package org.apache.shardingsphere.ui.security;

import com.google.common.base.Strings;
import com.google.gson.Gson;
import java.io.IOException;
import java.util.HashMap;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shardingsphere.ui.web.response.ResponseResultUtil;

/* loaded from: input_file:org/apache/shardingsphere/ui/security/AuthenticationFilter.class */
public final class AuthenticationFilter implements Filter {
    private static final String LOGIN_URI = "/api/login";
    private final Gson gson = new Gson();
    private UserAuthenticationService userAuthenticationService;

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (LOGIN_URI.equals(httpServletRequest.getRequestURI())) {
            handleLogin(httpServletRequest, httpServletResponse);
            return;
        }
        String header = httpServletRequest.getHeader("Access-Token");
        if (Strings.isNullOrEmpty(header) || !header.equals(this.userAuthenticationService.getToken())) {
            respondWithUnauthorized(httpServletResponse);
        } else {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    public void destroy() {
    }

    private void handleLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            if (this.userAuthenticationService.checkUser((UserAccount) this.gson.fromJson(httpServletRequest.getReader(), UserAccount.class))) {
                httpServletResponse.setContentType("application/json");
                httpServletResponse.setCharacterEncoding("UTF-8");
                HashMap hashMap = new HashMap();
                hashMap.put("username", this.userAuthenticationService.getUsername());
                hashMap.put("accessToken", this.userAuthenticationService.getToken());
                httpServletResponse.getWriter().write(this.gson.toJson(ResponseResultUtil.build(hashMap)));
            } else {
                respondWithUnauthorized(httpServletResponse);
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    private void respondWithUnauthorized(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.getWriter().write(new Gson().toJson(ResponseResultUtil.handleUnauthorizedException("Unauthorized.")));
    }

    public void setUserAuthenticationService(UserAuthenticationService userAuthenticationService) {
        this.userAuthenticationService = userAuthenticationService;
    }
}
