package com.elitescloud.boot.auth.provider.config.servlet.oauth2.configurer.filter;

import com.elitescloud.boot.auth.client.common.SecurityConstants;
import com.elitescloud.boot.auth.provider.common.LoginParameterNames;
import com.elitescloud.boot.auth.provider.config.servlet.oauth2.OAuth2AuthorizationCodeUserVerifier;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import javax.annotation.Nonnull;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitescloud/boot/auth/provider/config/servlet/oauth2/configurer/filter/OAuth2AuthorizationCodeUserVerifierFilter.class */
public class OAuth2AuthorizationCodeUserVerifierFilter extends AbstractOAuth2Filter {
    private static final Logger log = LogManager.getLogger(OAuth2AuthorizationCodeUserVerifierFilter.class);
    private final RequestMatcher oauth2AuthorizationEndpointRequestMatcher;
    private final List<OAuth2AuthorizationCodeUserVerifier> auth2AuthorizeUserVerifiers;

    public OAuth2AuthorizationCodeUserVerifierFilter(String str, List<OAuth2AuthorizationCodeUserVerifier> list) {
        this.oauth2AuthorizationEndpointRequestMatcher = super.buildOAuth2AuthorizationEndpointRequestMatcher(str);
        this.auth2AuthorizeUserVerifiers = list;
    }

    protected void doFilterInternal(@Nonnull HttpServletRequest httpServletRequest, @Nonnull HttpServletResponse httpServletResponse, @Nonnull FilterChain filterChain) throws ServletException, IOException {
        if (!this.oauth2AuthorizationEndpointRequestMatcher.matches(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String parameter = httpServletRequest.getParameter(LoginParameterNames.CLIENT_ID);
        if (!StringUtils.hasText(parameter)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!super.isPrincipalAuthenticated(authentication)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        Iterator<OAuth2AuthorizationCodeUserVerifier> it = this.auth2AuthorizeUserVerifiers.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            if (!it.next().verify(parameter, authentication)) {
                log.info("已认证用户{}与客户端{}未绑定", authentication.getName(), parameter);
                SecurityContextHolder.getContext().setAuthentication(SecurityConstants.AUTHENTICATION_ANONYMOUS);
                break;
            }
            log.info("已认证用户{}与客户端{}已绑定", authentication.getName(), parameter);
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
