package com.codingapi.zuul.sso.filter;

import com.codingapi.security.component.cache.base.LocalCache;
import com.codingapi.security.component.common.util.IpUtils;
import com.codingapi.security.component.common.util.Jsons;
import com.codingapi.security.sso.bus.client.SsoBusClient;
import com.codingapi.security.sso.bus.client.ao.VerifyReq;
import com.codingapi.security.sso.bus.client.ao.VerifyRes;
import com.codingapi.security.zuul.component.FilterUtils;
import com.codingapi.security.zuul.component.ZuulComponentConstants;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import java.util.Iterator;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

@Component
/* loaded from: input_file:com/codingapi/zuul/sso/filter/VerifyTokenFilter.class */
public class VerifyTokenFilter extends ZuulFilter {
    private static final Logger log = LoggerFactory.getLogger(VerifyTokenFilter.class);
    private static final Logger LOG = LoggerFactory.getLogger(VerifyTokenFilter.class);
    private final LocalCache localCache;
    private final SsoBusClient ssoBusClient;
    private final AntPathMatcher antPathMatcher;

    public VerifyTokenFilter(@Qualifier("login-url-cache") LocalCache localCache, SsoBusClient ssoBusClient, AntPathMatcher antPathMatcher) {
        this.localCache = localCache;
        this.ssoBusClient = ssoBusClient;
        this.antPathMatcher = antPathMatcher;
    }

    public String filterType() {
        return "pre";
    }

    public int filterOrder() {
        return ZuulComponentConstants.VERIFY_TOKEN_FILTER_ORDER.intValue();
    }

    public boolean shouldFilter() {
        RequestContext currentContext = RequestContext.getCurrentContext();
        if (currentContext.get("hard-break") != null || currentContext.get("sys-admin-app") != null) {
            return false;
        }
        log.debug("Should verify token?");
        String requestURI = currentContext.getRequest().getRequestURI();
        Iterator it = this.localCache.keys().iterator();
        while (it.hasNext()) {
            if (this.antPathMatcher.match((String) it.next(), requestURI)) {
                currentContext.addZuulRequestHeader("X-Token", currentContext.getRequest().getHeader("Authorization"));
                return false;
            }
        }
        return true;
    }

    public Object run() throws ZuulException {
        LOG.debug("开始用户识别");
        RequestContext currentContext = RequestContext.getCurrentContext();
        currentContext.addZuulResponseHeader("Content-Type", "application/json;charset=utf-8");
        HttpServletRequest request = currentContext.getRequest();
        String header = request.getHeader("Authorization");
        if (Objects.isNull(header)) {
            header = request.getParameter("token");
            if (Objects.isNull(header)) {
                FilterUtils.unauthorized("request header [Authorization] or request param [token] is missing", 40100);
                return null;
            }
        }
        String clientIp = IpUtils.getClientIp(request);
        LOG.debug("开始Token 校验");
        VerifyRes verify = this.ssoBusClient.verify(new VerifyReq(header, clientIp, request.getMethod(), request.getRequestURI()));
        LOG.debug("Token 校验结束");
        if (!verify.isPass()) {
            FilterUtils.unauthorized(verify.getMessage(), verify.getBizCode().intValue());
            return null;
        }
        currentContext.addZuulRequestHeader("X-SSO-User-Info", Jsons.toJsonBase64Code(verify.getSsoUser()));
        if (Objects.nonNull(verify.getToken())) {
            currentContext.addZuulResponseHeader("X-New-Token", verify.getToken());
        }
        currentContext.set(ZuulComponentConstants.VERIFY_TOKEN_FLAG, verify.getSsoUser());
        LOG.debug("用户识别结果：{}", verify.getSsoUser());
        return null;
    }
}
