package com.zh.server.security.filter;

import com.zh.comm.core.SessionThreadLocal;
import com.zh.comm.entity.CompositeData;
import com.zh.comm.entity.UserSession;
import com.zh.comm.util.JacksonUtil;
import com.zh.comm.util.MessageUtil;
import com.zh.comm.util.StringUtil;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import java.io.IOException;
import java.util.ArrayList;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

/* loaded from: input_file:com/zh/server/security/filter/JWTAuthenticationFilter.class */
public class JWTAuthenticationFilter extends BasicAuthenticationFilter {
    private static Logger logger = LoggerFactory.getLogger(JWTAuthenticationFilter.class);
    private boolean tokenHold;
    private String tokenInternalSecretkey;
    private String ignored;

    public JWTAuthenticationFilter(AuthenticationManager authenticationManager, boolean z, String str, String str2) {
        super(authenticationManager);
        this.tokenHold = z;
        this.tokenInternalSecretkey = str;
        this.ignored = str2;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String requestURI = httpServletRequest.getRequestURI();
        if (!this.tokenHold) {
            UsernamePasswordAuthenticationToken authentication = getAuthentication(httpServletRequest, httpServletRequest.getHeader("Authorization"), this.tokenInternalSecretkey);
            getUserInformation(httpServletRequest);
            SecurityContextHolder.getContext().setAuthentication(authentication);
        } else if (StringUtil.compareUrl(requestURI, this.ignored)) {
            UserSession userSession = new UserSession();
            userSession.setAcctNo("lxy");
            userSession.setOrgId("SYMBOL");
            userSession.setUserType("Provisional");
            SessionThreadLocal.setSession(userSession);
        } else {
            String header = httpServletRequest.getHeader("Authorization");
            if (header == null || !header.startsWith("Bearer ")) {
                header = httpServletRequest.getHeader("server-authorization");
            }
            if (header == null || !header.startsWith("Bearer ")) {
                header = httpServletRequest.getParameter("token");
            }
            if (header == null) {
                responseErrorMessage(httpServletResponse, "请求被拒绝!");
                return;
            }
            if (logger.isDebugEnabled()) {
                logger.debug("tokenInternalSecretkey: " + this.tokenInternalSecretkey);
            }
            UsernamePasswordAuthenticationToken authentication2 = getAuthentication(httpServletRequest, header, this.tokenInternalSecretkey);
            if (authentication2 == null) {
                responseErrorMessage(httpServletResponse, "认证码已失效!");
                return;
            } else {
                getUserInformation(httpServletRequest);
                SecurityContextHolder.getContext().setAuthentication(authentication2);
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest httpServletRequest, String str, String str2) {
        if (str == null) {
            return null;
        }
        String str3 = null;
        try {
            str3 = ((Claims) Jwts.parser().setSigningKey(str2).parseClaimsJws(str.replace("Bearer ", "")).getBody()).getSubject();
        } catch (Exception e) {
        }
        if (str3 != null) {
            return new UsernamePasswordAuthenticationToken(str3, (Object) null, new ArrayList());
        }
        return null;
    }

    private void getUserInformation(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("user-session");
        if (header != null) {
            SessionThreadLocal.setSession((UserSession) JacksonUtil.readValue(header, UserSession.class));
        }
    }

    private void responseErrorMessage(HttpServletResponse httpServletResponse, String str) throws IOException {
        CompositeData compositeData = new CompositeData();
        MessageUtil.addSysHead("100403", str, compositeData);
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.getWriter().write(MessageUtil.conver(compositeData));
        httpServletResponse.setStatus(200);
        httpServletResponse.getWriter().flush();
    }
}
