package com.iplatform.security;

import com.iplatform.base.DefaultUserPrincipal;
import com.iplatform.base.SecurityConstants;
import com.iplatform.base.VariableConstants;
import com.iplatform.base.util.TokenUtils;
import com.iplatform.core.TokenAwareContext;
import com.iplatform.core.TokenEntity;
import com.iplatform.model.po.S_user_core;
import com.iplatform.security.config.SecurityProperties;
import com.walker.infrastructure.ApplicationRuntimeException;
import com.walker.web.Constants;
import com.walker.web.ResponseCode;
import com.walker.web.ResponseValue;
import com.walker.web.TokenException;
import com.walker.web.TokenGenerator;
import com.walker.web.UserOnlineProvider;
import com.walker.web.UserPrincipal;
import com.walker.web.util.ServletUtils;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:BOOT-INF/lib/iplatform-base-security-3.2.0.jar:com/iplatform/security/JwtAuthenticationTokenFilter.class */
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
    protected final transient Logger logger = LoggerFactory.getLogger(getClass());
    private TokenGenerator tokenGenerator;
    private UserOnlineProvider userOnlineProvider;
    private DefaultUserDetailsService defaultUserDetailsService;
    private SecurityProperties securityProperties;

    public void setSecurityProperties(SecurityProperties securityProperties) {
        this.securityProperties = securityProperties;
    }

    public void setDefaultUserDetailsService(DefaultUserDetailsService defaultUserDetailsService) {
        this.defaultUserDetailsService = defaultUserDetailsService;
    }

    public void setUserOnlineProvider(UserOnlineProvider userOnlineProvider) {
        this.userOnlineProvider = userOnlineProvider;
    }

    public void setTokenGenerator(TokenGenerator tokenGenerator) {
        this.tokenGenerator = tokenGenerator;
    }

    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        DefaultUserDetails acquireUserDetails;
        String authorizationToken = TokenUtils.getAuthorizationToken(httpServletRequest);
        if (authorizationToken != null) {
            try {
                String validateToken = this.tokenGenerator.validateToken(authorizationToken, VariableConstants.TOKEN_SECRET);
                this.logger.debug("token_data = " + validateToken);
                String[] userIdAndKey = TokenUtils.getUserIdAndKey(validateToken);
                if (userIdAndKey == null || userIdAndKey.length != 3) {
                    throw new ApplicationRuntimeException("token携带用户信息解析错误:" + validateToken);
                }
                String str = userIdAndKey[2];
                String str2 = userIdAndKey[1];
                DefaultUserPrincipal acquireAuthenticationUser = acquireAuthenticationUser(str);
                if (acquireAuthenticationUser == null) {
                    acquireUserDetails = this.defaultUserDetailsService.acquireUserPrincipal(str2);
                    if (acquireUserDetails == null) {
                        this.userOnlineProvider.removeUserPrincipal(str);
                        this.logger.warn("用户已不存在，删除登录状态缓存：{}", str);
                        return;
                    } else {
                        DefaultUserPrincipal defaultUserPrincipal = (DefaultUserPrincipal) acquireUserDetails.getUserPrincipal();
                        this.logger.debug("token需要刷新: " + defaultUserPrincipal.getUserName());
                        tellClientRefreshToken(httpServletResponse, str, defaultUserPrincipal);
                    }
                } else {
                    acquireUserDetails = acquireUserDetails(acquireAuthenticationUser);
                }
                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(acquireUserDetails, null, acquireUserDetails.getAuthorities());
                usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
                SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
                TokenAwareContext.setCurrentToken(new TokenEntity(str, str2));
            } catch (TokenException e) {
                if (e.isExpired()) {
                    ServletUtils.renderString(httpServletResponse, ResponseValue.error(ResponseCode.RE_LOGIN.getCode().intValue(), "token已过期，请重新获取"));
                    return;
                } else {
                    System.out.println(e.getTitle());
                    ServletUtils.renderString(httpServletResponse, ResponseValue.error(ResponseCode.ERROR.getCode().intValue(), e.getTitle()));
                    return;
                }
            } catch (Exception e2) {
                this.logger.error("根据token获得登录信息错误:" + e2.getMessage(), (Throwable) e2);
                ServletUtils.renderString(httpServletResponse, ResponseValue.error(ResponseCode.ERROR.getCode().intValue(), e2.getMessage()));
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        TokenAwareContext.clearCurrentToken();
    }

    private void tellClientRefreshToken(HttpServletResponse httpServletResponse, String str, DefaultUserPrincipal defaultUserPrincipal) {
        String generateToken = TokenUtils.generateToken(defaultUserPrincipal.getId(), defaultUserPrincipal.getUserName(), str, this.tokenGenerator, this.securityProperties.getTokenExpireWeb());
        defaultUserPrincipal.setLastLoginTime(System.currentTimeMillis());
        this.userOnlineProvider.cacheUserPrincipal(str, defaultUserPrincipal, this.securityProperties.getTokenExpireWeb());
        httpServletResponse.addHeader(Constants.TOKEN_HEADER_REFRESH, generateToken);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("刷新token, uuid = " + str + ", " + generateToken);
        }
    }

    private DefaultUserDetails acquireUserDetails(UserPrincipal<S_user_core> userPrincipal) {
        DefaultUserDetails defaultUserDetails = new DefaultUserDetails(userPrincipal);
        if (defaultUserDetails.isSupervisor()) {
            defaultUserDetails.addGrantedAuthority(SecurityConstants.ROLE_SUPER_ADMIN);
            defaultUserDetails.addGrantedAuthority(SecurityConstants.ROLE_ADMIN);
            defaultUserDetails.addGrantedAuthority(SecurityConstants.ROLE_USER);
        } else {
            List<String> roleIdList = userPrincipal.getRoleIdList();
            this.logger.info("缓存中获取 userPrincipal.getRoleIdList() = " + roleIdList);
            if (roleIdList != null) {
                Iterator<String> it = roleIdList.iterator();
                while (it.hasNext()) {
                    defaultUserDetails.addGrantedAuthority(it.next());
                }
            }
        }
        return defaultUserDetails;
    }

    private DefaultUserPrincipal acquireAuthenticationUser(String str) {
        return (DefaultUserPrincipal) this.userOnlineProvider.getUserPrincipal(str);
    }
}
