package com.digiwin.athena.athenadeployer.config;

import com.digiwin.athena.athenadeployer.domain.AthenaUser;
import com.digiwin.athena.athenadeployer.domain.AthenaUserLocal;
import com.digiwin.athena.athenadeployer.domain.base.BusinessException;
import java.io.IOException;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.client.RestTemplateBuilder;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.util.MultiValueMap;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.servlet.i18n.LocaleChangeInterceptor;

@Service
/* loaded from: input_file:WEB-INF/classes/com/digiwin/athena/athenadeployer/config/TenantTokenFilter.class */
public class TenantTokenFilter extends OncePerRequestFilter {

    @Value("${appToken}")
    private String appToken;

    @Autowired
    private ModuleConfig moduleConfig;

    @Autowired
    private RestTemplateBuilder restTemplateBuilder;
    private final String TOKEN_VERIFY_URL = "/api/iam/v2/identity/token/analyze";
    private final String IAM_USER_TOKEN = "digi-middleware-auth-user";
    private final String IAM_APP_TOKEN = "digi-middleware-auth-app";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) TenantTokenFilter.class);
    private static final Set<String> excludeUrls = new HashSet();

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.springframework.web.filter.OncePerRequestFilter
    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        String requestURI = httpServletRequest.getRequestURI();
        String method = httpServletRequest.getMethod();
        try {
            if (!excludeUrls.contains(requestURI) && !requestURI.contains("healthcheck") && !requestURI.contains("prometheus") && !HttpMethod.OPTIONS.matches(method) && null == AthenaUserLocal.getUser()) {
                String header = httpServletRequest.getHeader("token");
                if (StringUtils.isEmpty(header)) {
                    throw new BusinessException("Missing token in message header");
                }
                String header2 = httpServletRequest.getHeader(LocaleChangeInterceptor.DEFAULT_PARAM_NAME);
                if (StringUtils.isEmpty(header2)) {
                    header2 = "zh_CN";
                }
                try {
                    HttpHeaders httpHeaders = new HttpHeaders();
                    httpHeaders.setContentType(MediaType.APPLICATION_JSON);
                    httpHeaders.add("digi-middleware-auth-user", header);
                    httpHeaders.add("digi-middleware-auth-app", this.appToken);
                    ResponseEntity postForEntity = this.restTemplateBuilder.build().postForEntity(this.moduleConfig.getIam().getDomain() + "/api/iam/v2/identity/token/analyze", new HttpEntity((MultiValueMap<String, String>) httpHeaders), AthenaUser.class, new Object[0]);
                    AthenaUser athenaUser = (AthenaUser) postForEntity.getBody();
                    athenaUser.setToken(header);
                    athenaUser.setLocale(header2);
                    AthenaUserLocal.setUser((AthenaUser) postForEntity.getBody());
                } catch (Exception e) {
                    throw new BusinessException("Failed to parse token", e);
                }
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } finally {
            AthenaUserLocal.removeUser();
        }
    }

    static {
        excludeUrls.add("/athenadeployer/tenant/getIamIntegrationToken");
        excludeUrls.add("/athenadeployer/deploy/v3/privateQueryDeployLog");
        excludeUrls.add("/athenadeployer/deploy/v3/privateDeployDetailByApplication");
        excludeUrls.add("/athenadeployer/deploy/v3/privateEnv");
    }
}
