package com.elitesland.cloudt.authorization.api.client.config.security.resolver.impl;

import com.elitesland.cloudt.authorization.api.client.common.AuthorizationException;
import com.elitesland.cloudt.authorization.api.client.config.security.resolver.BearerTokenResolver;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import org.springframework.lang.NonNull;
import org.springframework.security.core.AuthenticationException;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/elitesland/cloudt/authorization/api/client/config/security/resolver/impl/DefaultBearerTokenResolver.class */
public class DefaultBearerTokenResolver implements BearerTokenResolver {
    private static final Pattern AUTHORIZATION_PATTERN = Pattern.compile("^Bearer (?<token>[a-zA-Z0-9-._~+/]+=*)$", 2);
    private static final String TOKEN_PREFIX = "bearer";
    private boolean allowFormEncodedBodyParameter = false;
    private boolean allowUriQueryParameter = false;
    private String bearerTokenHeaderName = "Authorization";

    @Override // com.elitesland.cloudt.authorization.api.client.config.security.resolver.BearerTokenResolver
    public String resolve(HttpServletRequest httpServletRequest) throws AuthenticationException {
        String resolveFromAuthorizationHeader = resolveFromAuthorizationHeader(httpServletRequest);
        if (StringUtils.hasText(resolveFromAuthorizationHeader)) {
            return resolveFromAuthorizationHeader;
        }
        if (isParameterTokenSupportedForRequest(httpServletRequest) && isParameterTokenEnabledForRequest(httpServletRequest)) {
            return resolveFromRequestParameters(httpServletRequest);
        }
        return null;
    }

    public void setAllowFormEncodedBodyParameter(boolean z) {
        this.allowFormEncodedBodyParameter = z;
    }

    public void setAllowUriQueryParameter(boolean z) {
        this.allowUriQueryParameter = z;
    }

    public void setBearerTokenHeaderName(@NonNull String str) {
        this.bearerTokenHeaderName = str;
    }

    private String resolveFromAuthorizationHeader(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.bearerTokenHeaderName);
        if (!StringUtils.startsWithIgnoreCase(header, TOKEN_PREFIX)) {
            return null;
        }
        Matcher matcher = AUTHORIZATION_PATTERN.matcher(header);
        if (matcher.matches()) {
            return matcher.group("token");
        }
        throw new AuthorizationException("token格式不正确");
    }

    private static String resolveFromRequestParameters(HttpServletRequest httpServletRequest) {
        String[] parameterValues = httpServletRequest.getParameterValues("access_token");
        if (parameterValues == null || parameterValues.length == 0) {
            return null;
        }
        if (parameterValues.length == 1) {
            return parameterValues[0];
        }
        throw new AuthorizationException("token格式不正确");
    }

    private boolean isParameterTokenSupportedForRequest(HttpServletRequest httpServletRequest) {
        return ("POST".equals(httpServletRequest.getMethod()) && "application/x-www-form-urlencoded".equals(httpServletRequest.getContentType())) || "GET".equals(httpServletRequest.getMethod());
    }

    private boolean isParameterTokenEnabledForRequest(HttpServletRequest httpServletRequest) {
        return (this.allowFormEncodedBodyParameter && "POST".equals(httpServletRequest.getMethod()) && "application/x-www-form-urlencoded".equals(httpServletRequest.getContentType())) || (this.allowUriQueryParameter && "GET".equals(httpServletRequest.getMethod()));
    }
}
