package org.apache.shardingsphere.elasticjob.cloud.console.security;

import com.google.common.base.Strings;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import io.netty.buffer.ByteBufUtil;
import io.netty.handler.codec.http.FullHttpRequest;
import io.netty.handler.codec.http.FullHttpResponse;
import io.netty.handler.codec.http.HttpHeaderNames;
import io.netty.handler.codec.http.HttpMethod;
import io.netty.handler.codec.http.HttpResponseStatus;
import io.netty.handler.codec.http.HttpUtil;
import java.util.Collections;
import java.util.Optional;
import lombok.Generated;
import org.apache.shardingsphere.elasticjob.restful.Filter;
import org.apache.shardingsphere.elasticjob.restful.deserializer.RequestBodyDeserializerFactory;
import org.apache.shardingsphere.elasticjob.restful.filter.FilterChain;

/* loaded from: input_file:org/apache/shardingsphere/elasticjob/cloud/console/security/AuthenticationFilter.class */
public final class AuthenticationFilter implements Filter {
    private final Gson gson = new GsonBuilder().disableHtmlEscaping().create();
    private final AuthenticationService authenticationService;

    public void doFilter(FullHttpRequest fullHttpRequest, FullHttpResponse fullHttpResponse, FilterChain filterChain) {
        if (HttpMethod.POST.equals(fullHttpRequest.method()) && AuthenticationConstants.LOGIN_URI.equals(fullHttpRequest.uri())) {
            handleLogin(fullHttpRequest, fullHttpResponse);
            return;
        }
        String str = fullHttpRequest.headers().get(AuthenticationConstants.HEADER_NAME);
        if (Strings.isNullOrEmpty(str) || !str.equals(this.authenticationService.getToken())) {
            respondWithUnauthorized(fullHttpResponse);
        } else {
            filterChain.next(fullHttpRequest);
        }
    }

    private void handleLogin(FullHttpRequest fullHttpRequest, FullHttpResponse fullHttpResponse) {
        if (!this.authenticationService.check((AuthenticationInfo) RequestBodyDeserializerFactory.getRequestBodyDeserializer(((CharSequence) Optional.ofNullable(HttpUtil.getMimeType(fullHttpRequest)).orElseGet(() -> {
            return HttpUtil.getMimeType("application/json; charset=utf-8");
        })).toString()).deserialize(AuthenticationInfo.class, ByteBufUtil.getBytes(fullHttpRequest.content())))) {
            respondWithUnauthorized(fullHttpResponse);
        } else {
            respond(fullHttpResponse, HttpResponseStatus.OK, this.gson.toJson(Collections.singletonMap(AuthenticationConstants.HEADER_NAME, this.authenticationService.getToken())).getBytes());
        }
    }

    private void respondWithUnauthorized(FullHttpResponse fullHttpResponse) {
        respond(fullHttpResponse, HttpResponseStatus.UNAUTHORIZED, this.gson.toJson(Collections.singletonMap("message", "Unauthorized.")).getBytes());
    }

    private void respond(FullHttpResponse fullHttpResponse, HttpResponseStatus httpResponseStatus, byte[] bArr) {
        fullHttpResponse.setStatus(httpResponseStatus);
        fullHttpResponse.headers().set(HttpHeaderNames.CONTENT_TYPE, "application/json; charset=utf-8");
        fullHttpResponse.content().writeBytes(bArr);
        HttpUtil.setContentLength(fullHttpResponse, fullHttpResponse.content().readableBytes());
        HttpUtil.setKeepAlive(fullHttpResponse, true);
    }

    @Generated
    public AuthenticationFilter(AuthenticationService authenticationService) {
        this.authenticationService = authenticationService;
    }
}
