package com.supwisdom.insititute.token.server.face.domain.web.authentication;

import com.supwisdom.insititute.token.server.account.domain.entity.Account;
import com.supwisdom.insititute.token.server.face.domain.service.FaceService;
import com.supwisdom.insititute.token.server.security.domain.core.userdetails.TokenUser;
import com.supwisdom.insititute.token.server.security.domain.core.userdetails.TokenUserConverter;
import com.supwisdom.insititute.token.server.security.domain.validator.AccountStatusValidator;
import java.io.IOException;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.http.HttpStatus;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;

/* loaded from: input_file:BOOT-INF/lib/token-server-face-domain-1.1.0-SNAPSHOT.jar:com/supwisdom/insititute/token/server/face/domain/web/authentication/FaceLoginAuthenticationFilter.class */
public class FaceLoginAuthenticationFilter extends GenericFilterBean {
    private AccountStatusValidator accountStatusValidator;
    private FaceService faceService;
    private UserDetailsService userDetailsService;
    private TokenUserConverter tokenUserConverter;
    protected MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    private RequestMatcher requiresAuthenticationRequestMatcher = new AntPathRequestMatcher("/face/faceLogin", "POST");

    public FaceLoginAuthenticationFilter(String str) {
        setFilterProcessesUrl(str);
    }

    public void setFilterProcessesUrl(String str) {
        setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher(str, "POST"));
    }

    public final void setRequiresAuthenticationRequestMatcher(RequestMatcher requestMatcher) {
        Assert.notNull(requestMatcher, "requestMatcher cannot be null");
        this.requiresAuthenticationRequestMatcher = requestMatcher;
    }

    @Override // org.springframework.web.filter.GenericFilterBean, org.springframework.beans.factory.InitializingBean
    public void afterPropertiesSet() throws ServletException {
        super.afterPropertiesSet();
        Assert.notNull(this.faceService, "A FaceService is required");
        Assert.notNull(this.userDetailsService, "A UserDetailsService is required");
        Assert.notNull(this.tokenUserConverter, "An TokenUserConverter is required");
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (!requiresAuthentication(httpServletRequest, httpServletResponse)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("Request is to process authentication");
        }
        doFilterInternal(httpServletRequest, httpServletResponse, filterChain);
    }

    protected boolean requiresAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return this.requiresAuthenticationRequestMatcher.matches(httpServletRequest);
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter("username");
        String parameter2 = httpServletRequest.getParameter("photoFileBase64");
        if (parameter == null || parameter.isEmpty()) {
            httpServletResponse.sendError(HttpStatus.BAD_REQUEST.value(), "request.parameter.error");
            return;
        }
        if (parameter2 == null || parameter2.isEmpty()) {
            httpServletResponse.sendError(HttpStatus.BAD_REQUEST.value(), "request.parameter.error");
            return;
        }
        if (!this.faceService.faceverify(parameter2, parameter)) {
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), this.messages.getMessage("FaceLoginAuthenticationFilter.faceNotVerify", "Face error"));
            return;
        }
        try {
            UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(parameter);
            TokenUser convertFromUserDetails = loadUserByUsername instanceof TokenUser ? (TokenUser) loadUserByUsername : this.tokenUserConverter.convertFromUserDetails(loadUserByUsername);
            if (convertFromUserDetails == null) {
                SecurityContextHolder.clearContext();
                httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), this.messages.getMessage("FaceLoginAuthenticationFilter.userNotFound", "Account not found"));
                return;
            }
            try {
                List<Account> accounts = convertFromUserDetails.getAccounts();
                if (accounts != null && accounts.size() == 1) {
                    this.accountStatusValidator.validate(accounts.get(0));
                }
                SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(convertFromUserDetails, null, convertFromUserDetails.getAuthorities()));
                filterChain.doFilter(httpServletRequest, httpServletResponse);
            } catch (AuthenticationException e) {
                SecurityContextHolder.clearContext();
                httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), e.getMessage());
            }
        } catch (UsernameNotFoundException e2) {
            SecurityContextHolder.clearContext();
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), this.messages.getMessage("FaceLoginAuthenticationFilter.userNotFound", "Account not found"));
        } catch (AuthenticationException e3) {
            SecurityContextHolder.clearContext();
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), e3.getMessage());
        }
    }

    public void setAccountStatusValidator(AccountStatusValidator accountStatusValidator) {
        this.accountStatusValidator = accountStatusValidator;
    }

    public void setFaceService(FaceService faceService) {
        this.faceService = faceService;
    }

    public void setUserDetailsService(UserDetailsService userDetailsService) {
        this.userDetailsService = userDetailsService;
    }

    public void setTokenUserConverter(TokenUserConverter tokenUserConverter) {
        this.tokenUserConverter = tokenUserConverter;
    }
}
