package com.jhscale.security.zuul.sso.filter;

import com.jhscale.common.utils.JSONUtils;
import com.jhscale.security.component.cache.base.LocalCache;
import com.jhscale.security.component.tools.utils.IpUtils;
import com.jhscale.security.component.zuul.FilterUtils;
import com.jhscale.security.component.zuul.ZuulComponentConstants;
import com.jhscale.security.component.zuul.exp.SecurityZuulException;
import com.jhscale.security.sso.bus.client.SsoBusClient;
import com.jhscale.security.sso.bus.client.vo.bus.VerifyReq;
import com.jhscale.security.sso.bus.client.vo.bus.VerifyRes;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import java.util.Iterator;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;

@Component
/* loaded from: input_file:com/jhscale/security/zuul/sso/filter/VerifyTokenFilter.class */
public class VerifyTokenFilter extends ZuulFilter {
    private static final Logger log = LoggerFactory.getLogger(VerifyTokenFilter.class);

    @Autowired
    private SsoBusClient ssoBusClient;

    @Autowired
    private AntPathMatcher antPathMatcher;

    @Autowired
    @Qualifier("login-url-cache")
    private LocalCache localCache;

    public String filterType() {
        return "pre";
    }

    public int filterOrder() {
        return ZuulComponentConstants.VERIFY_TOKEN_FILTER_ORDER.intValue();
    }

    public boolean shouldFilter() {
        RequestContext currentContext = RequestContext.getCurrentContext();
        if (currentContext.get("hard-break") != null || currentContext.get("sys-admin-app") != null) {
            return false;
        }
        log.debug("Should verify token?");
        Iterator it = this.localCache.keys().iterator();
        while (it.hasNext()) {
            if (this.antPathMatcher.match((String) it.next(), currentContext.getRequest().getRequestURI())) {
                currentContext.addZuulRequestHeader("X-Token", currentContext.getRequest().getHeader("Authorization"));
                return false;
            }
        }
        return true;
    }

    public Object run() throws ZuulException {
        log.debug("开始用户识别");
        RequestContext currentContext = RequestContext.getCurrentContext();
        currentContext.addZuulResponseHeader("Content-Type", "application/json;charset=utf-8");
        HttpServletRequest request = currentContext.getRequest();
        try {
            String header = request.getHeader("Authorization");
            if (StringUtils.isBlank(header)) {
                header = request.getParameter("token");
                if (StringUtils.isBlank(header)) {
                    FilterUtils.unauthorized("request header [Authorization] or request param [token] is missing", 401);
                    return null;
                }
            }
            String clientIp = IpUtils.getClientIp(request);
            log.debug("开始Token 校验");
            VerifyRes verify = this.ssoBusClient.verify(new VerifyReq(header, clientIp, request.getMethod(), request.getRequestURI()));
            log.debug("Token 校验结束");
            if (!verify.isPass()) {
                FilterUtils.unauthorized(verify.getMessage(), verify.getBizCode().intValue());
                return null;
            }
            currentContext.addZuulRequestHeader("X-SSO-User-Info", JSONUtils.objectToUTF8Base64Code(verify.getSsoUser()));
            if (Objects.nonNull(verify.getToken())) {
                currentContext.addZuulResponseHeader("X-New-Token", verify.getToken());
            }
            currentContext.set("verify-token", verify.getSsoUser());
            log.debug("用户识别结果：{}", verify.getSsoUser());
            return null;
        } catch (Exception e) {
            log.error("用户识别异常：{}", e.getMessage(), e);
            FilterUtils.fail(402, currentContext, new SecurityZuulException(e.getMessage()));
            return null;
        }
    }
}
