package com.centit.framework.security;

import com.centit.framework.common.WebOptUtils;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.access.SecurityMetadataSource;
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
import org.springframework.security.access.intercept.InterceptorStatusToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.session.SessionRegistry;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

/* loaded from: input_file:com/centit/framework/security/DaoFilterSecurityInterceptor.class */
public class DaoFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter {
    private FilterInvocationSecurityMetadataSource securityMetadataSource;
    private SessionRegistry sessionRegistry;
    private boolean allResourceMustBeAudited = false;

    public void setSessionRegistry(SessionRegistry sessionRegistry) {
        this.sessionRegistry = sessionRegistry;
    }

    public void setAllResourceMustBeAudited(boolean z) {
        this.allResourceMustBeAudited = z;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        invoke(new FilterInvocation(servletRequest, servletResponse, filterChain));
    }

    public FilterInvocationSecurityMetadataSource getSecurityMetadataSource() {
        return this.securityMetadataSource;
    }

    public Class<? extends Object> getSecureObjectClass() {
        return FilterInvocation.class;
    }

    public void invoke(FilterInvocation filterInvocation) throws IOException, ServletException {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        boolean z = false;
        if ("XMLHttpRequest".equals(filterInvocation.getRequest().getHeader("X-Requested-With"))) {
            if (authentication == null || "anonymousUser".equals(authentication.getName())) {
                HttpServletRequest httpRequest = filterInvocation.getHttpRequest();
                String parameter = httpRequest.getParameter("accessToken");
                if (StringUtils.isBlank(parameter)) {
                    parameter = httpRequest.getHeader("Authorization");
                }
                if (StringUtils.isBlank(parameter)) {
                    parameter = httpRequest.getSession().getId();
                }
                Authentication currentUserDetails = SecurityContextUtils.getCurrentUserDetails(this.sessionRegistry, parameter);
                if (currentUserDetails != null && (StringUtils.isBlank(currentUserDetails.getLoginIp()) || currentUserDetails.getLoginIp().equals(WebOptUtils.getRequestAddr(filterInvocation.getRequest())))) {
                    z = isAlwaysReauthenticate();
                    if (z) {
                        setAlwaysReauthenticate(false);
                    }
                    authentication = currentUserDetails;
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                    WebOptUtils.setCurrentLang(filterInvocation.getHttpRequest(), currentUserDetails.getUserSettingValue("LOCAL_LANG"));
                }
            }
            if (this.allResourceMustBeAudited && (authentication == null || "anonymousUser".equals(authentication.getName()))) {
                filterInvocation.getResponse().setStatus(401);
                return;
            }
        }
        InterceptorStatusToken beforeInvocation = super.beforeInvocation(filterInvocation);
        try {
            filterInvocation.getChain().doFilter(filterInvocation.getRequest(), filterInvocation.getResponse());
            super.afterInvocation(beforeInvocation, (Object) null);
            if (z) {
                setAlwaysReauthenticate(true);
            }
        } catch (Throwable th) {
            super.afterInvocation(beforeInvocation, (Object) null);
            throw th;
        }
    }

    public SecurityMetadataSource obtainSecurityMetadataSource() {
        return this.securityMetadataSource;
    }

    public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource) {
        this.securityMetadataSource = filterInvocationSecurityMetadataSource;
    }

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
