package com.elitescloud.cloudt.authorization.api.client.config.security.configurer.filter;

import com.elitescloud.cloudt.authorization.api.client.config.security.handler.DefaultAuthenticationEntryPointHandler;
import java.io.IOException;
import java.util.Objects;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.logging.log4j.util.Supplier;
import org.springframework.lang.NonNull;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.security.web.context.NullSecurityContextRepository;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.util.Assert;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/elitescloud/cloudt/authorization/api/client/config/security/configurer/filter/AbstractAuthorizationFilter.class */
public abstract class AbstractAuthorizationFilter<T extends AbstractAuthenticationToken> extends OncePerRequestFilter {
    private static final Logger log = LogManager.getLogger(AbstractAuthorizationFilter.class);
    private AuthenticationManager authenticationManager;
    private AuthenticationEntryPoint authenticationEntryPoint = new DefaultAuthenticationEntryPointHandler(null);
    private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
    private SecurityContextRepository securityContextRepository = new NullSecurityContextRepository();
    private AuthenticationFailureHandler authenticationFailureHandler = (httpServletRequest, httpServletResponse, authenticationException) -> {
        if (authenticationException instanceof AuthenticationServiceException) {
            throw authenticationException;
        }
        this.authenticationEntryPoint.commence(httpServletRequest, httpServletResponse, authenticationException);
    };

    public AbstractAuthorizationFilter(AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    abstract T obtain(HttpServletRequest httpServletRequest) throws AuthenticationException;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        try {
            T obtain = obtain(httpServletRequest);
            if (obtain == null) {
                Logger logger = log;
                Objects.requireNonNull(httpServletRequest);
                logger.trace("{}未解析出有效AuthenticationToken", new Supplier[]{httpServletRequest::getRequestURI});
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            }
            obtain.setDetails(this.authenticationDetailsSource.buildDetails(httpServletRequest));
            try {
                Authentication authenticate = this.authenticationManager.authenticate(obtain);
                SecurityContext createEmptyContext = SecurityContextHolder.createEmptyContext();
                createEmptyContext.setAuthentication(authenticate);
                SecurityContextHolder.setContext(createEmptyContext);
                this.securityContextRepository.saveContext(createEmptyContext, httpServletRequest, httpServletResponse);
                Logger logger2 = log;
                Objects.requireNonNull(authenticate);
                logger2.debug("设置当前认证用户：{}", new Supplier[]{authenticate::getName});
                filterChain.doFilter(httpServletRequest, httpServletResponse);
            } catch (AuthenticationException e) {
                SecurityContextHolder.clearContext();
                if (log.isDebugEnabled()) {
                    log.debug("用户认证失败：{}", obtain);
                }
                this.authenticationFailureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, e);
            }
        } catch (AuthenticationException e2) {
            log.error("解析AuthenticationToken异常：", e2);
            this.authenticationEntryPoint.commence(httpServletRequest, httpServletResponse, e2);
        }
    }

    public void afterPropertiesSet() throws ServletException {
        Assert.notNull(this.authenticationManager, "authenticationManager不能为空");
        super.afterPropertiesSet();
    }

    public void setAuthenticationManager(@NonNull AuthenticationManager authenticationManager) {
        this.authenticationManager = authenticationManager;
    }

    public void setAuthenticationEntryPoint(@NonNull AuthenticationEntryPoint authenticationEntryPoint) {
        this.authenticationEntryPoint = authenticationEntryPoint;
    }

    public void setAuthenticationDetailsSource(@NonNull AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
        this.authenticationDetailsSource = authenticationDetailsSource;
    }

    public void setSecurityContextRepository(SecurityContextRepository securityContextRepository) {
        this.securityContextRepository = securityContextRepository;
    }

    public void setAuthenticationFailureHandler(AuthenticationFailureHandler authenticationFailureHandler) {
        this.authenticationFailureHandler = authenticationFailureHandler;
    }
}
