package io.lazyegg.auth.filter;

import io.lazyegg.auth.util.JwtUtil;
import io.lazyegg.auth.util.LeggResponsePrintUtil;
import io.lazyegg.auth.util.SpringUtil;
import io.lazyegg.core.CurrentUserContextHandler;
import io.lazyegg.core.UserInfo;
import io.lazyegg.core.ac.UserAccInterface;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

/* loaded from: input_file:io/lazyegg/auth/filter/LeggAuthenticationFilter.class */
public class LeggAuthenticationFilter extends BasicAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(LeggAuthenticationFilter.class);
    private static final String DEFAULT_ROLE_PREFIX = "ROLE_";

    public LeggAuthenticationFilter(AuthenticationManager authenticationManager) {
        super(authenticationManager);
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        log.info("LeggAuthenticationFilter");
        String header = httpServletRequest.getHeader("Authorization");
        if (StringUtils.isBlank(header)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String replace = header.replace("Bearer ", "");
        if (!JwtUtil.verifyToken(replace)) {
            HashMap hashMap = new HashMap();
            hashMap.put("code", 401);
            hashMap.put("message", "无效令牌");
            LeggResponsePrintUtil.writeJson(httpServletResponse, hashMap, HttpStatus.UNAUTHORIZED);
            return;
        }
        SecurityContext createEmptyContext = SecurityContextHolder.createEmptyContext();
        String str = (String) JwtUtil.parseJwt(replace).get("username", String.class);
        ArrayList arrayList = new ArrayList();
        UserAccInterface userAccInterface = (UserAccInterface) SpringUtil.getBean(UserAccInterface.class);
        if (userAccInterface != null) {
            UserInfo userInfo = userAccInterface.getUserInfo(str);
            CurrentUserContextHandler.set(new CurrentUserContextHandler.User(userInfo.getUserId(), userInfo.getOrgId()));
            userInfo.getRoles().forEach(str2 -> {
                arrayList.add(new SimpleGrantedAuthority(DEFAULT_ROLE_PREFIX + str2));
            });
            userInfo.getPermissions().forEach(str3 -> {
                arrayList.add(new SimpleGrantedAuthority(str3));
            });
        } else {
            log.warn("当前系统未加载用户管理模块(usermanagement)");
        }
        createEmptyContext.setAuthentication(new UsernamePasswordAuthenticationToken(str, (Object) null, arrayList));
        SecurityContextHolder.setContext(createEmptyContext);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
