package org.onetwo.ext.security.jwt;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.onetwo.common.log.JFishLoggerFactory;
import org.onetwo.ext.security.jwt.JwtAuthStores;
import org.onetwo.ext.security.utils.CookieStorer;
import org.onetwo.ext.security.utils.SecurityConfig;
import org.slf4j.Logger;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.context.HttpRequestResponseHolder;
import org.springframework.security.web.context.SecurityContextRepository;

/* loaded from: input_file:org/onetwo/ext/security/jwt/JwtSecurityContextRepository.class */
public class JwtSecurityContextRepository implements SecurityContextRepository, InitializingBean {
    private JwtSecurityTokenService jwtTokenService;
    private String authHeaderName;
    private SecurityConfig.JwtConfig jwtConfig;
    private SecurityConfig.CookieConfig cookieConfig;
    private JwtAuthStores authStore;
    private CookieStorer cookieStorer;
    private final Logger logger = JFishLoggerFactory.getLogger(getClass());
    private boolean updateTokenOnResponse = false;

    public void afterPropertiesSet() throws Exception {
        String authKey = this.jwtConfig.getAuthKey();
        if (StringUtils.isBlank(authKey)) {
            authKey = this.jwtConfig.getAuthHeader();
        }
        this.authHeaderName = authKey;
        setAuthStore(this.jwtConfig.getAuthStore());
        setCookieStorer(CookieStorer.builder().cookieDomain(this.cookieConfig.getDomain()).cookiePath(this.cookieConfig.getPath()).build());
    }

    public SecurityContext loadContext(HttpRequestResponseHolder httpRequestResponseHolder) {
        String token = this.authStore.getToken(httpRequestResponseHolder.getRequest(), this.authHeaderName);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("load context user token : {}", token);
        }
        if (StringUtils.isBlank(token)) {
            return SecurityContextHolder.createEmptyContext();
        }
        SecurityContext context = SecurityContextHolder.getContext();
        Authentication authentication = null;
        try {
            authentication = this.jwtTokenService.createAuthentication(token);
        } catch (CredentialsExpiredException e) {
            this.logger.error("error token : " + e.getMessage(), e);
            if (this.authStore == JwtAuthStores.COOKIES) {
                this.cookieStorer.clear(httpRequestResponseHolder.getRequest(), httpRequestResponseHolder.getResponse(), this.authHeaderName);
            }
        }
        if (authentication != null) {
            context.setAuthentication(authentication);
        }
        return context;
    }

    public void saveContext(SecurityContext securityContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (this.updateTokenOnResponse && httpServletResponse.getHeaders(this.authHeaderName) == null) {
            JwtSecurityTokenInfo generateToken = this.jwtTokenService.generateToken(securityContext.getAuthentication());
            this.authStore.saveToken(JwtAuthStores.StoreContext.builder().request(httpServletRequest).response(httpServletResponse).authKey(this.authHeaderName).cookieStorer(this.cookieStorer).build());
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("saveContext user token : {}", generateToken);
            }
        }
    }

    public boolean containsContext(HttpServletRequest httpServletRequest) {
        return false;
    }

    public void setJwtTokenService(JwtSecurityTokenService jwtSecurityTokenService) {
        this.jwtTokenService = jwtSecurityTokenService;
    }

    public void setAuthStore(JwtAuthStores jwtAuthStores) {
        this.authStore = jwtAuthStores;
    }

    public void setCookieStorer(CookieStorer cookieStorer) {
        this.cookieStorer = cookieStorer;
    }

    public void setJwtConfig(SecurityConfig.JwtConfig jwtConfig) {
        this.jwtConfig = jwtConfig;
    }

    public void setCookieConfig(SecurityConfig.CookieConfig cookieConfig) {
        this.cookieConfig = cookieConfig;
    }
}
