package org.stvd.common.oauth2.security.filter;

import java.io.IOException;
import java.util.Base64;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.util.Assert;
import org.springframework.web.filter.GenericFilterBean;
import org.stvd.common.SecurityUserHolder;
import org.stvd.common.oauth2.security.support.dto.AccessTokenDto;
import org.stvd.common.oauth2.security.support.dto.UserDetail;
import org.stvd.common.oauth2.security.support.service.impl.Oauth2ClientUserDetailServiceImpl;
import org.stvd.common.utils.CharsetKitUtil;
import org.stvd.core.util.StringUtil;
import org.stvd.core.web.CookieUtils;

/* loaded from: input_file:org/stvd/common/oauth2/security/filter/Oauth2SSOAuthenticationFilter.class */
public class Oauth2SSOAuthenticationFilter extends GenericFilterBean {
    private AuthenticationManager authenticationManager;
    private SessionRegistry sessionRegistry;
    private Oauth2ClientUserDetailServiceImpl userDetailsService;
    private RequestCache requestCache = new HttpSessionRequestCache();
    protected AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
    private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
    private AuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();

    public Oauth2ClientUserDetailServiceImpl getUserDetailsService() {
        return this.userDetailsService;
    }

    public void setUserDetailsService(Oauth2ClientUserDetailServiceImpl oauth2ClientUserDetailServiceImpl) {
        this.userDetailsService = oauth2ClientUserDetailServiceImpl;
    }

    public void setSessionRegistry(SessionRegistry sessionRegistry) {
        this.sessionRegistry = sessionRegistry;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String parameter = httpServletRequest.getParameter("ticket");
        UserDetail userDetail = (UserDetail) SecurityUserHolder.getCurrentUserDetail();
        if (StringUtil.isEmpty(parameter) && userDetail == null) {
            parameter = CookieUtils.getCookie(httpServletRequest, "ticket");
            CookieUtils.delCookie(httpServletRequest, httpServletResponse, "ticket");
            if (!StringUtil.isEmpty(parameter)) {
                parameter = new String(Base64.getDecoder().decode(parameter), CharsetKitUtil.UTF_8);
            }
        }
        if (!StringUtil.isEmpty(parameter) && (userDetail == null || (userDetail != null && userDetail.getToken() != null && !userDetail.getToken().getAccessToken().equals(parameter)))) {
            AccessTokenDto accessToken = this.userDetailsService.getAccessToken(parameter);
            if (accessToken != null) {
                this.requestCache.saveRequest(httpServletRequest, httpServletResponse);
                UserDetail userDetail2 = (UserDetail) retrieveUser(accessToken);
                userDetail2.setSn("SSOLOGIN");
                Authentication createSuccessAuthentication = createSuccessAuthentication(userDetail2, new UsernamePasswordAuthenticationToken(userDetail2.getUsername(), userDetail2.getPassword()), userDetail2);
                this.sessionRegistry.registerNewSession(httpServletRequest.getSession().getId(), createSuccessAuthentication.getPrincipal());
                SecurityContextHolder.getContext().setAuthentication(createSuccessAuthentication);
                this.successHandler.onAuthenticationSuccess(httpServletRequest, httpServletResponse, createSuccessAuthentication);
                return;
            }
            SecurityContextHolder.getContext().setAuthentication((Authentication) null);
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    protected final UserDetails retrieveUser(AccessTokenDto accessTokenDto) throws AuthenticationException {
        try {
            UserDetails loadUserByToken = getUserDetailsService().loadUserByToken(accessTokenDto);
            if (loadUserByToken == null) {
                throw new InternalAuthenticationServiceException("UserDetailsService returned null, which is an interface contract violation");
            }
            return loadUserByToken;
        } catch (Exception e) {
            throw new InternalAuthenticationServiceException(e.getMessage(), e);
        } catch (UsernameNotFoundException e2) {
            throw e2;
        }
    }

    protected Authentication createSuccessAuthentication(Object obj, Authentication authentication, UserDetails userDetails) {
        this.userDetailsService.obtionGrantedAuthorities((UserDetail) userDetails);
        this.userDetailsService.loadUserDetailPlus((UserDetail) userDetails);
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(obj, authentication.getCredentials(), this.authoritiesMapper.mapAuthorities(userDetails.getAuthorities()));
        usernamePasswordAuthenticationToken.setDetails(authentication.getDetails());
        return usernamePasswordAuthenticationToken;
    }

    public RequestCache getRequestCache() {
        return this.requestCache;
    }

    public void setRequestCache(RequestCache requestCache) {
        this.requestCache = requestCache;
    }

    public AuthenticationDetailsSource<HttpServletRequest, ?> getAuthenticationDetailsSource() {
        return this.authenticationDetailsSource;
    }

    public void setAuthenticationDetailsSource(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    public AuthenticationManager getAuthenticationManager() {
        return this.authenticationManager;
    }

    public void setAuthenticationManager(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    protected void setDetails(HttpServletRequest httpServletRequest, UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken) {
        usernamePasswordAuthenticationToken.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
    }

    public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler authenticationSuccessHandler) {
        Assert.notNull(authenticationSuccessHandler, "successHandler cannot be null");
        this.successHandler = authenticationSuccessHandler;
    }
}
