package com.github.rexsheng.springboot.faster.system.auth.application.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.github.rexsheng.springboot.faster.common.constant.SecurityConstant;
import com.github.rexsheng.springboot.faster.common.domain.Result;
import com.github.rexsheng.springboot.faster.common.domain.ResultCode;
import com.github.rexsheng.springboot.faster.common.utils.JwtUtil;
import com.github.rexsheng.springboot.faster.request.filter.ErrorCatchingRequestFilter;
import com.github.rexsheng.springboot.faster.security.util.SecurityFilterHelper;
import com.github.rexsheng.springboot.faster.system.auth.application.AuthService;
import com.github.rexsheng.springboot.faster.system.auth.application.dto.RefreshTokenRequest;
import com.github.rexsheng.springboot.faster.system.utils.AuthenticationUtil;
import com.github.rexsheng.springboot.faster.util.ServletUtils;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.Nullable;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/github/rexsheng/springboot/faster/system/auth/application/security/RefreshTokenFilter.class */
public class RefreshTokenFilter extends ErrorCatchingRequestFilter {
    private static final Logger logger = LoggerFactory.getLogger(RefreshTokenFilter.class);
    public static final String SPRING_SECURITY_FORM_TOKEN_KEY = "token";
    private RequestMatcher defaultRequestMatcher = new AntPathRequestMatcher("/refreshToken", "POST");
    private String refreshTokenParameter = "token";
    private ObjectMapper objectMapper = new ObjectMapper();
    private AuthService authService;

    public RefreshTokenFilter(AuthService authService) {
        this.authService = authService;
    }

    public RefreshTokenFilter(AuthService authService, RequestMatcher requestMatcher) {
        this.authService = authService;
        super.setRequestMatcher(this.defaultRequestMatcher);
    }

    @Nullable
    protected String obtainRefreshToken(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getParameter(this.refreshTokenParameter);
    }

    public void setRefreshTokenParameter(String str) {
        Assert.hasText(str, "Token parameter must not be empty or null");
        this.refreshTokenParameter = str;
    }

    @Override // com.github.rexsheng.springboot.faster.request.filter.ErrorCatchingRequestFilter
    protected boolean doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        boolean z = false;
        try {
            String obtainRefreshToken = obtainRefreshToken(httpServletRequest);
            if (StringUtils.hasText(obtainRefreshToken)) {
                try {
                    JwtUtil.JwtPayload verifyToken = JwtUtil.verifyToken(obtainRefreshToken, SecurityConstant.TOKEN_JWT_SECRET_KEY);
                    if (verifyToken != null && StringUtils.hasText(verifyToken.getSubject())) {
                        AuthenticationUtil.setSecurityContext(UsernamePasswordAuthenticationToken.unauthenticated(verifyToken.getSubject(), (Object) null), httpServletRequest, httpServletResponse);
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                }
                z = true;
                if (!SecurityFilterHelper.beforeFilter(httpServletRequest, httpServletResponse, null)) {
                    return false;
                }
                RefreshTokenRequest refreshTokenRequest = new RefreshTokenRequest();
                refreshTokenRequest.setRefreshToken(obtainRefreshToken);
                Map<String, Object> refreshSessionToken = this.authService.refreshSessionToken(refreshTokenRequest);
                if (refreshSessionToken != null) {
                    ServletUtils.responseWithJson(httpServletResponse, this.objectMapper.writeValueAsString(Result.success(refreshSessionToken)));
                    logger.info("refreshToken success, token: {}", obtainRefreshToken);
                    SecurityFilterHelper.afterFilter(httpServletRequest, httpServletResponse, 0 != 0 ? "token已过期" : null);
                    return false;
                }
            }
            if (!z && !SecurityFilterHelper.beforeFilter(httpServletRequest, httpServletResponse, null)) {
                SecurityFilterHelper.afterFilter(httpServletRequest, httpServletResponse, 0 != 0 ? "token已过期" : null);
                return false;
            }
            ServletUtils.responseWithJson(httpServletResponse, this.objectMapper.writeValueAsString(Result.error(ResultCode.ACCESS_UNAUTHORIZED.getCode(), "token已过期")));
            logger.info("refreshToken expired: {}", obtainRefreshToken);
            SecurityFilterHelper.afterFilter(httpServletRequest, httpServletResponse, 1 != 0 ? "token已过期" : null);
            return false;
        } finally {
            SecurityFilterHelper.afterFilter(httpServletRequest, httpServletResponse, 0 != 0 ? "token已过期" : null);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.github.rexsheng.springboot.faster.request.filter.ErrorCatchingRequestFilter
    public void handleError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) throws Exception {
        super.handleError(httpServletRequest, httpServletResponse, th);
        ServletUtils.responseWithJson(httpServletResponse, this.objectMapper.writeValueAsString(Result.error(th.getMessage())));
    }
}
