package com.centit.framework.security;

import com.centit.framework.common.WebOptUtils;
import com.centit.framework.security.model.CentitSessionRegistry;
import com.centit.framework.security.model.CentitUserDetails;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.security.access.SecurityMetadataSource;
import org.springframework.security.access.intercept.AbstractSecurityInterceptor;
import org.springframework.security.access.intercept.InterceptorStatusToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

/* loaded from: input_file:WEB-INF/lib/framework-security-4.1-SNAPSHOT.jar:com/centit/framework/security/DaoFilterSecurityInterceptor.class */
public class DaoFilterSecurityInterceptor extends AbstractSecurityInterceptor implements Filter {
    private FilterInvocationSecurityMetadataSource securityMetadataSource;
    private CentitSessionRegistry sessionRegistry;

    public void setSessionRegistry(CentitSessionRegistry centitSessionRegistry) {
        this.sessionRegistry = centitSessionRegistry;
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        invoke(new FilterInvocation(servletRequest, servletResponse, filterChain));
    }

    public FilterInvocationSecurityMetadataSource getSecurityMetadataSource() {
        return this.securityMetadataSource;
    }

    @Override // org.springframework.security.access.intercept.AbstractSecurityInterceptor
    public Class<? extends Object> getSecureObjectClass() {
        return FilterInvocation.class;
    }

    public void invoke(FilterInvocation filterInvocation) throws IOException, ServletException {
        Object attribute;
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        boolean z = false;
        if ((authentication == null || "anonymousUser".equals(authentication.getName())) && (attribute = filterInvocation.getHttpRequest().getSession().getAttribute(SecurityContextUtils.SecurityContextUserdetail)) != null && (attribute instanceof CentitUserDetails)) {
            authentication = (CentitUserDetails) attribute;
            z = isAlwaysReauthenticate();
            if (z) {
                setAlwaysReauthenticate(false);
            }
            SecurityContextHolder.getContext().setAuthentication(authentication);
        }
        if (authentication == null || "anonymousUser".equals(authentication.getName())) {
            String parameter = filterInvocation.getHttpRequest().getParameter("accessToken");
            if (StringUtils.isBlank(parameter)) {
                parameter = String.valueOf(filterInvocation.getHttpRequest().getAttribute("accessToken"));
            }
            CentitUserDetails currentUserDetails = this.sessionRegistry.getCurrentUserDetails(parameter);
            if (currentUserDetails != null) {
                z = isAlwaysReauthenticate();
                if (z) {
                    setAlwaysReauthenticate(false);
                }
                SecurityContextHolder.getContext().setAuthentication(currentUserDetails);
                WebOptUtils.setCurrentLang(filterInvocation.getHttpRequest(), currentUserDetails.getUserSettingValue(WebOptUtils.LOCAL_LANGUAGE_LABLE));
            }
        }
        InterceptorStatusToken beforeInvocation = super.beforeInvocation(filterInvocation);
        try {
            filterInvocation.getChain().doFilter(filterInvocation.getRequest(), filterInvocation.getResponse());
            super.afterInvocation(beforeInvocation, null);
            if (z) {
                setAlwaysReauthenticate(true);
            }
        } catch (Throwable th) {
            super.afterInvocation(beforeInvocation, null);
            throw th;
        }
    }

    @Override // org.springframework.security.access.intercept.AbstractSecurityInterceptor
    public SecurityMetadataSource obtainSecurityMetadataSource() {
        return this.securityMetadataSource;
    }

    public void setSecurityMetadataSource(FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource) {
        this.securityMetadataSource = filterInvocationSecurityMetadataSource;
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
