package com.tangzhangss.commonutils.filter;

import cn.hutool.core.collection.ListUtil;
import cn.hutool.json.JSON;
import cn.hutool.json.JSONObject;
import cn.hutool.json.JSONUtil;
import com.tangzhangss.commonutils.base.SysContext;
import com.tangzhangss.commonutils.config.Attribute;
import com.tangzhangss.commonutils.i18n.Translator;
import com.tangzhangss.commonutils.service.RedisService;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.PropertySource;
import org.springframework.stereotype.Component;

@WebFilter
@Component
@PropertySource({"classpath:application.properties"})
/* loaded from: input_file:com/tangzhangss/commonutils/filter/AuthFilter.class */
public class AuthFilter implements Filter {
    public static final String AUTH = "X-Token";
    private static List<String> unAuthUrl = ListUtil.list(false, new String[]{"^/static/.*", "^/user/login", ".*/no_auth$"});

    @Value("${custom.debug:false}")
    private boolean isDebug;

    @Autowired
    RedisService redisService;

    public static void addUnAuthUrl(String str) {
        unAuthUrl.add(str);
    }

    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        try {
            if (checkToken(servletRequest, servletResponse)) {
                filterChain.doFilter(servletRequest, servletResponse);
            }
        } catch (Exception e) {
            errorRequestMsgHandle(servletRequest, servletResponse, e.getMessage());
        }
    }

    public boolean errorRequestMsgHandle(ServletRequest servletRequest, ServletResponse servletResponse, String str) throws ServletException, IOException {
        servletRequest.setAttribute("errorMessage", str);
        servletRequest.getRequestDispatcher("/filterException/500").forward(servletRequest, servletResponse);
        return false;
    }

    public boolean invalidTokenMsgHandle(ServletRequest servletRequest, ServletResponse servletResponse, String str) throws ServletException, IOException {
        servletRequest.setAttribute("errorMessage", str);
        servletRequest.getRequestDispatcher("/filterException/401").forward(servletRequest, servletResponse);
        return false;
    }

    public boolean checkToken(ServletRequest servletRequest, ServletResponse servletResponse) throws ServletException, IOException {
        Object obj;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String header = httpServletRequest.getHeader(AUTH);
        JSON json = null;
        if (StringUtils.isNotBlank(header) && (obj = this.redisService.get(header)) != null) {
            json = JSONUtil.parseObj(obj);
            this.redisService.set(header, JSONUtil.toJsonStr(json), 54000L);
        }
        String servletPath = httpServletRequest.getServletPath();
        if (json == null && !allowedPath(servletPath)) {
            return invalidTokenMsgHandle(servletRequest, servletResponse, Translator.get("unauthorized"));
        }
        if (json == null) {
            json = getAnonymousSysContext();
        }
        SysContext.setUser(json);
        return true;
    }

    private boolean allowedPath(String str) {
        Iterator<String> it = unAuthUrl.iterator();
        while (it.hasNext()) {
            if (Pattern.compile(it.next()).matcher(str).matches()) {
                return true;
            }
        }
        return false;
    }

    private JSONObject getAnonymousSysContext() {
        JSONObject jSONObject = new JSONObject();
        jSONObject.set("id", -1L);
        jSONObject.set("name", Attribute.NO_AUTH_USER_NAME);
        jSONObject.set("clientId", Attribute.NO_AUTH_CLIENT_ID);
        return jSONObject;
    }

    public void destroy() {
        SysContext.removeUserContext();
    }
}
