package com.digiwin.gateway.service.permission;

import com.digiwin.gateway.service.permission.config.DWServicePermissionConfig;
import com.digiwin.gateway.service.permission.pojo.DWSecurityToken;
import com.digiwin.gateway.service.permission.util.DWSecurityTokenUtil;
import java.io.IOException;
import java.time.Instant;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;

/* loaded from: input_file:WEB-INF/lib/dwapiplatform-service-permission-5.2.0.1093.jar:com/digiwin/gateway/service/permission/DWSecurityContextInitFilter.class */
public class DWSecurityContextInitFilter implements Filter {
    private static final Log log = LogFactory.getLog(DWSecurityContextInitFilter.class);
    public static final String KEY_SECURITY_TOKEN = "security-token";
    public static final String KEY_USER_TOKEN = "token";
    public static final String KEY_APP_TOKEN = "digi-middleware-auth-app";

    @Autowired
    @Qualifier("dw-service-permission-config")
    DWServicePermissionConfig servicePermissionConfig;

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        DWSecurityContext.getSecurityContext().remove();
        String header = ((HttpServletRequest) servletRequest).getHeader("security-token");
        this.servicePermissionConfig.isOpenTrustChain();
        if (null != header && !header.trim().isEmpty()) {
            try {
                DWSecurityToken parseSecurityToken = DWSecurityTokenUtil.parseSecurityToken(header);
                DWSecurityContext context = parseSecurityToken.getContext();
                if (Instant.ofEpochMilli(parseSecurityToken.getExpirationTime()).isBefore(Instant.now())) {
                    DWSecurityContext.getSecurityContext().setProfile(context.getProfile());
                } else {
                    DWSecurityContext.setSecurityContext(context);
                }
            } catch (Exception e) {
                log.warn(String.format("使用[%s]還原安全上下文時出錯, 使用平台默認安全上下文", header), e);
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}
