package top.zenyoung.security.webmvc.filter;

import com.google.common.base.Strings;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;
import javax.annotation.Nonnull;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.event.InteractiveAuthenticationSuccessEvent;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.CollectionUtils;
import top.zenyoung.common.model.UserPrincipal;
import top.zenyoung.security.model.LoginReqBody;
import top.zenyoung.security.model.TokenAuthentication;
import top.zenyoung.security.webmvc.JwtAuthenticationManager;

/* loaded from: input_file:top/zenyoung/security/webmvc/filter/JwtLoginFilter.class */
public class JwtLoginFilter extends UsernamePasswordAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(JwtLoginFilter.class);
    private final List<RequestMatcher> requestMatchers;

    public JwtLoginFilter(@Nonnull JwtAuthenticationManager jwtAuthenticationManager) {
        super(jwtAuthenticationManager);
        this.requestMatchers = Lists.newLinkedList();
        buildRequestMatchers(this.requestMatchers);
    }

    private void buildRequestMatchers(@Nonnull List<RequestMatcher> list) {
        JwtAuthenticationManager jwtAuthenticationManager = (JwtAuthenticationManager) getAuthenticationManager();
        if (jwtAuthenticationManager != null) {
            ArrayList newArrayList = Lists.newArrayList(jwtAuthenticationManager.getLoginUrls());
            if (CollectionUtils.isEmpty(newArrayList)) {
                return;
            }
            list.addAll((Collection) newArrayList.stream().filter(str -> {
                return !Strings.isNullOrEmpty(str);
            }).map(AntPathRequestMatcher::new).collect(Collectors.toList()));
        }
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (CollectionUtils.isEmpty(this.requestMatchers)) {
            return false;
        }
        for (RequestMatcher requestMatcher : this.requestMatchers) {
            if (requestMatcher != null && requestMatcher.matches(httpServletRequest)) {
                return true;
            }
        }
        return false;
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        LoginReqBody parseReqBody;
        ServletServerHttpRequest servletServerHttpRequest = new ServletServerHttpRequest(httpServletRequest);
        if (servletServerHttpRequest.getMethod() != HttpMethod.POST) {
            throw new AuthenticationServiceException("Authentication method not supported: " + servletServerHttpRequest.getMethod());
        }
        MediaType contentType = servletServerHttpRequest.getHeaders().getContentType();
        if (!MediaType.APPLICATION_JSON.isCompatibleWith(contentType) || !MediaType.APPLICATION_FORM_URLENCODED.isCompatibleWith(contentType)) {
            throw new AuthenticationServiceException("Authentication contentType not supported: " + contentType);
        }
        JwtAuthenticationManager jwtAuthenticationManager = (JwtAuthenticationManager) getAuthenticationManager();
        if (MediaType.APPLICATION_JSON.isCompatibleWith(contentType)) {
            try {
                parseReqBody = jwtAuthenticationManager.parseReqBody(servletServerHttpRequest.getBody(), jwtAuthenticationManager.getLoginReqBodyClass());
            } catch (AuthenticationException e) {
                log.error("attemptAuthentication-exp: {}", e.getMessage());
                throw e;
            } catch (Throwable th) {
                log.error("attemptAuthentication-exp: {}", th.getMessage());
                throw new AuthenticationException(th.getMessage(), th) { // from class: top.zenyoung.security.webmvc.filter.JwtLoginFilter.1
                };
            }
        } else {
            String obtainUsername = obtainUsername(httpServletRequest);
            String obtainPassword = obtainPassword(httpServletRequest);
            parseReqBody = new LoginReqBody();
            parseReqBody.setAccount(Strings.isNullOrEmpty(obtainUsername) ? "" : obtainUsername.trim());
            parseReqBody.setPasswd(Strings.isNullOrEmpty(obtainPassword) ? "" : obtainPassword.trim());
        }
        if (parseReqBody == null) {
            throw new InternalAuthenticationServiceException("解析请求参数失败!");
        }
        return jwtAuthenticationManager.authenticate(new TokenAuthentication(parseReqBody));
    }

    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) {
        log.debug("successfulAuthentication(chain: {},authResult: {})...", filterChain, authentication);
        SecurityContextHolder.getContext().setAuthentication(authentication);
        if (this.eventPublisher != null) {
            this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authentication, getClass()));
        }
        try {
            ((JwtAuthenticationManager) getAuthenticationManager()).successfulAuthenticationHandler(httpServletResponse, (UserPrincipal) authentication.getPrincipal());
        } catch (Throwable th) {
            log.error("successfulAuthentication(chain: {},authResult: {})-exp: {}", new Object[]{filterChain, authentication, th.getMessage()});
            unsuccessfulAuthentication(httpServletRequest, httpServletResponse, new AuthenticationException(th.getMessage(), th) { // from class: top.zenyoung.security.webmvc.filter.JwtLoginFilter.2
            });
        }
    }

    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) {
        log.debug("unsuccessfulAuthentication(failed: {})...", authenticationException == null ? null : authenticationException.getMessage());
        SecurityContextHolder.clearContext();
        ((JwtAuthenticationManager) getAuthenticationManager()).unsuccessfulAuthentication(httpServletResponse, authenticationException);
    }
}
