package com.bxm.localnews.admin.config.jwt;

import com.bxm.localnews.admin.constant.SecurityConstant;
import com.bxm.localnews.admin.service.security.JwtTokenService;
import com.bxm.newidea.component.log.LogMarker;
import com.bxm.newidea.component.util.WebUtils;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

@Component
/* loaded from: input_file:com/bxm/localnews/admin/config/jwt/JwtAuthenticationTokenFilter.class */
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
    private static final Logger LOGGER = LoggerFactory.getLogger(JwtAuthenticationTokenFilter.class);

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private JwtTokenService jwtTokenService;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String header = httpServletRequest.getHeader(SecurityConstant.HEAD_KEY);
        if (StringUtils.isNotBlank(header)) {
            String usernameFromToken = this.jwtTokenService.getUsernameFromToken(header);
            if (usernameFromToken != null && SecurityContextHolder.getContext().getAuthentication() == null) {
                UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(usernameFromToken);
                accessLog(httpServletRequest, loadUserByUsername);
                if (this.jwtTokenService.validateToken(header, loadUserByUsername).booleanValue()) {
                    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, (Object) null, loadUserByUsername.getAuthorities());
                    usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
                    SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
                    String renewToken = this.jwtTokenService.renewToken(header);
                    if (null != renewToken) {
                        httpServletResponse.addHeader(SecurityConstant.RESPONSE_TOKEN_HEAD, renewToken);
                        httpServletResponse.addHeader("Access-Control-Expose-Headers", SecurityConstant.RESPONSE_TOKEN_HEAD);
                    }
                }
            }
        } else {
            accessLog(httpServletRequest, null);
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void accessLog(HttpServletRequest httpServletRequest, UserDetails userDetails) {
        String ipAddr = WebUtils.getIpAddr(httpServletRequest);
        String requestURI = httpServletRequest.getRequestURI();
        String username = null == userDetails ? null : userDetails.getUsername();
        String joinRequestParam = WebUtils.joinRequestParam(httpServletRequest, "|", new String[0]);
        if ("/app/heartbeat".equals(requestURI)) {
            return;
        }
        LOGGER.info(LogMarker.OPERATION, "url:[{}],user:[{}],requestIp:[{}],params:[{}]", new Object[]{requestURI, username, ipAddr, joinRequestParam});
    }
}
