package org.hepeng.commons.spring.security.filter;

import java.security.Principal;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.lang3.StringUtils;
import org.hepeng.commons.serializer.ObjectSerializationUtils;
import org.hepeng.commons.serializer.ObjectSerializer;
import org.hepeng.commons.serializer.SupportSerializer;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;

/* loaded from: input_file:org/hepeng/commons/spring/security/filter/APIGatewayRequestSkipOverSpringSecurityChainFilter.class */
public class APIGatewayRequestSkipOverSpringSecurityChainFilter extends SkipOverSpringSecurityFilterChainFilter {
    private static final String SECURITY_CONTEXT_HEADER_NAME = "SecurityContext";
    private ObjectSerializer<SecurityContext> objectSerializer;

    /* loaded from: input_file:org/hepeng/commons/spring/security/filter/APIGatewayRequestSkipOverSpringSecurityChainFilter$UpstreamSecurityContextAwareRequestWrapper.class */
    private class UpstreamSecurityContextAwareRequestWrapper extends HttpServletRequestWrapper {
        public UpstreamSecurityContextAwareRequestWrapper(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        public Principal getUserPrincipal() {
            String header = super.getHeader(APIGatewayRequestSkipOverSpringSecurityChainFilter.SECURITY_CONTEXT_HEADER_NAME);
            if (StringUtils.isBlank(header)) {
                return super.getUserPrincipal();
            }
            SecurityContext securityContext = (SecurityContext) APIGatewayRequestSkipOverSpringSecurityChainFilter.this.objectSerializer.deserializeBase64String(header);
            Authentication authentication = null;
            if (Objects.nonNull(securityContext)) {
                authentication = securityContext.getAuthentication();
            }
            return authentication;
        }
    }

    public APIGatewayRequestSkipOverSpringSecurityChainFilter() {
        this.objectSerializer = ObjectSerializationUtils.newObjectSerializer(SupportSerializer.HESSIAN, SecurityContext.class);
    }

    public APIGatewayRequestSkipOverSpringSecurityChainFilter(ObjectSerializer objectSerializer) {
        this.objectSerializer = objectSerializer;
    }

    @Override // org.hepeng.commons.spring.security.filter.SkipOverSpringSecurityFilterChainFilter
    protected boolean isSkipOver(HttpServletRequest httpServletRequest) {
        return StringUtils.isNotBlank(httpServletRequest.getHeader(SECURITY_CONTEXT_HEADER_NAME));
    }

    @Override // org.hepeng.commons.spring.security.filter.SkipOverSpringSecurityFilterChainFilter
    protected HttpServletRequest wrapRequest(HttpServletRequest httpServletRequest) {
        return new UpstreamSecurityContextAwareRequestWrapper(httpServletRequest);
    }
}
