package xyz.shodown.boot.upms.filter;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import javax.annotation.Resource;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.util.StopWatch;
import org.springframework.web.filter.OncePerRequestFilter;
import xyz.shodown.boot.upms.config.AdditionalProperties;
import xyz.shodown.boot.upms.entity.ShodownUser;
import xyz.shodown.boot.upms.handler.AuthEntryPoint;
import xyz.shodown.boot.upms.model.SecurityUser;
import xyz.shodown.boot.upms.service.UserService;
import xyz.shodown.boot.upms.util.ShodownUpmsUtil;
import xyz.shodown.common.request.RequestWrapper;
import xyz.shodown.common.response.ResponseWrapper;
import xyz.shodown.common.response.Result;
import xyz.shodown.common.util.basic.StringUtil;
import xyz.shodown.common.util.io.ResponseUtil;

@Component
/* loaded from: input_file:xyz/shodown/boot/upms/filter/TokenAuthFilter.class */
public class TokenAuthFilter extends OncePerRequestFilter {
    private static final Logger log = LoggerFactory.getLogger("business");
    private final ThreadLocal<String> urlLocal = new ThreadLocal<>();

    @Resource
    private AuthEntryPoint authEntryPoint;

    @Resource
    private UserService userService;

    @Resource
    private AdditionalProperties additionalProperties;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (ShodownUpmsUtil.shouldIgnoreUrl(this.additionalProperties, httpServletRequest.getRequestURI())) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        boolean z = httpServletRequest.getContentType() == null && httpServletRequest.getContentLength() > 0;
        boolean z2 = (httpServletRequest.getContentType() == null || httpServletRequest.getContentType().contains("application/json") || httpServletRequest.getContentType().contains("text/plain") || httpServletRequest.getContentType().contains("multipart/form-data")) ? false : true;
        if (z || z2) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        RequestWrapper requestWrapper = new RequestWrapper(httpServletRequest);
        ResponseWrapper responseWrapper = new ResponseWrapper(httpServletResponse);
        StopWatch stopWatch = new StopWatch();
        try {
            try {
                stopWatch.start();
                logReq(requestWrapper);
                String header = httpServletRequest.getHeader("auth-token");
                log.debug("检查令牌:{}", header);
                if (StringUtil.isNotBlank(header)) {
                    SecurityUser userByToken = this.userService.getUserByToken(header);
                    if (userByToken == null) {
                        log.info("TOKEN已过期，请重新登陆");
                        ResponseUtil.out(httpServletResponse, Result.fail(307, "TOKEN已过期，请重新登陆"));
                        stopWatch.stop();
                        logResp(responseWrapper, stopWatch.getTotalTimeMillis());
                        return;
                    }
                    ShodownUser currentUserInfo = userByToken.getCurrentUserInfo();
                    currentUserInfo.setPassword(null);
                    currentUserInfo.setSalt(null);
                    userByToken.setCurrentUserInfo(currentUserInfo);
                    SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(userByToken, userByToken.getPassword(), userByToken.getAuthorities()));
                }
                filterChain.doFilter(requestWrapper, httpServletResponse);
                stopWatch.stop();
                logResp(responseWrapper, stopWatch.getTotalTimeMillis());
            } catch (AuthenticationException e) {
                SecurityContextHolder.clearContext();
                log.error("令牌认证错误: " + e.getMessage(), e);
                this.authEntryPoint.commence(httpServletRequest, httpServletResponse, e);
                stopWatch.stop();
                logResp(responseWrapper, stopWatch.getTotalTimeMillis());
            } catch (Exception e2) {
                SecurityContextHolder.clearContext();
                this.logger.error(e2.getMessage(), e2);
                ResponseUtil.out(httpServletResponse, Result.fail(e2.getMessage()));
                stopWatch.stop();
                logResp(responseWrapper, stopWatch.getTotalTimeMillis());
            }
        } catch (Throwable th) {
            stopWatch.stop();
            logResp(responseWrapper, stopWatch.getTotalTimeMillis());
            throw th;
        }
    }

    private void logReq(RequestWrapper requestWrapper) throws IOException {
        if (requestWrapper != null) {
            String requestBody = requestWrapper.getRequestBody();
            String replace = requestWrapper.getRequestURI().replace("//", "/");
            this.urlLocal.set(replace);
            log.info("`{}` 接收到的参数: {}", replace, requestBody);
        }
    }

    private void logResp(ResponseWrapper responseWrapper, long j) throws IOException {
        String str;
        if (responseWrapper != null) {
            byte[] responseData = responseWrapper.getResponseData();
            if (responseData.length > 0) {
                try {
                    str = new String(responseData, 0, responseData.length, responseWrapper.getCharacterEncoding());
                } catch (UnsupportedEncodingException e) {
                    str = "[unknown]";
                }
                log.info("`{}`  耗时:{}ms  返回的参数: {}", new Object[]{this.urlLocal.get(), Long.valueOf(j), str});
                this.urlLocal.remove();
            }
        }
    }
}
