package io.github.toquery.framework.security.jwt;

import io.github.toquery.framework.security.jwt.properties.AppJwtProperties;
import io.jsonwebtoken.ExpiredJwtException;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

@Component
/* loaded from: input_file:io/github/toquery/framework/security/jwt/JwtAuthorizationTokenFilter.class */
public class JwtAuthorizationTokenFilter extends OncePerRequestFilter {
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private final UserDetailsService userDetailsService;
    private final JwtTokenUtil jwtTokenUtil;
    private final String tokenHeader;

    public JwtAuthorizationTokenFilter(UserDetailsService userDetailsService, JwtTokenUtil jwtTokenUtil, AppJwtProperties appJwtProperties) {
        this.userDetailsService = userDetailsService;
        this.jwtTokenUtil = jwtTokenUtil;
        this.tokenHeader = appJwtProperties.getHeader();
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        this.logger.debug("processing authentication for '{}'", httpServletRequest.getRequestURL());
        String header = httpServletRequest.getHeader(this.tokenHeader);
        String str = null;
        String str2 = null;
        if (header == null || !header.startsWith("Bearer ")) {
            this.logger.warn("couldn't find bearer string, will ignore the header");
        } else {
            str2 = header.substring(7);
            try {
                str = this.jwtTokenUtil.getUsernameFromToken(str2);
            } catch (ExpiredJwtException e) {
                this.logger.warn("the token is expired and not valid anymore", e);
            } catch (IllegalArgumentException e2) {
                this.logger.error("an error occured during getting username from token", e2);
            }
        }
        this.logger.debug("checking authentication for user '{}'", str);
        if (str != null && SecurityContextHolder.getContext().getAuthentication() == null) {
            this.logger.debug("security context was null, so authorizating user");
            UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(str);
            if (this.jwtTokenUtil.validateToken(str2, loadUserByUsername).booleanValue()) {
                UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loadUserByUsername, (Object) null, loadUserByUsername.getAuthorities());
                usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(httpServletRequest));
                this.logger.info("authorizated user '{}', setting security context", str);
                SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
