package com.supwisdom.institute.developer.center.gateway.zuul.filters.simple;

import ch.qos.logback.core.joran.util.beans.BeanUtil;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import com.supwisdom.infras.security.authentication.converter.InfrasUserConverter;
import com.supwisdom.infras.security.core.userdetails.InfrasUser;
import com.supwisdom.institute.developer.center.gateway.common.transmit.user.User;
import com.supwisdom.institute.developer.center.gateway.zuul.sa.backend.service.DevAccountService;
import com.supwisdom.institute.developer.center.gateway.zuul.sa.backend.service.DevApplicationService;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:BOOT-INF/classes/com/supwisdom/institute/developer/center/gateway/zuul/filters/simple/AccountAppAuthFilter.class */
public class AccountAppAuthFilter extends ZuulFilter {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AccountAppAuthFilter.class);

    @Value("${ability.integrate.path:/api/v1/abilityIntegrate}")
    private String filterPath;

    @Autowired
    private DevAccountService devAccountService;

    @Autowired
    DevApplicationService devApplicationService;

    @Autowired
    private InfrasUserConverter infrasUserConverter;

    @Override // com.netflix.zuul.ZuulFilter
    public String filterType() {
        return FilterConstants.PRE_TYPE;
    }

    @Override // com.netflix.zuul.ZuulFilter
    public int filterOrder() {
        return 0;
    }

    @Override // com.netflix.zuul.IZuulFilter
    public boolean shouldFilter() {
        HttpServletRequest request = RequestContext.getCurrentContext().getRequest();
        String method = request.getMethod();
        if (request.getServletPath().contains(this.filterPath)) {
            return method.equalsIgnoreCase(BeanUtil.PREFIX_GETTER_GET) || method.equalsIgnoreCase(FilterConstants.POST_TYPE) || method.equalsIgnoreCase("put") || method.equalsIgnoreCase("delete");
        }
        return false;
    }

    @Override // com.netflix.zuul.IZuulFilter
    public Object run() throws ZuulException {
        RequestContext currentContext = RequestContext.getCurrentContext();
        HttpServletRequest request = currentContext.getRequest();
        InfrasUser convert = this.infrasUserConverter.convert(SecurityContextHolder.getContext().getAuthentication());
        User user = null;
        if (null != convert) {
            try {
                user = new User(convert.getUsername(), convert.getRoles(), convert.getAttributes());
                log.debug("user is: {}", user);
            } catch (Exception e) {
                log.warn("User get from header: error", (Throwable) e);
            }
        }
        String header = request.getHeader("X-Application-Id");
        if (StringUtils.isEmpty(header)) {
            header = request.getParameter("applicationId");
        }
        String applicationIdentification = this.devApplicationService.getApplicationIdentification(header);
        if (StringUtils.isEmpty(header) || StringUtils.isEmpty(applicationIdentification) || null == user || StringUtils.isEmpty(user.getUsername())) {
            setError(currentContext);
            return null;
        }
        if (!user.getRoles().contains("open-admin") && !this.devAccountService.authAccount(user.getUsername(), applicationIdentification)) {
            setError(currentContext);
            return null;
        }
        currentContext.addZuulRequestHeader("X-Account-Name", user.getUsername());
        log.debug("set to zuul header[X-Account-Name]={}:ok", user.getUsername());
        currentContext.addZuulRequestHeader("X-App-Id", applicationIdentification);
        log.debug("set to zuul header[X-App-Id]={}:ok", applicationIdentification);
        return null;
    }

    private void setError(RequestContext requestContext) {
        requestContext.setSendZuulResponse(false);
        requestContext.setResponseBody("{\"status\":403,\"message\":\"This account have no auth of this application! \"}");
        requestContext.setResponseStatusCode(403);
    }
}
