package com.bizunited.nebula.security.local.transform;

import com.alibaba.fastjson.JSONObject;
import com.bizunited.nebula.security.local.utils.JWTContext;
import com.bizunited.nebula.security.local.utils.JwtUtils;
import com.bizunited.nebula.security.sdk.config.SimpleSecurityProperties;
import com.bizunited.nebula.security.sdk.login.UserIdentity;
import com.bizunited.nebula.security.sdk.transform.IdentityTransformStrategy;
import com.bizunited.nebula.security.sdk.transform.IdentityTransformValidate;
import com.google.common.collect.Lists;
import io.jsonwebtoken.ExpiredJwtException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.Validate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.web.filter.OncePerRequestFilter;

@Component
/* loaded from: input_file:com/bizunited/nebula/security/local/transform/JwtSecurityAuthorizationFilter.class */
public class JwtSecurityAuthorizationFilter extends OncePerRequestFilter {

    @Autowired(required = false)
    @Lazy
    private List<IdentityTransformStrategy> identityTransformStrategies;

    @Autowired(required = false)
    @Lazy
    private List<IdentityTransformValidate> identityTransformValidates;
    private static final String JWT_HEADER = "jwt";

    @Autowired
    private SimpleSecurityProperties simpleSecurityProperties;
    private static final Logger LOGGER = LoggerFactory.getLogger(JwtSecurityAuthorizationFilter.class);

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String header = httpServletRequest.getHeader(JWT_HEADER);
        if (StringUtils.isBlank(header)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (!this.simpleSecurityProperties.getIgnoreUrlsButJwt().booleanValue()) {
            ArrayList arrayList = new ArrayList();
            String[] ignoreUrls = this.simpleSecurityProperties.getIgnoreUrls();
            if (ignoreUrls != null && ignoreUrls.length > 0) {
                arrayList.addAll(Lists.newArrayList(ignoreUrls));
            }
            arrayList.addAll(Lists.newArrayList(SimpleSecurityProperties.DEFAULT_IGNOREURLS));
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                if (new AntPathRequestMatcher((String) it.next()).matches(httpServletRequest)) {
                    filterChain.doFilter(httpServletRequest, httpServletResponse);
                    return;
                }
            }
        }
        try {
            JWTContext decode = JwtUtils.decode(header, this.simpleSecurityProperties.getSecretKey());
            Validate.notNull(decode, "jwt解析失败，可能是因为格式信息，可能是用户身份信息已过期", new Object[0]);
            String account = decode.getAccount();
            String identityType = decode.getIdentityType();
            String tenantCode = decode.getTenantCode();
            JSONObject userInfo = decode.getUserInfo();
            UserIdentity userIdentity = null;
            Iterator<IdentityTransformStrategy> it2 = this.identityTransformStrategies.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                IdentityTransformStrategy next = it2.next();
                if (next.matched(decode.getIdentityType())) {
                    userIdentity = next.transform(identityType, tenantCode, account, userInfo);
                    break;
                }
            }
            if (userIdentity == null) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            String[] roleCodes = userIdentity.getRoleCodes();
            ArrayList newArrayList = Lists.newArrayList();
            if (roleCodes != null && roleCodes.length > 0) {
                for (String str : roleCodes) {
                    newArrayList.add(new SimpleGrantedAuthority(str));
                }
            }
            SecurityContext context = SecurityContextHolder.getContext();
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userIdentity.getAccount(), "123456", newArrayList);
            usernamePasswordAuthenticationToken.setDetails(userIdentity);
            context.setAuthentication(usernamePasswordAuthenticationToken);
            try {
                if (!CollectionUtils.isEmpty(this.identityTransformValidates)) {
                    for (IdentityTransformValidate identityTransformValidate : this.identityTransformValidates) {
                        if (identityTransformValidate.matched(userIdentity)) {
                            identityTransformValidate.validate(userIdentity);
                        }
                    }
                }
                filterChain.doFilter(httpServletRequest, httpServletResponse);
            } catch (RuntimeException e) {
                LOGGER.error(e.getMessage(), e);
                httpServletResponse.reset();
                httpServletResponse.setCharacterEncoding("utf-8");
                httpServletResponse.setContentType("text/html;charset=UTF-8");
                httpServletResponse.setStatus(601);
            }
        } catch (ExpiredJwtException e2) {
            LOGGER.error(e2.getMessage(), e2);
            httpServletResponse.reset();
            httpServletResponse.setCharacterEncoding("utf-8");
            httpServletResponse.setContentType("text/html;charset=UTF-8");
            httpServletResponse.setStatus(601);
        } catch (RuntimeException e3) {
            Boolean tryAuthentication = tryAuthentication(httpServletResponse);
            if (tryAuthentication == null) {
                return;
            }
            if (tryAuthentication.booleanValue()) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            LOGGER.error(e3.getMessage(), e3);
            httpServletResponse.reset();
            httpServletResponse.setCharacterEncoding("utf-8");
            httpServletResponse.setContentType("text/html;charset=UTF-8");
            httpServletResponse.setStatus(601);
            LOGGER.error("jwt info = " + header);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:17:0x0061, code lost:
    
        r0.validate((com.bizunited.nebula.security.sdk.login.UserIdentity) r0);
        r8 = true;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.Boolean tryAuthentication(javax.servlet.http.HttpServletResponse r5) {
        /*
            r4 = this;
            org.springframework.security.core.context.SecurityContext r0 = org.springframework.security.core.context.SecurityContextHolder.getContext()
            r6 = r0
            r0 = r6
            org.springframework.security.core.Authentication r0 = r0.getAuthentication()
            r7 = r0
            r0 = 0
            r8 = r0
            r0 = r7
            if (r0 == 0) goto Lb1
            r0 = r7
            java.lang.Object r0 = r0.getDetails()
            r9 = r0
            r0 = r9
            if (r0 == 0) goto Lb1
            r0 = r9
            boolean r0 = r0 instanceof com.bizunited.nebula.security.sdk.login.UserIdentity
            if (r0 == 0) goto Lb1
            r0 = r4
            java.util.List<com.bizunited.nebula.security.sdk.transform.IdentityTransformValidate> r0 = r0.identityTransformValidates     // Catch: java.lang.RuntimeException -> L7f
            boolean r0 = org.springframework.util.CollectionUtils.isEmpty(r0)     // Catch: java.lang.RuntimeException -> L7f
            if (r0 != 0) goto L79
            r0 = r4
            java.util.List<com.bizunited.nebula.security.sdk.transform.IdentityTransformValidate> r0 = r0.identityTransformValidates     // Catch: java.lang.RuntimeException -> L7f
            java.util.Iterator r0 = r0.iterator()     // Catch: java.lang.RuntimeException -> L7f
            r10 = r0
        L3c:
            r0 = r10
            boolean r0 = r0.hasNext()     // Catch: java.lang.RuntimeException -> L7f
            if (r0 == 0) goto L76
            r0 = r10
            java.lang.Object r0 = r0.next()     // Catch: java.lang.RuntimeException -> L7f
            com.bizunited.nebula.security.sdk.transform.IdentityTransformValidate r0 = (com.bizunited.nebula.security.sdk.transform.IdentityTransformValidate) r0     // Catch: java.lang.RuntimeException -> L7f
            r11 = r0
            r0 = r11
            r1 = r9
            com.bizunited.nebula.security.sdk.login.UserIdentity r1 = (com.bizunited.nebula.security.sdk.login.UserIdentity) r1     // Catch: java.lang.RuntimeException -> L7f
            boolean r0 = r0.matched(r1)     // Catch: java.lang.RuntimeException -> L7f
            if (r0 == 0) goto L73
            r0 = r11
            r1 = r9
            com.bizunited.nebula.security.sdk.login.UserIdentity r1 = (com.bizunited.nebula.security.sdk.login.UserIdentity) r1     // Catch: java.lang.RuntimeException -> L7f
            r0.validate(r1)     // Catch: java.lang.RuntimeException -> L7f
            r0 = 1
            r8 = r0
            goto L76
        L73:
            goto L3c
        L76:
            goto L7c
        L79:
            r0 = 1
            r8 = r0
        L7c:
            goto Lb1
        L7f:
            r10 = move-exception
            org.slf4j.Logger r0 = com.bizunited.nebula.security.local.transform.JwtSecurityAuthorizationFilter.LOGGER
            r1 = r10
            java.lang.String r1 = r1.getMessage()
            r2 = r10
            r0.error(r1, r2)
            r0 = r5
            r0.reset()
            r0 = r5
            java.lang.String r1 = "utf-8"
            r0.setCharacterEncoding(r1)
            r0 = r5
            java.lang.String r1 = "text/html;charset=UTF-8"
            r0.setContentType(r1)
            r0 = r5
            r1 = 601(0x259, float:8.42E-43)
            r0.setStatus(r1)
            r0 = 0
            return r0
        Lb1:
            r0 = r8
            java.lang.Boolean r0 = java.lang.Boolean.valueOf(r0)
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.bizunited.nebula.security.local.transform.JwtSecurityAuthorizationFilter.tryAuthentication(javax.servlet.http.HttpServletResponse):java.lang.Boolean");
    }
}
