package com.flyfish.oauth.filter;

import com.flyfish.oauth.client.OAuth2SsoClient;
import com.flyfish.oauth.client.OAuth2SsoClientInitializer;
import com.flyfish.oauth.common.OAuth2SsoInitializeAware;
import com.flyfish.oauth.entry.AuthenticationEntryPoint;
import com.flyfish.oauth.utils.RequestUtils;
import java.io.IOException;
import java.util.Iterator;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

@WebFilter(urlPatterns = {"/*"})
/* loaded from: input_file:com/flyfish/oauth/filter/SSOAuthenticationFilter.class */
public class SSOAuthenticationFilter implements Filter, OAuth2SsoInitializeAware {
    private OAuth2SsoClient client;
    private AuthenticationEntryPoint entryPoint;

    public void init(FilterConfig filterConfig) throws ServletException {
        OAuth2SsoClientInitializer.register(this);
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (checkAvailable(httpServletResponse)) {
            RequestUtils of = RequestUtils.of(httpServletRequest);
            String accessToken = of.getAccessToken();
            if (of.getURI().contains("oauth")) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            if (accessToken != null && this.entryPoint.checkAccessToken(accessToken)) {
                authenticateSuccess(httpServletRequest, accessToken);
                filterChain.doFilter(servletRequest, servletResponse);
            } else if (!refreshAccessToken(httpServletResponse, of.getRefreshToken())) {
                httpServletResponse.sendRedirect(this.entryPoint.redirectUrl(of));
            } else {
                authenticateSuccess(httpServletRequest, accessToken);
                filterChain.doFilter(servletRequest, servletResponse);
            }
        }
    }

    public void destroy() {
        this.client = null;
        this.entryPoint = null;
    }

    @Override // com.flyfish.oauth.common.OAuth2SsoInitializeAware
    public void setClient(OAuth2SsoClient oAuth2SsoClient) {
        this.client = oAuth2SsoClient;
        System.out.println("===============[sso]: sso filter initialized!=============");
    }

    @Override // com.flyfish.oauth.common.OAuth2SsoInitializeAware
    public void setEntryPoint(AuthenticationEntryPoint authenticationEntryPoint) {
        this.entryPoint = authenticationEntryPoint;
    }

    private void authenticateSuccess(HttpServletRequest httpServletRequest, String str) {
        HttpSession session = httpServletRequest.getSession();
        if (this.client.getSessionConverter().isComplete(session)) {
            return;
        }
        this.client.getSessionConverter().convert(session, this.client.getUserService().getUser(this.entryPoint.getUserInfo(str)));
    }

    private boolean refreshAccessToken(HttpServletResponse httpServletResponse, String str) {
        if (null == str) {
            return false;
        }
        Iterator<Cookie> it = this.entryPoint.refreshAccessToken(str).toCookies().iterator();
        while (it.hasNext()) {
            httpServletResponse.addCookie(it.next());
        }
        return true;
    }

    private boolean checkAvailable(HttpServletResponse httpServletResponse) throws IOException {
        if (null != this.client.getProperties()) {
            return true;
        }
        httpServletResponse.sendError(503, "系统正在启动中...");
        return false;
    }
}
