRES, 0L);
    }

    private void needAuthenticate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        httpServletResponse.setStatus(TokenId.CharConstant);
        httpServletResponse.setHeader(HttpHeaders.CACHE_CONTROL, "no-store");
        httpServletResponse.setDateHeader(HttpHeaders.EXPIRES, 0L);
        httpServletResponse.setHeader("WWW-authenticate", "Basic Realm=\"lts admin need auth\"");
    }

    public void destroy() {
    }
}
