package com.bxm.localnews.admin.config.jwt;

import com.bxm.localnews.admin.enums.SecurityConstant;
import com.bxm.localnews.admin.service.security.JwtTokenService;
import com.bxm.newidea.component.log.LogMarker;
import com.bxm.newidea.component.util.WebUtils;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import javax.servlet.FilterChain;
import javax.servlet.ReadListener;
import javax.servlet.ServletException;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/bxm/localnews/admin/config/jwt/JwtAuthenticationTokenFilter.class */
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(JwtAuthenticationTokenFilter.class);

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private JwtTokenService jwtTokenService;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/bxm/localnews/admin/config/jwt/JwtAuthenticationTokenFilter$ContentCachingRequestWrapper.class */
    public class ContentCachingRequestWrapper extends HttpServletRequestWrapper {
        private byte[] body;
        private BufferedReader reader;
        private ServletInputStream inputStream;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:com/bxm/localnews/admin/config/jwt/JwtAuthenticationTokenFilter$ContentCachingRequestWrapper$RequestCachingInputStream.class */
        public class RequestCachingInputStream extends ServletInputStream {
            private final ByteArrayInputStream inputStream;

            private RequestCachingInputStream(byte[] bArr) {
                this.inputStream = new ByteArrayInputStream(bArr);
            }

            public int read() throws IOException {
                return this.inputStream.read();
            }

            public boolean isFinished() {
                return this.inputStream.available() == 0;
            }

            public boolean isReady() {
                return true;
            }

            public void setReadListener(ReadListener readListener) {
            }
        }

        private ContentCachingRequestWrapper(HttpServletRequest httpServletRequest) throws IOException {
            super(httpServletRequest);
            loadBody(httpServletRequest);
        }

        private void loadBody(HttpServletRequest httpServletRequest) throws IOException {
            this.body = IOUtils.toByteArray(httpServletRequest.getInputStream());
            this.inputStream = new RequestCachingInputStream(this.body);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public byte[] getBody() {
            return this.body;
        }

        public ServletInputStream getInputStream() throws IOException {
            return this.inputStream != null ? this.inputStream : super.getInputStream();
        }

        public BufferedReader getReader() throws IOException {
            if (this.reader == null) {
                this.reader = new BufferedReader(new InputStreamReader((InputStream) this.inputStream, getCharacterEncoding()));
            }
            return this.reader;
        }
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        ContentCachingRequestWrapper contentCachingRequestWrapper = new ContentCachingRequestWrapper(httpServletRequest);
        String header = contentCachingRequestWrapper.getHeader(SecurityConstant.HEAD_KEY);
        if (StringUtils.isNotBlank(header)) {
            String usernameFromToken = this.jwtTokenService.getUsernameFromToken(header);
            if (usernameFromToken != null && SecurityContextHolder.getContext().getAuthentication() == null) {
                UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(usernameFromToken);
                accessLog(contentCachingRequestWrapper, loadUserByUsername);
                if (this.jwtTokenService.validateToken(header, loadUserByUsername).booleanValue()) {
                    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, (Object) null, loadUserByUsername.getAuthorities());
                    usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(contentCachingRequestWrapper));
                    SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
                    String renewToken = this.jwtTokenService.renewToken(header);
                    if (null != renewToken) {
                        httpServletResponse.addHeader("RenewToken", renewToken);
                        httpServletResponse.addHeader("Access-Control-Expose-Headers", "RenewToken");
                    }
                }
            }
        } else {
            accessLog(contentCachingRequestWrapper, null);
        }
        filterChain.doFilter(contentCachingRequestWrapper, httpServletResponse);
    }

    private void accessLog(ContentCachingRequestWrapper contentCachingRequestWrapper, UserDetails userDetails) {
        String ipAddr = WebUtils.getIpAddr(contentCachingRequestWrapper);
        String requestURI = contentCachingRequestWrapper.getRequestURI();
        String username = null == userDetails ? null : userDetails.getUsername();
        String joinRequestParam = WebUtils.joinRequestParam(contentCachingRequestWrapper, "|", new String[0]);
        String method = contentCachingRequestWrapper.getMethod();
        if (HttpMethod.OPTIONS.matches(method)) {
            LOGGER.debug("url:[{}],requestMethod:[{}]", requestURI, method);
            return;
        }
        if ("/app/heartbeat".equals(requestURI)) {
            return;
        }
        byte[] body = contentCachingRequestWrapper.getBody();
        String str = "";
        if (null != body && body.length > 0) {
            str = new String(body);
        }
        LOGGER.info(LogMarker.OPERATION, "url:[{}],requestMethod:[{}],user:[{}],requestIp:[{}],params:[{}],requestBody:[{}]", new Object[]{requestURI, method, username, ipAddr, joinRequestParam, str});
    }
}
