package noo.rest.security.delegate;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import noo.exception.AuthenticateException;
import noo.exception.BaseException;
import noo.exception.BusinessException;
import noo.exception.ExpCode;
import noo.exception.SessionTimeoutException;
import noo.json.JsonObject;
import noo.rest.security.AbstractUser;
import noo.rest.security.AuthContext;
import noo.rest.security.SecueHelper;
import noo.rest.security.SecurityFilter;
import noo.util.S;
import org.springframework.http.HttpMethod;

/* loaded from: input_file:noo/rest/security/delegate/DelegateSecurityFilter.class */
public class DelegateSecurityFilter extends SecurityFilter {
    private DelegateSecuritySetting delegateUs;

    @Override // noo.rest.security.SecurityFilter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isPassCors(httpServletRequest, httpServletResponse)) {
            if (HttpMethod.OPTIONS.matches(httpServletRequest.getMethod())) {
                httpServletResponse.getWriter().print(0);
                return;
            }
            String requestURI = httpServletRequest.getRequestURI();
            if (this.delegateUs.isIgnore(requestURI)) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            try {
                if (this.delegateUs.isLoginUrl(requestURI)) {
                    AbstractUser loginByDelegate = this.delegateUs.loginByDelegate(httpServletRequest, httpServletResponse);
                    if (loginByDelegate == null) {
                        throw new AuthenticateException("用户不存在！");
                    }
                    setupContextOnCheckSuccess(httpServletRequest, httpServletResponse, loginByDelegate);
                } else if (this.delegateUs.isLogoutUrl(requestURI)) {
                    this.delegateUs.doLogout(httpServletRequest, retrieveUser(httpServletRequest, httpServletResponse));
                } else {
                    process(requestURI, httpServletRequest, httpServletResponse, filterChain);
                }
            } catch (Throwable th) {
                th.printStackTrace();
                if (th instanceof SessionTimeoutException) {
                    httpServletResponse.setStatus(401);
                    SecueHelper.writeResponse(httpServletResponse, th.toString());
                } else if (th instanceof BaseException) {
                    httpServletResponse.setStatus(400);
                    SecueHelper.writeResponse(httpServletResponse, th.toString());
                } else {
                    httpServletResponse.setStatus(403);
                    SecueHelper.writeResponse(httpServletResponse, new BusinessException(ExpCode.AUTHORIZE, "没有权限访问！").toString());
                }
            }
        }
    }

    public void process(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        AbstractUser retrieveUser = retrieveUser(httpServletRequest, httpServletResponse);
        if (retrieveUser == null) {
            httpServletResponse.setStatus(401);
            httpServletResponse.getWriter().print(new SessionTimeoutException().toString());
            return;
        }
        try {
            if (this.delegateUs.canAccess(retrieveUser, str)) {
                AuthContext.set(retrieveUser);
                filterChain.doFilter(httpServletRequest, httpServletResponse);
            } else {
                httpServletResponse.setStatus(403);
                SecueHelper.writeResponse(httpServletResponse, new BusinessException(ExpCode.AUTHORIZE, "没有权限访问！").toString());
            }
        } finally {
            AuthContext.clear();
        }
    }

    private AbstractUser retrieveUser(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String header = httpServletRequest.getHeader(SecueHelper.HEADER_KEY);
        if (S.isBlank(header)) {
            return null;
        }
        return this.delegateUs.getUserFromSession(header, httpServletRequest);
    }

    protected void setupContextOnCheckSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AbstractUser abstractUser) throws IOException {
        String token = abstractUser.getToken();
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("text/html;charset=utf-8");
        httpServletResponse.addHeader(SecueHelper.HEADER_KEY, token);
        this.delegateUs.initUserSession(token, abstractUser, httpServletRequest);
        JsonObject responseJsonObject = abstractUser.toResponseJsonObject();
        responseJsonObject.put(SecueHelper.HEADER_KEY, token);
        httpServletResponse.getWriter().print(responseJsonObject.encode());
    }

    public DelegateSecuritySetting getDelegateSecuritySetting() {
        return this.delegateUs;
    }

    public void setDelegateSecuritySetting(DelegateSecuritySetting delegateSecuritySetting) {
        this.delegateUs = delegateSecuritySetting;
    }
}
