package cn.kduck.kduck;

import cn.kduck.kduck.client.UserResourceClient;
import cn.kduck.kduck.module.tenant.service.TenantDto;
import cn.kduck.kduck.module.tenant.service.TenantProxyService;
import cn.kduck.organizationuser.api.IUser;
import com.goldgov.kduck.cache.CacheHelper;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import java.security.Principal;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.oauth2.core.user.DefaultOAuth2User;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:cn/kduck/kduck/AccessUserNameFilter.class */
public class AccessUserNameFilter extends ZuulFilter {
    Logger log = LoggerFactory.getLogger(AccessUserNameFilter.class);

    @Autowired
    private UserResourceClient userResourceClient;

    @Autowired
    private TenantProxyService tenantProxyService;

    public Object run() {
        RequestContext currentContext = RequestContext.getCurrentContext();
        HttpServletRequest request = currentContext.getRequest();
        Principal userPrincipal = request.getUserPrincipal();
        request.getSession().getId();
        if (ObjectUtils.isEmpty(userPrincipal)) {
            return null;
        }
        addHeader(currentContext, userPrincipal);
        return null;
    }

    private void setUserInfo(JwtAuthenticationToken jwtAuthenticationToken) {
        String str = (String) jwtAuthenticationToken.getToken().getClaims().get("user_name");
        String str2 = null;
        if (!StringUtils.hasText(str)) {
            this.log.info("可能是客户端模式，未找到登录账号。");
            return;
        }
        if (jwtAuthenticationToken.getToken().getClaims().get("tenant_domain") != null) {
            TenantDto tenantByUrl = this.tenantProxyService.getTenantByUrl(jwtAuthenticationToken.getToken().getClaims().get("tenant_domain").toString());
            if (tenantByUrl != null) {
                str2 = tenantByUrl.getTenantCode();
            }
        }
        Map map = (Map) CacheHelper.getByCacheName(AuthServerConstants.AUTH_USER, str, Map.class);
        if (ObjectUtils.isEmpty(map)) {
            IUser userInfoByLoginName = this.userResourceClient.getUserInfoByLoginName(str, str2);
            map = userInfoByLoginName == null ? new LinkedHashMap() : userInfoByLoginName.getUserField();
        }
        map.put("tenantId", str2);
        CacheHelper.put(AuthServerConstants.AUTH_USER, str, map, jwtAuthenticationToken.getToken().getExpiresAt().getEpochSecond());
    }

    private void addHeader(RequestContext requestContext, Principal principal) {
        Object principal2 = ((AbstractAuthenticationToken) principal).getPrincipal();
        if (principal2 instanceof Jwt) {
            addHeaderFromJWT(requestContext, (JwtAuthenticationToken) principal);
            setUserInfo((JwtAuthenticationToken) principal);
        } else if (principal2 instanceof DefaultOAuth2User) {
            addHeaderFromOAuth2(requestContext, principal);
        }
    }

    private void addHeaderFromJWT(RequestContext requestContext, JwtAuthenticationToken jwtAuthenticationToken) {
        Map claims = jwtAuthenticationToken.getToken().getClaims();
        this.log.info("--loginID-->" + claims.get("user_name") + " --name-->" + claims.get("name") + " --userID-->" + claims.get("userID"));
        requestContext.addZuulRequestHeader(AuthServerConstants.SESSION_KEY_USERID, (String) claims.get("user_name"));
        requestContext.addZuulRequestHeader(AuthServerConstants.SESSION_KEY_LOGINID, (String) claims.get("user_name"));
        requestContext.addZuulRequestHeader("K-User", (String) claims.get("user_name"));
    }

    private void addHeaderFromOAuth2(RequestContext requestContext, Principal principal) {
        Map attributes = ((DefaultOAuth2User) principal).getAttributes();
        this.log.info("--loginID-->" + attributes.get("username") + " --name-->" + attributes.get("name") + " --userID-->" + attributes.get("userID"));
        requestContext.addZuulRequestHeader(AuthServerConstants.SESSION_KEY_USERID, (String) attributes.get("username"));
        requestContext.addZuulRequestHeader(AuthServerConstants.SESSION_KEY_LOGINID, (String) attributes.get("username"));
    }

    public boolean shouldFilter() {
        return true;
    }

    public int filterOrder() {
        return 1;
    }

    public String filterType() {
        return "pre";
    }
}
