package xyz.shodown.boot.upms.filter;

import java.io.IOException;
import java.util.Collection;
import javax.annotation.Resource;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;
import xyz.shodown.boot.upms.handler.AuthFailureHandler;
import xyz.shodown.boot.upms.handler.AuthSuccessHandler;
import xyz.shodown.boot.upms.keychain.LoginKeyChain;
import xyz.shodown.boot.upms.model.LoginDto;
import xyz.shodown.boot.upms.support.AuthManager;
import xyz.shodown.boot.upms.util.ShodownUpmsUtil;
import xyz.shodown.common.request.RequestWrapper;
import xyz.shodown.common.util.json.JsonUtil;
import xyz.shodown.crypto.enums.Algorithm;
import xyz.shodown.crypto.helper.CryptoHelper;
import xyz.shodown.crypto.properties.CryptoProperties;

@Component
/* loaded from: input_file:xyz/shodown/boot/upms/filter/AuthProcessingFilter.class */
public class AuthProcessingFilter extends AbstractAuthenticationProcessingFilter {
    private static final Logger log = LoggerFactory.getLogger("exception");

    @Resource
    private CryptoProperties cryptoProperties;

    @Resource
    private AuthManager authManager;

    @Resource
    private AuthSuccessHandler authSuccessHandler;

    @Resource
    private AuthFailureHandler authFailureHandler;

    public AuthProcessingFilter() {
        super(new AntPathRequestMatcher("/login", "POST"));
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        if (httpServletRequest.getContentType() == null || !(httpServletRequest.getContentType().contains("application/json") || httpServletRequest.getContentType().contains("text/plain") || httpServletRequest.getContentType().contains("multipart/form-data"))) {
            throw new AuthenticationServiceException("请求头类型不支持: " + httpServletRequest.getContentType());
        }
        LoginDto resolveLoginDto = resolveLoginDto(new RequestWrapper(httpServletRequest));
        return getAuthenticationManager().authenticate(new UsernamePasswordAuthenticationToken(resolveLoginDto.getUsername(), resolveLoginDto.getPassword(), (Collection) null));
    }

    public void afterPropertiesSet() {
        setAuthenticationManager(this.authManager);
        setAuthenticationSuccessHandler(this.authSuccessHandler);
        setAuthenticationFailureHandler(this.authFailureHandler);
    }

    private LoginDto resolveLoginDto(RequestWrapper requestWrapper) throws Exception {
        if (!ShodownUpmsUtil.shouldCrypto(this.cryptoProperties)) {
            return (LoginDto) JsonUtil.jsonToBean(requestWrapper.getRequestBody(), LoginDto.class);
        }
        return (LoginDto) JsonUtil.jsonToBean(new CryptoHelper(Algorithm.RSA, LoginKeyChain.class, "登陆开始:", requestWrapper.getHeader("sign")).decrypt(requestWrapper.getRequestBody()), LoginDto.class);
    }
}
