package org.springblade.gateway.filter;

import cn.hutool.core.util.StrUtil;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.netty.util.internal.StringUtil;
import java.nio.charset.StandardCharsets;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springblade.core.jwt.JwtUtil;
import org.springblade.core.jwt.props.JwtProperties;
import org.springblade.gateway.props.AuthProperties;
import org.springblade.gateway.provider.AuthProvider;
import org.springblade.gateway.provider.RequestProvider;
import org.springblade.gateway.provider.ResponseProvider;
import org.springblade.gateway.util.GetSysUserAccessToken;
import org.springblade.gateway.util.XIdTokenUtils;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@Component
/* loaded from: input_file:org/springblade/gateway/filter/AuthFilter.class */
public class AuthFilter implements GlobalFilter, Ordered {
    private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
    private final AuthProperties authProperties;
    private final ObjectMapper objectMapper;
    private final JwtProperties jwtProperties;
    private final AntPathMatcher antPathMatcher = new AntPathMatcher();
    private final XIdTokenUtils xIdTokenUtils;

    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        String originalRequestUrl = RequestProvider.getOriginalRequestUrl(serverWebExchange);
        if (isSkip(serverWebExchange.getRequest().getURI().getPath()) || isSkip(originalRequestUrl)) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        ServerHttpResponse response = serverWebExchange.getResponse();
        ServerHttpRequest request = serverWebExchange.getRequest();
        String first = request.getHeaders().getFirst(AuthProvider.AUTH_KEY);
        String str = (String) request.getQueryParams().getFirst(AuthProvider.AUTH_KEY);
        String first2 = request.getHeaders().getFirst("X-Id-Token");
        String first3 = request.getHeaders().getFirst("Authorization");
        if (StrUtil.isAllBlank(new CharSequence[]{first, str, first2, first3})) {
            return unAuth(response, "缺失令牌,鉴权失败");
        }
        String str2 = StringUtils.isBlank(first) ? str : first;
        String str3 = StringUtils.isBlank(first2) ? first3 : first2;
        if (!StrUtil.isNotBlank(str2)) {
            String subject = this.xIdTokenUtils.getSubject(JwtUtil.getToken(str3));
            log.info("subject============" + subject);
            if (StrUtil.isBlank(subject)) {
                return unAuth(response, "请求未授权");
            }
            if (StringUtil.isNullOrEmpty(subject)) {
                return unAuth(response, "本系统中无此用户信息");
            }
            String accessToken = GetSysUserAccessToken.getAccessToken(serverWebExchange.getRequest(), subject);
            if (StringUtil.isNullOrEmpty(accessToken)) {
                return unAuth(response, "外部请求转换token失败!");
            }
            serverWebExchange.getRequest().mutate().header(AuthProvider.AUTH_KEY, new String[]{accessToken});
        } else if (JwtUtil.parseJWT(JwtUtil.getToken(str2)) == null) {
            return unAuth(response, "请求未授权");
        }
        return gatewayFilterChain.filter(serverWebExchange);
    }

    private boolean isSkip(String str) {
        return AuthProvider.getDefaultSkipUrl().stream().anyMatch(str2 -> {
            return this.antPathMatcher.match(str2, str);
        }) || this.authProperties.getSkipUrl().stream().anyMatch(str3 -> {
            return this.antPathMatcher.match(str3, str);
        });
    }

    private Mono<Void> unAuth(ServerHttpResponse serverHttpResponse, String str) {
        serverHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
        serverHttpResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
        String str2 = "";
        try {
            str2 = this.objectMapper.writeValueAsString(ResponseProvider.unAuth(str));
        } catch (JsonProcessingException e) {
            log.error(e.getMessage(), e);
        }
        return serverHttpResponse.writeWith(Flux.just(serverHttpResponse.bufferFactory().wrap(str2.getBytes(StandardCharsets.UTF_8))));
    }

    public int getOrder() {
        return -100;
    }

    public AuthFilter(AuthProperties authProperties, ObjectMapper objectMapper, JwtProperties jwtProperties, XIdTokenUtils xIdTokenUtils) {
        this.authProperties = authProperties;
        this.objectMapper = objectMapper;
        this.jwtProperties = jwtProperties;
        this.xIdTokenUtils = xIdTokenUtils;
    }
}
