package com.supwisdom.infras.security.configure.idtoken;

import com.supwisdom.infras.security.authentication.JwtAuthenticationToken;
import com.supwisdom.infras.security.configure.idtoken.util.IdTokenUtil;
import com.supwisdom.infras.security.core.userdetails.InfrasUser;
import io.jsonwebtoken.Claims;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/supwisdom/infras/security/configure/idtoken/IdTokenAuthenticationFilter.class */
public class IdTokenAuthenticationFilter extends OncePerRequestFilter {
    private static final Logger logger = LoggerFactory.getLogger(IdTokenAuthenticationFilter.class);

    @Value("${infras.security.idtoken.parameterName:idToken}")
    private String parameterName;

    @Value("${infras.security.idtoken.headerName:X-Id-Token}")
    private String headerName;

    @Value("${infras.security.idtoken.headerValue.prefix:}")
    private String headerValuePrefix;
    private final UserDetailsService userDetailsService;
    private final IdTokenUtil idTokenUtil;

    public IdTokenAuthenticationFilter(UserDetailsService userDetailsService, IdTokenUtil idTokenUtil) {
        this.userDetailsService = userDetailsService;
        this.idTokenUtil = idTokenUtil;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        try {
            attemptAuthentication(httpServletRequest, httpServletResponse);
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (AuthenticationException e) {
            SecurityContextHolder.clearContext();
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), HttpStatus.UNAUTHORIZED.getReasonPhrase());
        }
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException {
        String str = null;
        String parameter = httpServletRequest.getParameter(this.parameterName);
        logger.debug("idTokenParamterValue is [{}]", parameter);
        if (parameter != null && !parameter.isEmpty()) {
            str = parameter;
        }
        if (str == null) {
            String header = httpServletRequest.getHeader(this.headerName);
            logger.debug("idTokenHeaderValue is [{}]", header);
            if (header != null && !header.isEmpty()) {
                str = header;
            }
        }
        logger.debug("idToken is [{}]", str);
        if (str == null || str.isEmpty()) {
            return null;
        }
        Claims claimsFromToken = this.idTokenUtil.getClaimsFromToken(str);
        if (claimsFromToken == null) {
            throw new BadCredentialsException("idToken error");
        }
        InfrasUser infrasUserFromToken = getInfrasUserFromToken(claimsFromToken);
        if (infrasUserFromToken == null) {
            return null;
        }
        JwtAuthenticationToken jwtAuthenticationToken = new JwtAuthenticationToken(infrasUserFromToken, str, infrasUserFromToken.getAuthorities(), infrasUserFromToken.getAttributes(), convertMapFromToken(claimsFromToken));
        SecurityContextHolder.getContext().setAuthentication(jwtAuthenticationToken);
        return jwtAuthenticationToken;
    }

    protected InfrasUser getInfrasUserFromToken(Claims claims) {
        String str;
        if (claims == null) {
            return null;
        }
        try {
            str = claims.getSubject();
        } catch (Exception e) {
            str = null;
        }
        if (str == null) {
            return null;
        }
        InfrasUser loadUserByUsername = getUserDetailsService().loadUserByUsername(str);
        if (InfrasUser.class.isInstance(loadUserByUsername)) {
            return loadUserByUsername;
        }
        InfrasUser infrasUser = new InfrasUser(str, claims.getId(), new ArrayList(loadUserByUsername.getAuthorities()), getAttributesFromToken(claims));
        infrasUser.eraseCredentials();
        return infrasUser;
    }

    protected String getUsernameFromToken(Claims claims) {
        String str;
        try {
            str = claims.getSubject();
        } catch (Exception e) {
            str = null;
        }
        return str;
    }

    protected Map<String, Object> convertMapFromToken(Claims claims) {
        return new HashMap((Map) claims);
    }

    protected List<GrantedAuthority> getAuthoritiesFromToken(Claims claims) {
        ArrayList arrayList = new ArrayList();
        try {
            for (String str : ((String) claims.get("ROLES", String.class)).split(",")) {
                arrayList.add(new SimpleGrantedAuthority(str));
            }
        } catch (Exception e) {
            arrayList = new ArrayList();
        }
        return arrayList;
    }

    protected Map<String, Object> getAttributesFromToken(Claims claims) {
        HashMap hashMap = new HashMap();
        try {
            for (String str : claims.keySet()) {
                if (str.startsWith("ATTR_")) {
                    hashMap.put(str.substring(5), claims.get(str));
                }
            }
        } catch (Exception e) {
            hashMap = new HashMap();
        }
        return hashMap;
    }

    public UserDetailsService getUserDetailsService() {
        return this.userDetailsService;
    }

    public IdTokenUtil getIdTokenUtil() {
        return this.idTokenUtil;
    }
}
