package cn.kduck.security.principal.filter;

import cn.kduck.core.cache.CacheHelper;
import cn.kduck.core.service.ValueMap;
import cn.kduck.security.UserExtInfo;
import cn.kduck.security.principal.AuthUser;
import java.io.IOException;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:cn/kduck/security/principal/filter/AuthenticatedUserFilter.class */
public class AuthenticatedUserFilter extends OncePerRequestFilter {
    public static final String AUTH_USER_CACHE_NAME = "AUTH_USER";
    public static final String SERVICE_PROXY_PATH_PATTERN = "/proxy/**";
    private List<AuthUserExtractor> authUserExtractorList;
    private AntPathMatcher antPathMatcher = new AntPathMatcher();

    @Autowired(required = false)
    private UserExtInfo userExtInfo;

    @Autowired(required = false)
    private List<FilterInterceptor> filterInterceptors;

    /* loaded from: input_file:cn/kduck/security/principal/filter/AuthenticatedUserFilter$AuthUserContext.class */
    public static class AuthUserContext {
        private static final ThreadLocal<AuthUser> authUserThreadLocal = new ThreadLocal<>();

        private AuthUserContext() {
        }

        public static void setAuthUser(AuthUser authUser) {
            authUserThreadLocal.set(authUser);
        }

        public static AuthUser getAuthUser() {
            return authUserThreadLocal.get();
        }

        static void reset() {
            authUserThreadLocal.remove();
        }
    }

    /* loaded from: input_file:cn/kduck/security/principal/filter/AuthenticatedUserFilter$AuthUserProxy.class */
    public static class AuthUserProxy {
        private String username;
        private Collection<String> authorities;
        private boolean accountNonExpired;
        private boolean accountNonLocked;
        private boolean credentialsNonExpired;
        private boolean enabled;
        private Map details;
        private boolean clientOnly;

        public AuthUserProxy() {
            this.authorities = Collections.emptyList();
            this.details = new HashMap();
            this.clientOnly = false;
        }

        public AuthUserProxy(AuthUser authUser) {
            this.authorities = Collections.emptyList();
            this.details = new HashMap();
            this.clientOnly = false;
            this.username = authUser.getUsername();
            this.authorities = authUser.getAuthorities();
            this.accountNonExpired = authUser.isAccountNonExpired();
            this.accountNonLocked = authUser.isAccountNonLocked();
            this.credentialsNonExpired = authUser.isCredentialsNonExpired();
            this.enabled = authUser.isEnabled();
        }

        public Map getDetails() {
            return this.details;
        }

        public void setDetails(Map map) {
            this.details = map;
        }

        public String getUsername() {
            return this.username;
        }

        public void setUsername(String str) {
            this.username = str;
        }

        public Collection<String> getAuthorities() {
            return this.authorities;
        }

        public void setAuthorities(List<String> list) {
            this.authorities = list;
        }

        public boolean isAccountNonExpired() {
            return this.accountNonExpired;
        }

        public void setAccountNonExpired(boolean z) {
            this.accountNonExpired = z;
        }

        public boolean isAccountNonLocked() {
            return this.accountNonLocked;
        }

        public void setAccountNonLocked(boolean z) {
            this.accountNonLocked = z;
        }

        public boolean isCredentialsNonExpired() {
            return this.credentialsNonExpired;
        }

        public void setCredentialsNonExpired(boolean z) {
            this.credentialsNonExpired = z;
        }

        public boolean isEnabled() {
            return this.enabled;
        }

        public void setEnabled(boolean z) {
            this.enabled = z;
        }

        public boolean isClientOnly() {
            return this.clientOnly;
        }

        public void setClientOnly(boolean z) {
            this.clientOnly = z;
        }
    }

    public AuthenticatedUserFilter(List<AuthUserExtractor> list) {
        this.authUserExtractorList = list;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (this.antPathMatcher.match(SERVICE_PROXY_PATH_PATTERN, httpServletRequest.getRequestURI())) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        Iterator<AuthUserExtractor> it = this.authUserExtractorList.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            AuthUser extract = it.next().extract(httpServletRequest, httpServletResponse);
            if (extract != null) {
                Map<String, Object> map = (Map) CacheHelper.getByCacheName(AUTH_USER_CACHE_NAME, extract.getUsername(), Map.class);
                if (map != null) {
                    extract.setAllDetailsItem(map);
                } else if (this.userExtInfo != null) {
                    ValueMap userExtInfo = this.userExtInfo.getUserExtInfo(extract.getUsername());
                    CacheHelper.put(AUTH_USER_CACHE_NAME, extract.getUsername(), userExtInfo);
                    if (userExtInfo != null) {
                        extract.setAllDetailsItem(userExtInfo);
                    }
                }
                AuthUserContext.setAuthUser(extract);
            }
        }
        if (this.filterInterceptors != null) {
            Iterator<FilterInterceptor> it2 = this.filterInterceptors.iterator();
            while (it2.hasNext()) {
                if (!it2.next().preHandle(httpServletRequest, httpServletResponse)) {
                    return;
                }
            }
        }
        try {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            if (this.filterInterceptors != null) {
                Iterator<FilterInterceptor> it3 = this.filterInterceptors.iterator();
                while (it3.hasNext()) {
                    it3.next().postHandle(httpServletRequest, httpServletResponse);
                }
            }
        } finally {
            AuthUserContext.reset();
        }
    }

    public void destroy() {
        AuthUserContext.reset();
    }
}
