package ink.huaxun.gateway.filter;

import com.auth0.jwt.interfaces.DecodedJWT;
import ink.huaxun.gateway.util.JwtUtil;
import java.io.IOException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.springframework.http.HttpMethod;

/* loaded from: input_file:ink/huaxun/gateway/filter/JwtFilter.class */
public class JwtFilter extends AccessControlFilter {
    private final String header;
    private static final String UNAUTHORIZED = "{\"code\":401, \"message\":\"帐户已过期，请重新登录！\"}";

    public JwtFilter(String str) {
        this.header = str;
    }

    protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse servletResponse, Object obj) {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (HttpMethod.OPTIONS.name().equals(httpServletRequest.getMethod())) {
            return true;
        }
        DecodedJWT decoded = JwtUtil.getDecoded(httpServletRequest.getHeader(this.header));
        if (JwtUtil.verifyPayload(decoded)) {
            httpServletResponse.setHeader(this.header, JwtUtil.refreshToken(decoded));
            return true;
        }
        httpServletResponse.setContentType("application/json");
        try {
            httpServletResponse.getWriter().write(UNAUTHORIZED);
            return false;
        } catch (IOException e) {
            return false;
        }
    }

    protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) {
        return false;
    }
}
