package com.iframework.uaa.auth.autoconfigure.filter;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.parser.Feature;
import com.iframework.staging.autoconfigure.entity.ResponseData;
import com.iframework.staging.autoconfigure.logging.CurrentRequest;
import com.iframework.uaa.auth.autoconfigure.properties.AuthTokenProperties;
import com.iframework.uaa.auth.autoconfigure.service.AuthenticationService;
import com.iframework.uaa.auth.autoconfigure.utils.RsaUtil;
import com.nimbusds.jose.JOSEObjectType;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.io.IOException;
import java.util.Date;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;

/* loaded from: input_file:com/iframework/uaa/auth/autoconfigure/filter/JWTAuthenticationFilter.class */
public class JWTAuthenticationFilter extends AbstractAuthenticationProcessingFilter {

    @Autowired(required = false)
    private AuthenticationService authenticationService;

    @Autowired
    private AuthTokenProperties properties;

    public JWTAuthenticationFilter() {
        super(new AntPathRequestMatcher("/res/user/token", "POST"));
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        JSONObject jSONObject = (JSONObject) JSON.parseObject(CurrentRequest.getBody(), JSONObject.class, new Feature[0]);
        String string = jSONObject.getString("username");
        String string2 = jSONObject.getString("password");
        if (string == null) {
            string = "";
        }
        if (string2 == null) {
            string2 = "";
        }
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(string.trim(), string2);
        setDetails(httpServletRequest, usernamePasswordAuthenticationToken);
        return getAuthenticationManager().authenticate(usernamePasswordAuthenticationToken);
    }

    protected void setDetails(HttpServletRequest httpServletRequest, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
    }

    protected void successfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, Authentication authentication) throws IOException, ServletException {
        SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).type(JOSEObjectType.JWT).build(), new JWTClaimsSet.Builder().subject(authentication.getName()).expirationTime(new Date(System.currentTimeMillis() + (3600000 * this.properties.getHours().intValue()))).build());
        try {
            signedJWT.sign(new RSASSASigner(RsaUtil.getPrivateKey(this.properties.getPrivateKey())));
            String serialize = signedJWT.serialize();
            if (Optional.ofNullable(this.authenticationService).isPresent()) {
                this.authenticationService.successfulAuthentication(httpServletRequest, httpServletResponse, serialize);
            } else {
                httpServletResponse.setContentType("application/json");
                httpServletResponse.getWriter().write(JSON.toJSONString(ResponseData.ok(serialize)));
            }
        } catch (Exception e) {
            unsuccessfulAuthentication(httpServletRequest, httpServletResponse, null);
        }
    }

    protected void unsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        if (Optional.ofNullable(this.authenticationService).isPresent()) {
            this.authenticationService.unsuccessfulAuthentication(httpServletRequest, httpServletResponse);
        } else {
            httpServletResponse.setContentType("application/json");
            httpServletResponse.getWriter().write(JSON.toJSONString(ResponseData.fail().errorCode("401").errorMsg("用户名或密码错误！")));
        }
    }
}
