package com.gold.ms.gateway.security.dj;

import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.gold.ms.gateway.core.json.BaseJsonObject;
import com.gold.ms.gateway.security.client.BasicFeignClient;
import com.gold.ms.gateway.security.client.UserFeignClient;
import com.gold.ms.gateway.security.client.service.Dict;
import com.gold.ms.gateway.security.client.service.LoginUser;
import com.gold.ms.gateway.security.dj.bean.UserInfo;
import com.gold.ms.gateway.security.dj.client.DjProperties;
import com.gold.ms.gateway.security.filter.AuthenticationMsgException;
import com.gold.ms.gateway.utils.SpringBeanUtils;
import com.gold.ms.gateway.utils.cache.CacheHolder;
import java.io.IOException;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.jwt.Jwt;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

/* loaded from: input_file:com/gold/ms/gateway/security/dj/DjAuthenticationFilter.class */
public class DjAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private ObjectMapper objectMapper;

    public DjAuthenticationFilter(PasswordEncoder passwordEncoder, final Oauth2LoginSuccessHandler oauth2LoginSuccessHandler, final DjProperties djProperties) {
        super("/user/oauth/dj/token");
        this.objectMapper = new ObjectMapper();
        this.objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
        super.setAuthenticationSuccessHandler(new AuthenticationSuccessHandler() { // from class: com.gold.ms.gateway.security.dj.DjAuthenticationFilter.1
            public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
                if (oauth2LoginSuccessHandler != null) {
                    oauth2LoginSuccessHandler.onSuccess(httpServletRequest, httpServletResponse, authentication);
                }
                String parameter = httpServletRequest.getParameter("successUrl");
                if (parameter == null) {
                    parameter = "";
                }
                String parameter2 = httpServletRequest.getParameter("token");
                if (parameter2 == null || "".equals(parameter2)) {
                    parameter2 = httpServletRequest.getParameter("access_token");
                }
                httpServletResponse.sendRedirect(djProperties.getSuccessUri() + parameter + (parameter.contains("?") ? "&" : "?") + "token=" + parameter2);
            }
        });
        super.setAuthenticationFailureHandler(new AuthenticationFailureHandler() { // from class: com.gold.ms.gateway.security.dj.DjAuthenticationFilter.2
            public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
                List<Dict> data = ((BasicFeignClient) SpringBeanUtils.getBean(BasicFeignClient.class)).findDict(new String[]{"AUTHORIZATION_DATA"}).getData();
                if (data != null && data.size() > 0) {
                    Optional<Dict> findFirst = data.stream().filter(dict -> {
                        return "DJ_PORTAL".equals(dict.getDictCode());
                    }).findFirst();
                    if (findFirst.isPresent()) {
                        String parameter = httpServletRequest.getParameter("token");
                        if (parameter == null || "".equals(parameter)) {
                            parameter = httpServletRequest.getParameter("access_token");
                        }
                        httpServletResponse.sendRedirect(findFirst.get().getDictName() + "/#/index?access_token=" + parameter);
                        return;
                    }
                }
                throw authenticationException;
            }
        });
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException {
        String parameter = httpServletRequest.getParameter("token");
        if (parameter == null || "".equals(parameter)) {
            parameter = httpServletRequest.getParameter("access_token");
        }
        Jwt decode = JwtHelper.decode(parameter);
        UserInfo userInfo = new UserInfo();
        try {
            userInfo = (UserInfo) this.objectMapper.readValue(decode.getClaims(), UserInfo.class);
        } catch (Exception e) {
            e.printStackTrace();
        }
        BaseJsonObject<LoginUser> loginUserByUserName = ((UserFeignClient) SpringBeanUtils.getBean(UserFeignClient.class)).getLoginUserByUserName(userInfo.getUser_name());
        if (loginUserByUserName.getData() == null) {
            throw new AuthenticationMsgException("用户不存在");
        }
        String replace = DigestUtils.md5Hex(UUID.randomUUID().toString()).replace("-", "");
        CacheHolder.put(replace + "_auto_valid_once_dj", loginUserByUserName.getData().getUserName(), 600L);
        CacheHolder.put(replace + "_auto_valid_once_dj_systemcode", httpServletRequest.getParameter("system"), 600L);
        CacheHolder.put(replace + "_auto_valid_once_dj_scope", httpServletRequest.getParameter("scope"), 600L);
        CacheHolder.put(replace + "_auto_valid_once_dj_token", parameter, 600L);
        return getAuthenticationManager().authenticate(new UsernamePasswordAuthenticationToken(replace, DigestUtils.md5Hex(loginUserByUserName.getData().getPasswd())));
    }
}
