package com.github.securityfilter;

import com.github.securityfilter.util.BeanMap;
import com.github.securityfilter.util.SpringUtil;
import com.github.securityfilter.util.Util;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.nio.charset.StandardCharsets;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.function.Supplier;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/github/securityfilter/WebSecurityAccessFilter.class */
public class WebSecurityAccessFilter<USER_ID, ACCESS_USER> implements Filter {
    public static final String REQUEST_ATTR_NAME = "user";
    public static final String DEFAULT_ACCESS_TOKEN_PARAMETER_NAME = "access_token";
    public static final Object NULL = new Object();
    private static final ThreadLocal<Supplier<Object>> ACCESS_USER_THREAD_LOCAL = new ThreadLocal<>();
    private static final ThreadLocal<HttpServletRequest> REQUEST_THREAD_LOCAL = new ThreadLocal<>();
    private static final Constructor JACKSON_OBJECT_MAPPER_CONSTRUCTOR;
    private static final Method JACKSON_WRITE_VALUE_AS_BYTES_METHOD;
    private static WebSecurityAccessFilter INSTANCE;
    private final Set<String> accessTokenParameterNames;
    private Object jacksonObjectMapper;

    public WebSecurityAccessFilter() {
        this(Collections.singletonList(DEFAULT_ACCESS_TOKEN_PARAMETER_NAME));
    }

    public WebSecurityAccessFilter(Collection<String> collection) {
        this.accessTokenParameterNames = new LinkedHashSet();
        this.accessTokenParameterNames.addAll(collection);
        INSTANCE = this;
    }

    public static <ACCESS_USER> ACCESS_USER getCurrentAccessUserIfCreate(HttpServletRequest httpServletRequest, WebSecurityAccessFilter webSecurityAccessFilter) {
        if (httpServletRequest == null) {
            httpServletRequest = getCurrentRequest();
        }
        ACCESS_USER access_user = (ACCESS_USER) getCurrentAccessUserExist(httpServletRequest);
        if (access_user == NULL) {
            return null;
        }
        if (access_user != null || webSecurityAccessFilter == null) {
            return access_user;
        }
        webSecurityAccessFilter.initAccessUser(httpServletRequest);
        return (ACCESS_USER) getCurrentAccessUser(httpServletRequest);
    }

    public static <ACCESS_USER> ACCESS_USER getCurrentAccessUserIfCreate(HttpServletRequest httpServletRequest) {
        return (ACCESS_USER) getCurrentAccessUserIfCreate(httpServletRequest, INSTANCE);
    }

    public static <ACCESS_USER> ACCESS_USER getCurrentAccessUserIfCreate() {
        return (ACCESS_USER) getCurrentAccessUserIfCreate(null, INSTANCE);
    }

    public static <ACCESS_USER> ACCESS_USER getCurrentAccessUser(HttpServletRequest httpServletRequest) {
        ACCESS_USER access_user = (ACCESS_USER) getCurrentAccessUserExist(httpServletRequest);
        if (access_user == NULL) {
            return null;
        }
        return access_user;
    }

    public static <ACCESS_USER> ACCESS_USER getCurrentAccessUserExist(HttpServletRequest httpServletRequest) {
        Supplier<Object> supplier;
        Object obj = null;
        if (httpServletRequest == null) {
            httpServletRequest = getCurrentRequest();
        }
        if (httpServletRequest != null) {
            obj = httpServletRequest.getAttribute(REQUEST_ATTR_NAME);
        }
        if ((obj == null || obj == NULL) && (supplier = ACCESS_USER_THREAD_LOCAL.get()) != null) {
            obj = supplier.get();
        }
        return (ACCESS_USER) obj;
    }

    public static <ACCESS_USER> ACCESS_USER getCurrentAccessUser() {
        return (ACCESS_USER) getCurrentAccessUser(null);
    }

    public static <T> void setCurrentUser(T t) {
        if (t == null) {
            ACCESS_USER_THREAD_LOCAL.remove();
        } else {
            ACCESS_USER_THREAD_LOCAL.set(() -> {
                return t;
            });
        }
    }

    public static String[] getAccessTokens(HttpServletRequest httpServletRequest, Collection<String> collection) {
        Object obj;
        Supplier<Object> supplier = ACCESS_USER_THREAD_LOCAL.get();
        if (supplier != null && (obj = supplier.get()) != null && obj != NULL) {
            Map map = BeanMap.toMap(obj);
            Iterator<String> it = collection.iterator();
            while (it.hasNext()) {
                Object obj2 = map.get(it.next());
                if (obj2 != null) {
                    return new String[]{obj2.toString()};
                }
            }
            Object obj3 = map.get(DEFAULT_ACCESS_TOKEN_PARAMETER_NAME);
            if (obj3 != null) {
                return new String[]{obj3.toString()};
            }
        }
        if (httpServletRequest == null) {
            httpServletRequest = getCurrentRequest();
            if (httpServletRequest == null) {
                return new String[0];
            }
        }
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        for (String str : collection) {
            String str2 = (String) httpServletRequest.getAttribute(str);
            if (str2 != null && !str2.isEmpty()) {
                linkedHashSet.add(str2);
            }
            String parameter = httpServletRequest.getParameter(str);
            if (parameter != null && !parameter.isEmpty()) {
                linkedHashSet.add(parameter);
            }
            String header = httpServletRequest.getHeader(toHeaderName(str));
            if (header != null && !header.isEmpty()) {
                linkedHashSet.add(header);
            }
            String cookieValue = getCookieValue(httpServletRequest.getCookies(), str);
            if (cookieValue != null && !cookieValue.isEmpty()) {
                linkedHashSet.add(cookieValue);
            }
        }
        return (String[]) linkedHashSet.toArray(new String[0]);
    }

    public static <ACCESS_USER> void runOnCurrentUser(ACCESS_USER access_user, Runnable runnable) {
        Object currentAccessUser = getCurrentAccessUser();
        try {
            setCurrentUser(access_user);
            runnable.run();
        } finally {
            setCurrentUser(currentAccessUser);
        }
    }

    public static <ACCESS_USER, RESULT> RESULT runOnCurrentUser(ACCESS_USER access_user, Callable<RESULT> callable) throws Exception {
        Object currentAccessUser = getCurrentAccessUser();
        try {
            setCurrentUser(access_user);
            RESULT call = callable.call();
            setCurrentUser(currentAccessUser);
            return call;
        } catch (Throwable th) {
            setCurrentUser(currentAccessUser);
            throw th;
        }
    }

    private static String getCookieValue(Cookie[] cookieArr, String str) {
        if (cookieArr == null) {
            return null;
        }
        for (Cookie cookie : cookieArr) {
            if (Objects.equals(str, cookie.getName())) {
                return cookie.getValue();
            }
        }
        return null;
    }

    private static String toHeaderName(String str) {
        return str.replace("_", "-");
    }

    public static HttpServletRequest getCurrentRequest() {
        HttpServletRequest httpServletRequest = REQUEST_THREAD_LOCAL.get();
        if (httpServletRequest == null && Util.EXIST_SPRING_WEB) {
            httpServletRequest = getCurrentRequestSpring();
        }
        return httpServletRequest;
    }

    public static HttpServletRequest getCurrentRequestSpring() {
        return SpringUtil.getCurrentRequest();
    }

    public Set<String> getAccessTokenParameterNames() {
        return this.accessTokenParameterNames;
    }

    protected boolean isAccessSuccess(ACCESS_USER access_user) {
        return true;
    }

    protected USER_ID selectUserId(HttpServletRequest httpServletRequest, String str) {
        return null;
    }

    protected ACCESS_USER selectUser(HttpServletRequest httpServletRequest, USER_ID user_id, String str) {
        return null;
    }

    protected void onAccessSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, ACCESS_USER access_user) throws IOException, ServletException {
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    protected void onAccessFail(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain, ACCESS_USER access_user) throws IOException, ServletException {
        Iterator<String> it = this.accessTokenParameterNames.iterator();
        while (it.hasNext()) {
            httpServletResponse.addHeader("Set-Cookie", it.next() + "=; Max-Age=0; Path=/");
        }
        if (access_user == null) {
            writeToBody(httpServletResponse, "{\"message\":\"用户未登录\",\"success\":false,\"code\":401,\"status\":2}");
        } else {
            writeToBody(httpServletResponse, "{\"message\":\"账号禁止登录\",\"success\":false,\"code\":401,\"status\":3}");
        }
    }

    /* JADX WARN: Finally extract failed */
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        REQUEST_THREAD_LOCAL.set(httpServletRequest);
        try {
            ACCESS_USER initAccessUser = initAccessUser(httpServletRequest);
            if (initAccessUser == null) {
                onAccessFail(httpServletRequest, httpServletResponse, filterChain, null);
            } else {
                try {
                    if (isAccessSuccess(initAccessUser)) {
                        onAccessSuccess(httpServletRequest, httpServletResponse, filterChain, initAccessUser);
                    } else {
                        onAccessFail(httpServletRequest, httpServletResponse, filterChain, initAccessUser);
                    }
                    setCurrentUser(null);
                } catch (Throwable th) {
                    setCurrentUser(null);
                    throw th;
                }
            }
            REQUEST_THREAD_LOCAL.remove();
        } catch (Throwable th2) {
            REQUEST_THREAD_LOCAL.remove();
            throw th2;
        }
    }

    protected String[] getAccessTokens(HttpServletRequest httpServletRequest) {
        return getAccessTokens(httpServletRequest, this.accessTokenParameterNames);
    }

    /* JADX WARN: Code restructure failed: missing block: B:46:0x00a5, code lost:
    
        r6.setAttribute(com.github.securityfilter.WebSecurityAccessFilter.REQUEST_ATTR_NAME, r8);
     */
    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected ACCESS_USER initAccessUser(javax.servlet.http.HttpServletRequest r6) {
        /*
            Method dump skipped, instructions count: 216
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.github.securityfilter.WebSecurityAccessFilter.initAccessUser(javax.servlet.http.HttpServletRequest):java.lang.Object");
    }

    protected void writeToBody(HttpServletResponse httpServletResponse, Object obj) throws IOException {
        httpServletResponse.setHeader("content-type", "application/json;charset=UTF-8");
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        Throwable th = null;
        try {
            outputStream.write(toByte(obj));
            outputStream.flush();
            if (outputStream != null) {
                if (0 == 0) {
                    outputStream.close();
                    return;
                }
                try {
                    outputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (outputStream != null) {
                if (0 != 0) {
                    try {
                        outputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    outputStream.close();
                }
            }
            throw th3;
        }
    }

    public byte[] toByte(Object obj) {
        return obj instanceof byte[] ? (byte[]) obj : obj instanceof String ? ((String) obj).getBytes(StandardCharsets.UTF_8) : obj == null ? "{}".getBytes(StandardCharsets.UTF_8) : toJsonBytes(obj);
    }

    public <T> T getJacksonObjectMapper() {
        return (T) this.jacksonObjectMapper;
    }

    public void setJacksonObjectMapper(Object obj) {
        this.jacksonObjectMapper = obj;
    }

    public byte[] toJsonBytes(Object obj) {
        if (JACKSON_WRITE_VALUE_AS_BYTES_METHOD != null && this.jacksonObjectMapper == null) {
            try {
                this.jacksonObjectMapper = JACKSON_OBJECT_MAPPER_CONSTRUCTOR.newInstance(new Object[0]);
            } catch (Exception e) {
            }
        }
        byte[] bArr = null;
        if (this.jacksonObjectMapper != null && JACKSON_WRITE_VALUE_AS_BYTES_METHOD != null) {
            try {
                bArr = (byte[]) JACKSON_WRITE_VALUE_AS_BYTES_METHOD.invoke(this.jacksonObjectMapper, obj);
            } catch (Exception e2) {
            }
        }
        if (bArr == null) {
            throw new IllegalStateException("no support json serialization. need user impl method toJsonBytes(body)");
        }
        return bArr;
    }

    static {
        Constructor<?> constructor;
        Method method;
        try {
            Class<?> cls = Class.forName("com.fasterxml.jackson.databind.ObjectMapper");
            constructor = cls.getConstructor(new Class[0]);
            method = cls.getMethod("writeValueAsBytes", Object.class);
        } catch (Exception e) {
            constructor = null;
            method = null;
        }
        JACKSON_OBJECT_MAPPER_CONSTRUCTOR = constructor;
        JACKSON_WRITE_VALUE_AS_BYTES_METHOD = method;
    }
}
