package com.digiwin.dap.middleware.iam.support.auth.filter;

import com.digiwin.dap.middleware.auth.AppAuthContextHolder;
import com.digiwin.dap.middleware.constant.GlobalConstants;
import com.digiwin.dap.middleware.iam.constant.IamConstants;
import com.digiwin.dap.middleware.iam.service.login.AuthoredUserService;
import com.digiwin.dap.middleware.iam.support.auth.domain.IamAuthenticationToken;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/digiwin/dap/middleware/iam/support/auth/filter/OauthAccessTokenAuthenticationFilter.class */
public class OauthAccessTokenAuthenticationFilter extends BasicAuthenticationFilter {
    private AuthoredUserService authoredUserService;

    public OauthAccessTokenAuthenticationFilter(AuthenticationManager authenticationManager, AuthoredUserService authoredUserService) {
        super(authenticationManager);
        this.authoredUserService = authoredUserService;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header = StringUtils.isEmpty(httpServletRequest.getHeader(GlobalConstants.HTTP_HEADER_OAUTH_ACCESS_TOKEN_KEY)) ? httpServletRequest.getHeader("authorization") : httpServletRequest.getHeader(GlobalConstants.HTTP_HEADER_OAUTH_ACCESS_TOKEN_KEY);
        if (StringUtils.isEmpty(header)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (header.contains("Basic")) {
            return;
        }
        if (header.contains("Bearer")) {
            header = header.replace("Bearer", IamConstants.EMPTY).trim();
        }
        IamAuthenticationToken iamAuthenticationToken = new IamAuthenticationToken(this.authoredUserService.getOauthUser(header, httpServletRequest), null);
        httpServletRequest.setAttribute("digi-middleware-auth-user-data", iamAuthenticationToken.getDetails());
        SecurityContextHolder.getContext().setAuthentication(iamAuthenticationToken);
        AppAuthContextHolder.getContext().setAuthoredUser(iamAuthenticationToken.getUser());
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }
}
