package com.flyfish.oauth.common.auth;

import ch.qos.logback.classic.ClassicConstants;
import com.flyfish.oauth.common.OAuth2PostAware;
import com.flyfish.oauth.common.OAuthFilterContext;
import com.flyfish.oauth.domain.OAuth2AccessToken;
import com.flyfish.oauth.domain.OAuthSSOToken;
import com.flyfish.oauth.domain.raw.SSOUserInfo;
import com.flyfish.oauth.utils.OAuthRequestParser;
import com.flyfish.oauth.utils.UserConvertUtils;
import java.io.IOException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.springframework.beans.propertyeditors.CustomBooleanEditor;

/* loaded from: input_file:BOOT-INF/lib/oauth-client-1.0.3.jar:com/flyfish/oauth/common/auth/OAuthAuthenticator.class */
public class OAuthAuthenticator extends OAuth2PostAware {
    private static final List<String> RESOURCE_TYPES = Arrays.asList(".js", ".css", ".ico", ".jpg", ".png", ".svg", ".gif", ".eot", ".ttf", ".woff");

    /* loaded from: input_file:BOOT-INF/lib/oauth-client-1.0.3.jar:com/flyfish/oauth/common/auth/OAuthAuthenticator$SingletonHolder.class */
    private static class SingletonHolder {
        private static final OAuthAuthenticator INSTANCE = new OAuthAuthenticator();

        private SingletonHolder() {
        }
    }

    public static OAuthAuthenticator getInstance() {
        return SingletonHolder.INSTANCE;
    }

    public boolean checkStatus(HttpServletRequest httpServletRequest) {
        return !checkResource(httpServletRequest.getRequestURI()) || checkAllowed(httpServletRequest.getRequestURI(), this.client.getProperties().getAllowUris());
    }

    public AuthStatus authenticate(OAuthFilterContext oAuthFilterContext) throws IOException {
        HttpServletRequest request = oAuthFilterContext.getRequest();
        HttpServletResponse response = oAuthFilterContext.getResponse();
        OAuthRequestParser parse = OAuthRequestParser.parse(request);
        String accessToken = parse.getAccessToken();
        if (parse.isAuthRequest()) {
            return AuthStatus.SKIP;
        }
        if (accessToken != null && this.authenticationEntryPoint.checkAccessToken(accessToken)) {
            return authenticateSuccess(request, accessToken) ? AuthStatus.SUCCESS : AuthStatus.REDIRECT;
        }
        if (refreshAccessToken(response, parse.getRefreshToken())) {
            authenticateSuccess(request, accessToken);
            return AuthStatus.SUCCESS;
        }
        if (!parse.needRedirect() && !this.client.getProperties().isAutoRedirect()) {
            return AuthStatus.FAIL;
        }
        response.addCookie(new Cookie(OAuth2AccessToken.AUTH_PARAM_VALUE, CustomBooleanEditor.VALUE_1));
        this.authenticationEntryPoint.logout(request);
        response.sendRedirect(this.authenticationEntryPoint.redirectUrl(parse));
        return AuthStatus.REDIRECT;
    }

    private boolean authenticateSuccess(HttpServletRequest httpServletRequest, String str) {
        HttpSession session = httpServletRequest.getSession();
        if (this.client.getSessionConverter().isComplete(session)) {
            return true;
        }
        SSOUserInfo userInfo = this.authenticationEntryPoint.getUserInfo(str);
        httpServletRequest.setAttribute(ClassicConstants.USER_MDC_KEY, userInfo);
        return this.client.getSessionConverter().convert(session, UserConvertUtils.convert(this.client.getUserService(), userInfo));
    }

    private boolean refreshAccessToken(HttpServletResponse httpServletResponse, String str) {
        OAuthSSOToken refreshAccessToken;
        if (null == str || null == (refreshAccessToken = this.authenticationEntryPoint.refreshAccessToken(str))) {
            return false;
        }
        Iterator<Cookie> it = refreshAccessToken.toCookies().iterator();
        while (it.hasNext()) {
            httpServletResponse.addCookie(it.next());
        }
        return true;
    }

    private boolean checkResource(String str) {
        Iterator<String> it = RESOURCE_TYPES.iterator();
        while (it.hasNext()) {
            if (str.endsWith(it.next())) {
                return false;
            }
        }
        return true;
    }

    private boolean checkAllowed(String str, Set<String> set) {
        for (String str2 : set) {
            if ((str2.endsWith("/**") && str.startsWith(str2.substring(0, str2.indexOf("/**")))) || str.equals(str2)) {
                return true;
            }
        }
        return false;
    }
}
