package de.alpharogroup.user.auth.filter;

import com.fasterxml.jackson.core.JsonParser;
import de.alpharogroup.collections.map.MapFactory;
import de.alpharogroup.collections.pairs.KeyValuePair;
import de.alpharogroup.json.JsonStringToObjectExtensions;
import de.alpharogroup.json.factory.ObjectMapperFactory;
import de.alpharogroup.servlet.extensions.HttpServletRequestExtensions;
import de.alpharogroup.user.auth.configuration.ApplicationProperties;
import de.alpharogroup.user.auth.dto.JwtRequest;
import de.alpharogroup.user.auth.service.JwtTokenService;
import de.alpharogroup.user.auth.service.api.AuthenticationsService;
import de.alpharogroup.user.auth.service.jwt.JwtUserDetailsService;
import java.io.IOException;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.NonNull;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

@Component
/* loaded from: input_file:de/alpharogroup/user/auth/filter/JwtRequestFilter.class */
public class JwtRequestFilter extends OncePerRequestFilter {

    @Autowired
    private JwtUserDetailsService jwtUserDetailsService;

    @Autowired
    private JwtTokenService jwtTokenService;

    @Autowired
    private AuthenticationsService authenticationsService;

    @Autowired
    ApplicationProperties applicationProperties;

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String username;
        String password;
        if (!httpServletRequest.isSecure() || isPublicRequest(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        Optional<String> jwtToken = getJwtToken(httpServletRequest);
        if (jwtToken.isPresent()) {
            validateToken(httpServletRequest, httpServletResponse, jwtToken.get());
        } else if (isSigninRequest(httpServletRequest)) {
            String body = HttpServletRequestExtensions.getBody(httpServletRequest);
            if (body.isEmpty()) {
                username = httpServletRequest.getParameter("username");
                password = httpServletRequest.getParameter("password");
                if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
                    filterChain.doFilter(httpServletRequest, httpServletResponse);
                    return;
                }
            } else {
                JwtRequest jwtRequest = (JwtRequest) JsonStringToObjectExtensions.toObject(body, JwtRequest.class, ObjectMapperFactory.newObjectMapper(MapFactory.newHashMap(new KeyValuePair[]{KeyValuePair.builder().key(JsonParser.Feature.ALLOW_UNQUOTED_FIELD_NAMES).value(true).build()})));
                username = jwtRequest.getUsername();
                password = jwtRequest.getPassword();
            }
            setNewToken(httpServletRequest, httpServletResponse, username, password);
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void validateToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        String username = this.jwtTokenService.getUsername(str);
        if (username == null || SecurityContextHolder.getContext().getAuthentication() != null) {
            return;
        }
        UserDetails loadUserByUsername = this.jwtUserDetailsService.loadUserByUsername(username);
        if (this.jwtTokenService.validate(str, loadUserByUsername).booleanValue()) {
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, (Object) null, loadUserByUsername.getAuthorities());
            usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
            SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
            httpServletResponse.addHeader("Authorization", "Bearer " + str);
        }
    }

    private void setNewToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        UserDetails loadUserByUsername = this.jwtUserDetailsService.loadUserByUsername(str);
        if (this.authenticationsService.authenticate(str, str2).isValid()) {
            String newJwtToken = this.jwtTokenService.newJwtToken(loadUserByUsername);
            UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, (Object) null, loadUserByUsername.getAuthorities());
            usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
            SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
            httpServletResponse.addHeader("Authorization", "Bearer " + newJwtToken);
        }
    }

    protected Optional<String> getJwtToken(@NonNull HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new NullPointerException("request is marked non-null but is null");
        }
        return HttpServletRequestExtensions.getAuthorizationHeader(httpServletRequest);
    }

    protected boolean isPublicRequest(@NonNull HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new NullPointerException("request is marked non-null but is null");
        }
        boolean z = false;
        if (isPublicPath(getPath(httpServletRequest))) {
            z = true;
        }
        return z;
    }

    protected boolean isSigninRequest(@NonNull HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new NullPointerException("request is marked non-null but is null");
        }
        boolean z = false;
        if (isSigninPath(getPath(httpServletRequest))) {
            z = true;
        }
        return z;
    }

    protected boolean isSigninPath(String str) {
        return this.applicationProperties.getSigninPathPatterns().contains(str);
    }

    protected boolean isPublicPath(String str) {
        return this.applicationProperties.getPublicPathPatterns().contains(str);
    }

    public String getPath(@NonNull HttpServletRequest httpServletRequest) {
        if (httpServletRequest == null) {
            throw new NullPointerException("request is marked non-null but is null");
        }
        return HttpServletRequestExtensions.getPath(httpServletRequest);
    }
}
