package com.gold.ms.gateway.security.filter;

import com.gold.ms.gateway.core.json.BaseJsonObject;
import com.gold.ms.gateway.event.EventSender;
import com.gold.ms.gateway.event.LoginEvent;
import com.gold.ms.gateway.locale.LocaleMessageHolder;
import com.gold.ms.gateway.security.authentication.CustomUserDatails;
import com.gold.ms.gateway.security.authentication.IAuthenticatedUser;
import com.gold.ms.gateway.security.client.BasicFeignClient;
import com.gold.ms.gateway.security.client.UserFeignClient;
import com.gold.ms.gateway.security.client.service.Dict;
import com.gold.ms.gateway.security.client.service.LoginUser;
import com.gold.ms.gateway.utils.SpringBeanUtils;
import com.gold.ms.gateway.utils.cache.CacheHolder;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.codec.Base64;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/gold/ms/gateway/security/filter/CustomBasicAuthenticationFilter.class */
public class CustomBasicAuthenticationFilter extends BasicAuthenticationFilter {
    private Log logger;
    private static final String FAIL_LOGIN_USERNAME = "FAIL_LOGIN_USERNAME";
    private static final String FAIL_LOGIN_USERNAME_TIME = "FAIL_LOGIN_USERNAME_TIME";
    private static final String FAIL_COUNT = "FAIL_COUNT";
    private static final String LOCK_TIME = "LOCK_TIME";
    private static final String FAIL_TIME_SOLT = "FAIL_TIME_SOLT";
    private static final String TIPS_COUNT = "TIPS_COUNT";
    private static final String FAIL_LOGIN_INFO = "FAIL_LOGIN_INFO";

    public CustomBasicAuthenticationFilter(AuthenticationManager authenticationManager) {
        super(authenticationManager);
        this.logger = LogFactory.getLog(getClass());
    }

    public CustomBasicAuthenticationFilter(AuthenticationManager authenticationManager, AuthenticationEntryPoint authenticationEntryPoint) {
        super(authenticationManager, authenticationEntryPoint);
        this.logger = LogFactory.getLog(getClass());
    }

    protected void onSuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException {
        String parameter = httpServletRequest.getParameter("client");
        CustomUserDatails customUserDatails = (CustomUserDatails) authentication.getPrincipal();
        if (StringUtils.isEmpty(parameter)) {
            parameter = "pc";
        }
        customUserDatails.setClient(parameter);
        IAuthenticatedUser iAuthenticatedUser = (IAuthenticatedUser) customUserDatails.getExtendAccountInfo();
        LoginEvent loginEvent = new LoginEvent(httpServletRequest, parameter);
        loginEvent.setUserID(iAuthenticatedUser.getEntityID());
        loginEvent.setLoginID(iAuthenticatedUser.getLoginID());
        loginEvent.setEventType(LoginEvent.EVENT_TYPE_LOGIN);
        ((EventSender) SpringBeanUtils.getBean(EventSender.class)).send(loginEvent);
        CacheHolder.remove(FAIL_LOGIN_USERNAME + iAuthenticatedUser.getName());
        if (iAuthenticatedUser.getState() == 3) {
            try {
                ((UserFeignClient) SpringBeanUtils.getBean(UserFeignClient.class)).updateAccountState(new String[]{iAuthenticatedUser.getAccountID()}, 1);
            } catch (Exception e) {
                this.logger.error("激活账号[" + iAuthenticatedUser.getLoginID() + "]失败", e);
            }
        }
    }

    protected void onUnsuccessfulAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException {
        List<Dict> data = ((BasicFeignClient) SpringBeanUtils.getBean(BasicFeignClient.class)).findDict(new String[]{FAIL_LOGIN_INFO}).getData();
        if (data != null) {
            try {
                String str = new String(Base64.decode(httpServletRequest.getHeader("Authorization").substring(6).getBytes(StandardCharsets.UTF_8)), getCredentialsCharset(httpServletRequest)).split(":")[0];
                AuthenticationMsgException authenticationMsgException = new AuthenticationMsgException(authenticationException.getMessage());
                HashMap hashMap = new HashMap();
                for (Dict dict : data) {
                    hashMap.put(dict.getDictCode(), dict);
                }
                Long valueOf = hashMap.get(LOCK_TIME) != null ? Long.valueOf(((Dict) hashMap.get(LOCK_TIME)).getDictName()) : 1800L;
                UserFeignClient userFeignClient = (UserFeignClient) SpringBeanUtils.getBean(UserFeignClient.class);
                BaseJsonObject<LoginUser> loginUserByUserName = userFeignClient.getLoginUserByUserName(str);
                if (loginUserByUserName.getData() == null || loginUserByUserName.getData().getState() != 4) {
                    Integer valueOf2 = CacheHolder.get(FAIL_LOGIN_USERNAME + str) != null ? Integer.valueOf(String.valueOf(CacheHolder.get(FAIL_LOGIN_USERNAME + str))) : 0;
                    Integer valueOf3 = Integer.valueOf(((Dict) hashMap.get(TIPS_COUNT)).getDictName());
                    Integer valueOf4 = Integer.valueOf(((Dict) hashMap.get(FAIL_COUNT)).getDictName());
                    CacheHolder.put(FAIL_LOGIN_USERNAME + str, String.valueOf(valueOf2 != null ? valueOf2.intValue() + 1 : 0), (hashMap.get(FAIL_TIME_SOLT) != null ? Long.valueOf(((Dict) hashMap.get(FAIL_TIME_SOLT)).getDictName()) : 1800L).longValue());
                    if (valueOf2 == null || valueOf2.intValue() + 1 < valueOf3.intValue() || valueOf2.intValue() + 1 >= valueOf4.intValue()) {
                        authenticationMsgException.setMessage(LocaleMessageHolder.getMessage("valid.login.error"));
                    } else {
                        authenticationMsgException.setMessage(LocaleMessageHolder.getMessage("valid.login.error.count") + ((valueOf4.intValue() - valueOf2.intValue()) - 1));
                    }
                    if (valueOf2 != null && valueOf2.intValue() + 1 >= valueOf4.intValue()) {
                        if (loginUserByUserName.getData() != null) {
                            userFeignClient.updateAccountState(new String[]{loginUserByUserName.getData().getAccountID()}, 4);
                            CacheHolder.remove(FAIL_LOGIN_USERNAME + str);
                            CacheHolder.put(FAIL_LOGIN_USERNAME_TIME + str, String.valueOf(new Date().getTime()));
                        }
                        authenticationMsgException.setMessage(LocaleMessageHolder.getMessage("valid.login.lock.count") + (valueOf.longValue() / 60));
                    }
                } else {
                    authenticationMsgException.setMessage(LocaleMessageHolder.getMessage("valid.login.lock") + (valueOf.longValue() / 60));
                }
            } catch (IllegalArgumentException e) {
                throw new BadCredentialsException("Failed to decode basic authentication token", e);
            }
        }
        super.onUnsuccessfulAuthentication(httpServletRequest, httpServletResponse, authenticationException);
    }
}
