package org.hepeng.commons.spring.security.web.filter;

import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.hepeng.commons.web.util.HttpRequestUtils;
import org.joor.Reflect;
import org.springframework.data.redis.serializer.JdkSerializationRedisSerializer;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextHolderStrategy;
import org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestWrapper;
import org.springframework.util.Assert;

/* loaded from: input_file:org/hepeng/commons/spring/security/web/filter/UpstreamRequestSkipOverSpringSecurityChainFilter.class */
public class UpstreamRequestSkipOverSpringSecurityChainFilter extends SkipOverSpringSecurityFilterChainFilter {
    private static final String SECURITY_CONTEXT_HEADER_NAME = "UpstreamSecurityContext";
    private RedisSerializer redisSerializer = new JdkSerializationRedisSerializer();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/hepeng/commons/spring/security/web/filter/UpstreamRequestSkipOverSpringSecurityChainFilter$UpstreamSecurityContextHolderStrategy.class */
    public class UpstreamSecurityContextHolderStrategy implements SecurityContextHolderStrategy {
        private SecurityContextHolderStrategy delegate;

        public UpstreamSecurityContextHolderStrategy(SecurityContextHolderStrategy securityContextHolderStrategy) {
            if (Objects.nonNull(securityContextHolderStrategy)) {
                this.delegate = securityContextHolderStrategy;
            } else {
                this.delegate = (SecurityContextHolderStrategy) Reflect.on("org.springframework.security.core.context.ThreadLocalSecurityContextHolderStrategy").create().get();
                Assert.notNull(this.delegate, "delegate must not be null");
            }
        }

        public void clearContext() {
            this.delegate.clearContext();
        }

        public SecurityContext getContext() {
            HttpServletRequest httpServletRequest = HttpRequestUtils.getHttpServletRequest();
            return UpstreamRequestSkipOverSpringSecurityChainFilter.this.isUpstreamRequest(httpServletRequest) ? UpstreamRequestSkipOverSpringSecurityChainFilter.this.getUpstreamSecurityContext(httpServletRequest) : this.delegate.getContext();
        }

        public void setContext(SecurityContext securityContext) {
            this.delegate.setContext(securityContext);
        }

        public SecurityContext createEmptyContext() {
            return this.delegate.createEmptyContext();
        }
    }

    public UpstreamRequestSkipOverSpringSecurityChainFilter() {
        registrySecurityContextHolderStrategy();
    }

    @Override // org.hepeng.commons.spring.security.web.filter.SkipOverSpringSecurityFilterChainFilter
    protected boolean isSkipOver(HttpServletRequest httpServletRequest) {
        return isUpstreamRequest(httpServletRequest);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isUpstreamRequest(HttpServletRequest httpServletRequest) {
        return StringUtils.isNotBlank(httpServletRequest.getHeader(SECURITY_CONTEXT_HEADER_NAME));
    }

    protected SecurityContext getUpstreamSecurityContext(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(SECURITY_CONTEXT_HEADER_NAME);
        if (StringUtils.isBlank(header)) {
            return null;
        }
        return (SecurityContext) this.redisSerializer.deserialize(Base64.decodeBase64(header));
    }

    @Override // org.hepeng.commons.spring.security.web.filter.SkipOverSpringSecurityFilterChainFilter
    protected HttpServletRequest wrapRequest(HttpServletRequest httpServletRequest) {
        return new SecurityContextHolderAwareRequestWrapper(httpServletRequest, "ROLE_");
    }

    private void registrySecurityContextHolderStrategy() {
        Reflect on = Reflect.on(SecurityContextHolder.class);
        on.set("strategy", new UpstreamSecurityContextHolderStrategy((SecurityContextHolderStrategy) on.get("strategy")));
    }
}
