package noo.rest.security;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import noo.exception.BaseException;
import noo.exception.BusinessException;
import noo.exception.ExpCode;
import noo.exception.SessionTimeoutException;
import noo.rest.security.processor.RequestInterceptor;
import noo.util.SpringContext;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsProcessor;
import org.springframework.web.cors.CorsUtils;
import org.springframework.web.cors.DefaultCorsProcessor;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

/* loaded from: input_file:noo/rest/security/SecurityFilter.class */
public class SecurityFilter implements Filter {
    private final UrlBasedCorsConfigurationSource configSource = new UrlBasedCorsConfigurationSource();
    protected final CorsProcessor corsProcessor = new DefaultCorsProcessor();
    protected SecuritySetting us;
    private StringRedisTemplate redis;
    private UsualHandler usualprocess;
    private List<RequestInterceptor> requestHandler;

    public CorsConfiguration buildDefaultCorsConfig() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.addAllowedHeader("*");
        corsConfiguration.addAllowedMethod("*");
        corsConfiguration.setAllowCredentials(true);
        return corsConfiguration;
    }

    public void registCorsConfiguration(String str, CorsConfiguration corsConfiguration) {
        this.configSource.registerCorsConfiguration(str, corsConfiguration);
    }

    public void setCorsConfiguration(CorsConfiguration corsConfiguration) {
        registCorsConfiguration("/**", corsConfiguration);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean isPassCors(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        CorsConfiguration corsConfiguration;
        if (!CorsUtils.isCorsRequest(httpServletRequest) || (corsConfiguration = this.configSource.getCorsConfiguration(httpServletRequest)) == null) {
            return true;
        }
        return this.corsProcessor.processRequest(corsConfiguration, httpServletRequest, httpServletResponse) && !CorsUtils.isPreFlightRequest(httpServletRequest);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isPassCors(httpServletRequest, httpServletResponse)) {
            String requestURI = httpServletRequest.getRequestURI();
            if (this.us.isIgnore(requestURI)) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            try {
                boolean z = false;
                Iterator<RequestInterceptor> it = getInterceptors().iterator();
                while (it.hasNext()) {
                    z = it.next().process(requestURI, httpServletRequest, httpServletResponse);
                    if (z) {
                        break;
                    }
                }
                if (!z) {
                    doUsualHandler(requestURI, httpServletRequest, httpServletResponse, filterChain);
                }
            } catch (Throwable th) {
                th.printStackTrace();
                if (th instanceof SessionTimeoutException) {
                    httpServletResponse.setStatus(401);
                    SecueHelper.writeResponse(httpServletResponse, th.toString());
                } else if (th instanceof BaseException) {
                    httpServletResponse.setStatus(400);
                    SecueHelper.writeResponse(httpServletResponse, th.toString());
                } else {
                    httpServletResponse.setStatus(403);
                    SecueHelper.writeResponse(httpServletResponse, new BusinessException(ExpCode.AUTHORIZE, "没有权限访问！").toString());
                }
            }
        }
    }

    private List<RequestInterceptor> getInterceptors() {
        if (this.requestHandler == null) {
            this.requestHandler = new ArrayList();
            Map beansOfType = SpringContext.getBeansOfType(RequestInterceptor.class);
            if (beansOfType != null) {
                for (RequestInterceptor requestInterceptor : beansOfType.values()) {
                    requestInterceptor.setSecuritySetting(this.us);
                    requestInterceptor.setRedis(this.redis);
                    this.requestHandler.add(requestInterceptor);
                }
            }
        }
        return this.requestHandler;
    }

    private void doUsualHandler(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws Exception {
        if (this.usualprocess == null) {
            this.usualprocess = new UsualHandler(this.us, this.redis);
        }
        this.usualprocess.process(str, httpServletRequest, httpServletResponse, filterChain);
    }

    public void setSecuritySetting(SecuritySetting securitySetting) {
        this.us = securitySetting;
    }

    public void setRedis(StringRedisTemplate stringRedisTemplate) {
        this.redis = stringRedisTemplate;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }
}
