package com.lc.ibps.cloud.oauth.client.filter;

import com.lc.ibps.api.base.constants.StateEnum;
import com.lc.ibps.base.core.util.BeanUtils;
import com.lc.ibps.base.core.util.JacksonUtil;
import com.lc.ibps.base.core.util.string.StringUtil;
import com.lc.ibps.base.web.context.ContextUtil;
import com.lc.ibps.base.web.request.wrapper.HeaderRequestWrapper;
import com.lc.ibps.cloud.entity.APIResult;
import com.lc.ibps.cloud.oauth.entity.TokenEntity;
import com.lc.ibps.cloud.utils.RequestUtil;
import com.lc.ibps.cloud.utils.SecrectUtil;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.core.Ordered;

/* loaded from: input_file:com/lc/ibps/cloud/oauth/client/filter/AccessTokenGeneratorFilter.class */
public class AccessTokenGeneratorFilter extends AbstractFilter implements Ordered {
    public int getOrder() {
        return 10;
    }

    @Override // com.lc.ibps.cloud.oauth.client.filter.AbstractFilter
    public void init(FilterConfig filterConfig) throws ServletException {
        this.logger.debug("accessTokenGeneratorFilter initial.");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletRequest.setCharacterEncoding("UTF-8");
        httpServletResponse.setCharacterEncoding("UTF-8");
        String requestURI = httpServletRequest.getRequestURI();
        String ipAddr = RequestUtil.getIpAddr(httpServletRequest);
        if (!this.authorizationConfig.isGeneratorFilterEnable() || this.authorizationConfig.isIgnoreUrl(requestURI)) {
            this.logger.trace("requestURI {} is ignore.", requestURI);
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        APIResult<Boolean> anonResult = anonResult(requestURI, getHttpMethod(servletRequest), getApiPrefix(servletRequest));
        if (null == anonResult) {
            APIResult aPIResult = new APIResult();
            aPIResult.setState(StateEnum.BAD_REQUEST.getCode());
            aPIResult.setCause("anonResult is null!");
            httpServletResponse.setStatus(400);
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            httpServletResponse.getWriter().print(aPIResult.toString());
            servletResponse.getWriter().flush();
            return;
        }
        if (!anonResult.isSuccess()) {
            logApiInvoke(requestURI, "exception", "exception", ipAddr, "N", anonResult.getCause());
            httpServletResponse.getWriter().print(anonResult.toString());
            return;
        }
        if (((Boolean) anonResult.getData()).booleanValue()) {
            if (!BeanUtils.isEmpty(anonResult.getVariable("limit"))) {
                logApiInvoke(requestURI, "anonymous", "anonymous", ipAddr, "N", "Anonymous request limited");
                httpServletResponse.getWriter().print(anonResult.toString());
                return;
            } else {
                HeaderRequestWrapper headerRequestWrapper = new HeaderRequestWrapper(httpServletRequest);
                headerRequestWrapper.addHeader("X-Authorization-anonymous", SecrectUtil.getAnonymousSecretValue());
                filterChain.doFilter(headerRequestWrapper, servletResponse);
                return;
            }
        }
        String header = httpServletRequest.getHeader("X-Authorization-secret");
        this.logger.debug("requestSecretValue is {}", SecrectUtil.getRequestSecretValue());
        if (!this.authorizationConfig.isEnable()) {
            generating(servletRequest, servletResponse, filterChain, httpServletRequest, httpServletResponse, requestURI);
            return;
        }
        if (this.authorizationConfig.isGeneratorFilterSecretEnable() && StringUtil.isNotBlank(header) && SecrectUtil.getRequestSecretValue().equals(header) && this.authorizationConfig.isSecretUrl(requestURI)) {
            generating(servletRequest, servletResponse, filterChain, httpServletRequest, httpServletResponse, requestURI);
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private void generating(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        try {
            String header = httpServletRequest.getHeader("X-Authorization-access_token");
            String parameter = httpServletRequest.getParameter("access_token");
            this.logger.debug("authorization header {} is {}.", "X-Authorization-access_token", header);
            this.logger.debug("authorization parameter {} is {}.", "access_token", parameter);
            String accessToken = getAccessToken(header, parameter);
            this.logger.debug("authorization request accessToken is {}.", accessToken);
            if (StringUtil.isBlank(accessToken)) {
                this.logger.debug("oauth client auto generate accessToken filter, request id: {}.", ContextUtil.getId());
                this.logger.debug("oauth client auto generate accessToken filter, thread id: {}.", Long.valueOf(Thread.currentThread().getId()));
                this.logger.debug("oauth client auto generate accessToken filter, request path: {}.", str);
                this.logger.debug("authorization enable is {}.", Boolean.valueOf(this.authorizationConfig.isEnable()));
                APIResult<TokenEntity> accessToken2 = this.tokenVerify.accessToken("password_credentials", this.authorizationConfig.getDefaultClient(), this.authorizationConfig.getDefaultSecret(), this.authorizationConfig.getDefaultUsername(), this.authorizationConfig.getDefaultPassword(), null, null, null);
                if (StateEnum.SUCCESS.getCode() != accessToken2.getState()) {
                    this.logger.error(accessToken2.toJsonString());
                    servletResponse.getWriter().print(accessToken2.toString());
                } else {
                    String access_token = ((TokenEntity) JacksonUtil.getDTO(JacksonUtil.toJsonString(accessToken2.getData()), TokenEntity.class)).getAccess_token();
                    this.logger.debug("Generated accessToken is {}.", access_token);
                    HeaderRequestWrapper headerRequestWrapper = new HeaderRequestWrapper(httpServletRequest);
                    headerRequestWrapper.addHeader("X-Authorization-access_token", access_token);
                    filterChain.doFilter(headerRequestWrapper, servletResponse);
                }
            } else {
                filterChain.doFilter(servletRequest, servletResponse);
            }
        } catch (Exception e) {
            APIResult aPIResult = new APIResult();
            aPIResult.setState(StateEnum.ILLEGAL_REQUEST.getCode());
            aPIResult.setCause(e.getMessage() + ":" + str);
            this.logger.error(e.getMessage(), e);
            httpServletResponse.setStatus(401);
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            httpServletResponse.getWriter().print(aPIResult.toString());
            httpServletResponse.getWriter().flush();
        }
    }
}
