package team.sailboat.ms.ac.filter;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Map;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.web.filter.OncePerRequestFilter;
import team.sailboat.commons.fan.http.HttpStatus;
import team.sailboat.commons.fan.json.JSONObject;
import team.sailboat.commons.fan.lang.Assert;
import team.sailboat.commons.fan.text.XString;
import team.sailboat.ms.ac.AppConsts;
import team.sailboat.ms.ac.utils.ParameterRequestWrapper;

/* loaded from: input_file:team/sailboat/ms/ac/filter/ResetExpiredPasswdFilter.class */
public class ResetExpiredPasswdFilter extends OncePerRequestFilter {
    RequestMatcher mReqMatcher = new AntPathRequestMatcher(AppConsts.sPagePath_ResetExpiredPasswd);
    RequestMatcher mReqMatcher_api = new AntPathRequestMatcher(AppConsts.sApiPath_login);
    Map<String, String> mResetPasswdUserNames;

    public ResetExpiredPasswdFilter(Map<String, String> map) {
        this.mResetPasswdUserNames = map;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (this.mReqMatcher.matches(httpServletRequest)) {
            String parameter = httpServletRequest.getParameter("authToken");
            if (XString.isEmpty(parameter)) {
                httpServletResponse.sendError(HttpStatus.FORBIDDEN.value(), "无权访问！");
            }
            String remove = this.mResetPasswdUserNames.remove(parameter);
            if (remove == null) {
                httpServletResponse.sendError(HttpStatus.FORBIDDEN.value(), "无权访问！");
            }
            String randomString = XString.randomString(32);
            httpServletRequest.setAttribute("authToken", randomString);
            this.mResetPasswdUserNames.put(randomString, remove);
        } else if (this.mReqMatcher_api.matches(httpServletRequest)) {
            String parameter2 = httpServletRequest.getParameter("authToken");
            if (XString.isNotEmpty(parameter2)) {
                String remove2 = this.mResetPasswdUserNames.remove(parameter2);
                Assert.notEmpty(remove2, "无效的AuthToken：%s", new Object[]{parameter2});
                try {
                    JSONObject of = JSONObject.of(remove2);
                    HttpServletRequest parameterRequestWrapper = new ParameterRequestWrapper(httpServletRequest);
                    parameterRequestWrapper.setParameter("codeId", "XXXX");
                    parameterRequestWrapper.setParameter("username", of.optString("username"));
                    parameterRequestWrapper.setParameter("password", of.optString("password"));
                    parameterRequestWrapper.setMethod("POST");
                    httpServletRequest = parameterRequestWrapper;
                } catch (Exception e) {
                    throw new IllegalArgumentException("无效的AuthToken:" + parameter2);
                }
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
