package org.hepeng.commons.spring.security.web.filter;

import java.security.Principal;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.springframework.data.redis.serializer.JdkSerializationRedisSerializer;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;

/* loaded from: input_file:org/hepeng/commons/spring/security/web/filter/UpstreamRequestSkipOverSpringSecurityChainFilter.class */
public class UpstreamRequestSkipOverSpringSecurityChainFilter extends SkipOverSpringSecurityFilterChainFilter {
    private static final String SECURITY_CONTEXT_HEADER_NAME = "UpstreamSecurityContext";
    private RedisSerializer redisSerializer = new JdkSerializationRedisSerializer();

    /* loaded from: input_file:org/hepeng/commons/spring/security/web/filter/UpstreamRequestSkipOverSpringSecurityChainFilter$UpstreamSecurityContextAwareRequestWrapper.class */
    private class UpstreamSecurityContextAwareRequestWrapper extends HttpServletRequestWrapper {
        public UpstreamSecurityContextAwareRequestWrapper(HttpServletRequest httpServletRequest) {
            super(httpServletRequest);
        }

        public Principal getUserPrincipal() {
            String header = super.getHeader(UpstreamRequestSkipOverSpringSecurityChainFilter.SECURITY_CONTEXT_HEADER_NAME);
            if (StringUtils.isBlank(header)) {
                return super.getUserPrincipal();
            }
            SecurityContext securityContext = (SecurityContext) UpstreamRequestSkipOverSpringSecurityChainFilter.this.redisSerializer.deserialize(Base64.decodeBase64(header));
            Authentication authentication = null;
            if (Objects.nonNull(securityContext)) {
                authentication = securityContext.getAuthentication();
            }
            return authentication;
        }
    }

    @Override // org.hepeng.commons.spring.security.web.filter.SkipOverSpringSecurityFilterChainFilter
    protected boolean isSkipOver(HttpServletRequest httpServletRequest) {
        return StringUtils.isNotBlank(httpServletRequest.getHeader(SECURITY_CONTEXT_HEADER_NAME));
    }

    @Override // org.hepeng.commons.spring.security.web.filter.SkipOverSpringSecurityFilterChainFilter
    protected HttpServletRequest wrapRequest(HttpServletRequest httpServletRequest) {
        return new UpstreamSecurityContextAwareRequestWrapper(httpServletRequest);
    }
}
