package com.flyfish.oauth.filter;

import com.flyfish.oauth.client.OAuth2SsoClient;
import com.flyfish.oauth.common.sync.SyncSender;
import com.flyfish.oauth.configuration.OAuth2SsoProperties;
import com.flyfish.oauth.configuration.sync.SyncUserProvider;
import com.flyfish.oauth.domain.raw.OAuthUserResult;
import com.flyfish.oauth.utils.CastUtils;
import com.flyfish.oauth.utils.JacksonUtil;
import com.flyfish.oauth.utils.SecurityUtils;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;

@WebFilter(filterName = "sync-user-filter", urlPatterns = {"/oauth/users"})
/* loaded from: input_file:BOOT-INF/lib/oauth-client-1.0.6.jar:com/flyfish/oauth/filter/SyncUserFilter.class */
public class SyncUserFilter extends ClientAwareFilter {
    private static final List<Runnable> LOADERS = new ArrayList();
    private static SyncUserProvider<?> userProvider;

    public static void bind(SyncUserProvider<?> syncUserProvider) {
        userProvider = syncUserProvider;
        if (CollectionUtils.isNotEmpty(LOADERS)) {
            Iterator<Runnable> it = LOADERS.iterator();
            while (it.hasNext()) {
                it.next().run();
            }
        }
    }

    public static <T> SyncUserProvider<T> sharedProvider() {
        return (SyncUserProvider) CastUtils.cast(userProvider);
    }

    @Override // com.flyfish.oauth.filter.ClientAwareFilter, javax.servlet.Filter
    public void init(FilterConfig filterConfig) {
        super.init(filterConfig);
    }

    @Override // com.flyfish.oauth.common.OAuth2PostAware, com.flyfish.oauth.common.OAuth2SsoInitializeAware
    public void setClient(OAuth2SsoClient oAuth2SsoClient) {
        super.setClient(oAuth2SsoClient);
        if (null != provider()) {
            SyncSender.sendAll();
        } else {
            LOADERS.add(new Runnable() { // from class: com.flyfish.oauth.filter.SyncUserFilter.1
                @Override // java.lang.Runnable
                public void run() {
                    SyncSender.sendAll();
                }
            });
        }
    }

    private synchronized SyncUserProvider<?> provider() {
        if (null != userProvider) {
            return userProvider;
        }
        if (null == this.client.getProperties().getUserProviderClass()) {
            throw new IllegalArgumentException("【OAC用户同步】未实例化SyncUserProvider 或 未配置SyncUserProvider的实现类！");
        }
        try {
            return (SyncUserProvider) CastUtils.cast(this.client.getProperties().getUserProviderClass().newInstance());
        } catch (IllegalAccessException | InstantiationException e) {
            e.printStackTrace();
            throw new IllegalArgumentException("【OAC用户同步】未正确实现用户提供者，需要提供公共默认无参构造器！");
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) {
        if (servletRequest instanceof HttpServletRequest) {
            OAuth2SsoProperties properties = this.client.getProperties();
            String header = ((HttpServletRequest) servletRequest).getHeader("Authorization");
            if (StringUtils.isBlank(header)) {
                writeError((HttpServletResponse) servletResponse, 401, "未携带请求token，访问被拒绝！");
                return;
            }
            try {
                checkPassport(header, properties);
                if (servletResponse instanceof HttpServletResponse) {
                    try {
                        writeResponse((HttpServletResponse) servletResponse, OAuthUserResult.ok(provider().provide()));
                    } catch (Exception e) {
                        e.printStackTrace();
                        writeResponse((HttpServletResponse) servletResponse, OAuthUserResult.error(e.getMessage()));
                    }
                }
            } catch (IllegalArgumentException e2) {
                writeError((HttpServletResponse) servletResponse, 403, e2.getMessage());
            }
        }
    }

    private void writeResponse(HttpServletResponse httpServletResponse, OAuthUserResult oAuthUserResult) {
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json; charset=utf-8");
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            Throwable th = null;
            try {
                try {
                    writer.print(JacksonUtil.toJson(oAuthUserResult));
                    if (writer != null) {
                        if (0 != 0) {
                            try {
                                writer.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            writer.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    private void writeError(HttpServletResponse httpServletResponse, int i, String str) {
        httpServletResponse.setStatus(i);
        writeResponse(httpServletResponse, OAuthUserResult.error(str));
    }

    private void checkPassport(String str, OAuth2SsoProperties oAuth2SsoProperties) throws IllegalArgumentException {
        if (!oAuth2SsoProperties.getClientId().equals(SecurityUtils.decrypt(str, oAuth2SsoProperties))) {
            throw new IllegalArgumentException("验签失败！不是本系统的请求！");
        }
    }
}
