package io.rocketbase.commons.filter;

import io.jsonwebtoken.ExpiredJwtException;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.MalformedJwtException;
import io.rocketbase.commons.config.JwtProperties;
import io.rocketbase.commons.converter.AppUserConverter;
import io.rocketbase.commons.dto.authentication.JwtTokenBundle;
import io.rocketbase.commons.model.AppUserToken;
import io.rocketbase.commons.security.CommonsAuthenticationToken;
import io.rocketbase.commons.security.CustomAuthoritiesProvider;
import io.rocketbase.commons.security.JwtTokenService;
import io.rocketbase.commons.util.JwtTokenStore;
import java.io.IOException;
import java.time.LocalDateTime;
import java.util.Collection;
import javax.annotation.Resource;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:io/rocketbase/commons/filter/JwtTokenFilter.class */
public class JwtTokenFilter extends OncePerRequestFilter {
    private static final Logger log = LoggerFactory.getLogger(JwtTokenFilter.class);

    @Resource
    private AppUserConverter appUserConverter;

    @Resource
    private JwtTokenService jwtTokenService;

    @Resource
    private JwtProperties jwtProperties;

    @Resource
    private CustomAuthoritiesProvider customAuthoritiesProvider;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String authToken = getAuthToken(httpServletRequest);
        try {
            tryToAuthenticate(authToken, getValidatedUsername(authToken), httpServletRequest);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (Exception e) {
            int value = HttpStatus.BAD_REQUEST.value();
            httpServletResponse.setStatus(value);
            httpServletResponse.getWriter().write(String.format("{\"status\": %d, \"message\": \"%s\"}", Integer.valueOf(value), e.getMessage().replace("\"", "\\")));
        }
    }

    protected String getAuthToken(HttpServletRequest httpServletRequest) {
        String str = null;
        String header = httpServletRequest.getHeader(this.jwtProperties.getHeader());
        if (header != null && header.startsWith(this.jwtProperties.getTokenPrefix())) {
            str = header.substring(this.jwtProperties.getTokenPrefix().length());
        } else if (httpServletRequest.getParameter(this.jwtProperties.getUriParam()) != null) {
            str = httpServletRequest.getParameter(this.jwtProperties.getUriParam());
        }
        return str;
    }

    protected String getValidatedUsername(String str) {
        if (str == null) {
            return null;
        }
        try {
            return this.jwtTokenService.getUsernameFromToken(str);
        } catch (ExpiredJwtException e) {
            log.warn("the token is expired and not valid anymore");
            return null;
        } catch (IllegalArgumentException e2) {
            log.error("an error occured during getting username from token. {}", e2.getMessage());
            return null;
        } catch (JwtException e3) {
            log.error("other token exception: {}", e3.getMessage());
            return null;
        } catch (MalformedJwtException e4) {
            log.warn("the token has invalid format. {}", e4.getMessage());
            return null;
        }
    }

    protected Authentication tryToAuthenticate(String str, String str2, HttpServletRequest httpServletRequest) {
        if (str2 == null || SecurityContextHolder.getContext().getAuthentication() != null || !this.jwtTokenService.validateToken(str, str2, (LocalDateTime) null).booleanValue()) {
            return null;
        }
        AppUserToken parseToken = this.jwtTokenService.parseToken(str);
        Collection authoritiesFromToken = this.jwtTokenService.getAuthoritiesFromToken(str);
        authoritiesFromToken.addAll(this.customAuthoritiesProvider.getExtraSecurityContextAuthorities(parseToken, httpServletRequest));
        CommonsAuthenticationToken commonsAuthenticationToken = new CommonsAuthenticationToken(authoritiesFromToken, parseToken, new JwtTokenStore(new JwtTokenBundle(str, (String) null)));
        commonsAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
        if (log.isTraceEnabled()) {
            log.trace("authenticated user {} with {}, setting security context", str2, authoritiesFromToken);
        }
        SecurityContextHolder.getContext().setAuthentication(commonsAuthenticationToken);
        return commonsAuthenticationToken;
    }
}
