package cn.crudapi.security.authentication;

import cn.crudapi.core.dto.UserDTO;
import cn.crudapi.security.util.JwtUtil;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;

/* loaded from: input_file:cn/crudapi/security/authentication/JwtAuthorizationFilter.class */
public class JwtAuthorizationFilter extends BasicAuthenticationFilter {
    private static final Logger log = LoggerFactory.getLogger(JwtAuthorizationFilter.class);

    public JwtAuthorizationFilter(AuthenticationManager authenticationManager) {
        super(authenticationManager);
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header = httpServletRequest.getHeader(JwtUtil.TOKEN_HEADER);
        if (header == null || !header.startsWith(JwtUtil.TOKEN_PREFIX)) {
            log.info("JwtAuthorizationFilter Authorization empty!");
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } else {
            log.info("JwtAuthorizationFilter Authorization valid!");
            SecurityContextHolder.getContext().setAuthentication(getAuthentication(header));
            super.doFilterInternal(httpServletRequest, httpServletResponse, filterChain);
        }
    }

    private UsernamePasswordAuthenticationToken getAuthentication(String str) {
        String replace = str.replace(JwtUtil.TOKEN_PREFIX, "");
        try {
            String username = JwtUtil.getUsername(replace);
            UserDTO userDTO = JwtUtil.getUserDTO(replace);
            if (username != null) {
                return new UsernamePasswordAuthenticationToken(userDTO, (Object) null, userDTO.getAuthorities());
            }
            return null;
        } catch (Exception e) {
            log.error(e.getMessage());
            return null;
        }
    }
}
