package com.flyfish.oauth.filter;

import com.flyfish.oauth.common.OAuthFilterContext;
import com.flyfish.oauth.common.auth.AuthStatus;
import com.flyfish.oauth.common.auth.OAuthAuthenticator;
import com.flyfish.oauth.domain.OAuth2AccessToken;
import com.flyfish.oauth.domain.raw.SSOUserInfo;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.velocity.Template;
import org.apache.velocity.VelocityContext;
import org.apache.velocity.app.Velocity;

@WebFilter(urlPatterns = {"/*"}, initParams = {@WebInitParam(name = "exclude", value = "/oauth/*;/oauth/sync/*")})
/* loaded from: input_file:com/flyfish/oauth/filter/SSOAuthenticationFilter.class */
public class SSOAuthenticationFilter extends ClientAwareFilter {
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (checkAvailable(httpServletResponse)) {
            OAuthFilterContext oAuthFilterContext = new OAuthFilterContext(httpServletRequest, httpServletResponse, filterChain);
            if (!isOAuth(httpServletRequest)) {
                oAuthFilterContext.continueFilter();
                return;
            }
            if (OAuthAuthenticator.getInstance().checkStatus(httpServletRequest)) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            if (this.client.getProperties().getSensitiveUris().contains(httpServletRequest.getRequestURI())) {
                httpServletResponse.sendRedirect("/");
                return;
            }
            if (this.client.getSessionConverter().isComplete(httpServletRequest.getSession())) {
                httpServletResponse.sendRedirect(this.client.getProperties().getLocalUrl());
                return;
            }
            AuthStatus authenticate = OAuthAuthenticator.getInstance().authenticate(oAuthFilterContext);
            if (authenticate == AuthStatus.SUCCESS) {
                redirect(this.client.getProperties().getLocalUrl(), oAuthFilterContext);
            } else if (authenticate != AuthStatus.REDIRECT) {
                oAuthFilterContext.continueFilter();
            }
        }
    }

    private boolean isOAuth(HttpServletRequest httpServletRequest) {
        return (null == httpServletRequest.getParameter(OAuth2AccessToken.AUTH_PARAM_VALUE) && null == httpServletRequest.getHeader(OAuth2AccessToken.AUTH_PARAM_VALUE)) ? false : true;
    }

    private void redirect(String str, OAuthFilterContext oAuthFilterContext) throws IOException {
        HttpServletRequest request = oAuthFilterContext.getRequest();
        HttpServletResponse response = oAuthFilterContext.getResponse();
        String expectRedirectUri = this.client.getSessionConverter().expectRedirectUri(request);
        String str2 = StringUtils.isNotBlank(expectRedirectUri) ? expectRedirectUri : str;
        SSOUserInfo sSOUserInfo = (SSOUserInfo) request.getAttribute("user");
        if (null != sSOUserInfo) {
            response.setContentType("text/html;charset=UTF-8");
            PrintWriter writer = response.getWriter();
            VelocityContext velocityContext = new VelocityContext();
            velocityContext.put("user", sSOUserInfo);
            velocityContext.put("redirect", str2);
            String str3 = (String) request.getSession().getAttribute("token");
            if (StringUtils.isNotBlank(str3)) {
                velocityContext.put("token", str3);
            }
            try {
                Template template = Velocity.getTemplate("templates/redirect.vm");
                template.setEncoding("UTF-8");
                template.merge(velocityContext, writer);
            } catch (Exception e) {
                e.printStackTrace();
                writer.write("ERROR");
            }
        }
    }

    private boolean checkAvailable(HttpServletResponse httpServletResponse) throws IOException {
        if (null != this.client.getProperties()) {
            return true;
        }
        httpServletResponse.sendError(503, "系统正在启动中...");
        return false;
    }
}
