package com.lc.ibps.cloud.oauth.client.filter;

import com.lc.ibps.api.base.constants.StateEnum;
import com.lc.ibps.base.core.util.BeanUtils;
import com.lc.ibps.base.core.util.JacksonUtil;
import com.lc.ibps.base.core.util.string.StringUtil;
import com.lc.ibps.base.web.context.ContextUtil;
import com.lc.ibps.base.web.context.RequestContext;
import com.lc.ibps.cloud.config.AuthorizationConfig;
import com.lc.ibps.cloud.entity.APIResult;
import com.lc.ibps.cloud.oauth.client.service.TokenVerify;
import java.io.IOException;
import java.util.Enumeration;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.Ordered;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletWebRequest;

/* loaded from: input_file:com/lc/ibps/cloud/oauth/client/filter/AccessTokenValidatorFilter.class */
public class AccessTokenValidatorFilter extends AbstractFilter implements Ordered {

    @Autowired
    protected AuthorizationConfig authorizationConfig;

    @Autowired
    protected TokenVerify tokenVerify;

    public int getOrder() {
        return 20;
    }

    @Override // com.lc.ibps.cloud.oauth.client.filter.AbstractFilter
    public void init(FilterConfig filterConfig) throws ServletException {
        this.logger.debug("accessTokenValidatorFilter initial.");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletRequest.setCharacterEncoding("UTF-8");
        httpServletResponse.setCharacterEncoding("UTF-8");
        String requestURI = httpServletRequest.getRequestURI();
        try {
            RequestContext.clearHttpReqResponse();
            ContextUtil.cleanAll();
            RequestContext.setHttpServletRequest((HttpServletRequest) servletRequest);
            RequestContext.setHttpServletResponse((HttpServletResponse) servletResponse);
            RequestContextHolder.setRequestAttributes(new ServletWebRequest((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse));
            if (!this.authorizationConfig.isValidatorFilterEnable() || this.authorizationConfig.isIgnoreUrl(requestURI)) {
                this.logger.trace("requestURI {} is ignore.", requestURI);
                filterChain.doFilter(servletRequest, servletResponse);
                RequestContextHolder.resetRequestAttributes();
                RequestContext.clearHttpReqResponse();
                ContextUtil.cleanAll();
                return;
            }
            this.logger.debug("oauth client validate accessToken filter, request id: {}.", ContextUtil.getId());
            this.logger.debug("oauth client validate accessToken filter, thread id: {}.", Long.valueOf(Thread.currentThread().getId()));
            this.logger.debug("oauth client validate accessToken filter, request path: {}.", requestURI);
            this.logger.debug("authorization enable is {}.", Boolean.valueOf(this.authorizationConfig.isEnable()));
            this.logger.debug("requestType is {}.", this.authorizationConfig.getRequestType());
            this.logger.debug("ignoreUrls has {}.", JacksonUtil.toJsonString(this.authorizationConfig.getIgnoreUrls()));
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            if (headerNames.hasMoreElements()) {
                String str = (String) headerNames.nextElement();
                this.logger.trace("All header include {} = {}.", str, httpServletRequest.getHeader(str));
            }
            String header = httpServletRequest.getHeader("X-Authorization-access_token");
            String parameter = httpServletRequest.getParameter("access_token");
            this.logger.debug("authorization header {} is {}.", "X-Authorization-access_token", header);
            this.logger.debug("authorization parameter {} is {}.", "access_token", parameter);
            String str2 = StringUtil.isBlank(header) ? StringUtil.isBlank(parameter) ? null : parameter : header;
            this.logger.debug("authorization accessToken is {}.", str2);
            if (StringUtil.isBlank(str2)) {
                APIResult aPIResult = new APIResult();
                aPIResult.setState(StateEnum.ILLEGAL_TOKEN.getCode());
                aPIResult.setCause(StateEnum.ILLEGAL_TOKEN.getText());
                this.logger.error(StateEnum.ILLEGAL_TOKEN.getText());
                httpServletResponse.setStatus(401);
                httpServletResponse.getWriter().print(aPIResult.toString());
            } else {
                try {
                    APIResult<String> verify = this.tokenVerify.verify(str2);
                    if (StateEnum.SUCCESS.getCode() == verify.getState()) {
                        String obj = verify.getVariable("grant.type").toString();
                        String str3 = (String) verify.getData();
                        String obj2 = BeanUtils.isEmpty(verify.getVariable("clientId")) ? "" : verify.getVariable("clientId").toString();
                        this.logger.debug("authorization grant type is {}.", obj);
                        this.logger.debug("authorization value is {}.", str3);
                        if ("authorization_code".equalsIgnoreCase(obj) || "password_credentials".equalsIgnoreCase(obj)) {
                            this.tokenVerify.setContextOne(httpServletRequest, str2, obj2, str3);
                        } else if ("client_credentials".equalsIgnoreCase(obj)) {
                            this.tokenVerify.setContextClientId(obj2);
                            this.tokenVerify.setContextAccessToken(str2);
                        } else {
                            this.logger.warn("This grant type {} has not user info.");
                        }
                        filterChain.doFilter(servletRequest, servletResponse);
                    } else {
                        this.logger.error(verify.toJsonString());
                        servletResponse.getWriter().print(verify.toString());
                    }
                } catch (Exception e) {
                    APIResult aPIResult2 = new APIResult();
                    aPIResult2.setState(StateEnum.ILLEGAL_REQUEST.getCode());
                    aPIResult2.setCause(e.getMessage());
                    this.logger.error(e.getMessage(), e);
                    httpServletResponse.setStatus(401);
                    httpServletResponse.getWriter().print(aPIResult2.toString());
                }
            }
            RequestContextHolder.resetRequestAttributes();
            RequestContext.clearHttpReqResponse();
            ContextUtil.cleanAll();
        } catch (Throwable th) {
            RequestContextHolder.resetRequestAttributes();
            RequestContext.clearHttpReqResponse();
            ContextUtil.cleanAll();
            throw th;
        }
    }
}
