package team.sailboat.commons.ms.ac_api;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;
import team.sailboat.commons.fan.excep.HttpException;
import team.sailboat.commons.fan.text.XString;
import team.sailboat.commons.ms.xca.IAppSignChecker;

/* loaded from: input_file:team/sailboat/commons/ms/ac_api/AppSignCheckerFilter.class */
public class AppSignCheckerFilter extends OncePerRequestFilter {
    final IAppSignChecker mSignChecker;
    AppAuthenticationProvider mAuthenticationPvd;

    public AppSignCheckerFilter(IAppSignChecker iAppSignChecker, AppAuthenticationProvider appAuthenticationProvider) {
        this.mSignChecker = iAppSignChecker;
        this.mAuthenticationPvd = appAuthenticationProvider;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (!Boolean.TRUE.equals(httpServletRequest.getAttribute("AppSigneChecked")) && XString.isNotEmpty(httpServletRequest.getHeader("X-Ca-Signature"))) {
            try {
                Authentication apply = this.mAuthenticationPvd.apply(this.mSignChecker.check(httpServletRequest));
                if (apply != null) {
                    SecurityContext context = SecurityContextHolder.getContext();
                    if (context == null) {
                        SecurityContext createEmptyContext = SecurityContextHolder.createEmptyContext();
                        createEmptyContext.setAuthentication(apply);
                        SecurityContextHolder.setContext(createEmptyContext);
                    } else if (context.getAuthentication() == null || "anonymousUser".equals(apply.getPrincipal())) {
                        context.setAuthentication(apply);
                    }
                }
            } catch (HttpException e) {
                httpServletResponse.sendError(e.getStatus().value(), e.getRawMessage());
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
