package com.aote.filter;

import com.af.plugins.AESUtil;
import com.aote.config.SystemConfig;
import com.aote.redis.RedisUtil;
import com.aote.util.GetUserIp;
import com.aote.weixin.Config;
import io.jsonwebtoken.Claims;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.log4j.Logger;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.http.server.ServletServerHttpResponse;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/aote/filter/AuthorizeFilter.class */
public class AuthorizeFilter implements Filter {
    static Logger log = Logger.getLogger(AuthorizeFilter.class);
    private static final RedisUtil redisUtil = RedisUtil.getInstance();

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        ServletServerHttpRequest servletServerHttpRequest = new ServletServerHttpRequest(httpServletRequest);
        ServletServerHttpResponse servletServerHttpResponse = new ServletServerHttpResponse(httpServletResponse);
        String str = GetUserIp.getIpAdrress(httpServletRequest) + servletServerHttpRequest.getURI().getPath();
        if (Config.isPassUri(str)) {
            filterChain.doFilter(servletRequest, servletResponse);
            log.debug("进入指定url放行了");
            return;
        }
        String header = httpServletRequest.getHeader("Authorization");
        log.debug("获取的Authorization:" + header);
        if (header == null || "".equals(header)) {
            servletServerHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
            log.debug("用户认证失败URL:" + str);
            httpServletResponse.setCharacterEncoding("UTF-8");
            httpServletResponse.getWriter().write("用户认证失败！");
            return;
        }
        try {
            String substring = header.substring(7);
            if ("DEBUG".equals(substring)) {
                filterChain.doFilter(servletRequest, servletResponse);
                log.debug("DEBUG模式放行了");
                return;
            }
            String decrypt = AESUtil.decrypt(substring, SystemConfig.DataSecurity.getAesKey());
            Claims parseToken = JwtAuthUtil.parseToken(decrypt);
            if (parseToken == null) {
                servletServerHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
                log.debug("用户认证失败URL:" + str);
                httpServletResponse.setCharacterEncoding("UTF-8");
                httpServletResponse.getWriter().write("用户认证失败！");
                return;
            }
            String subject = parseToken.getSubject();
            log.debug("openid=" + subject);
            if (subject == null || "".equals(subject)) {
                servletServerHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
                log.debug("用户认证失败URL:" + str);
                httpServletResponse.setCharacterEncoding("UTF-8");
                httpServletResponse.getWriter().write("用户认证失败！");
                return;
            }
            if (String.valueOf(redisUtil.get("openId_" + subject)).equals(decrypt)) {
                log.debug("-----请求地址：" + httpServletRequest.getRequestURI() + "-----");
                log.debug("进入chain.doFilter");
                filterChain.doFilter(servletRequest, servletResponse);
                log.debug("出入chain.doFilter");
                return;
            }
            servletServerHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
            log.debug("用户认证失败URL:" + str);
            httpServletResponse.setCharacterEncoding("UTF-8");
            httpServletResponse.getWriter().write("用户认证失败,Token不正确！");
        } catch (ServletException e) {
            log.error("过滤器日志ServletException：", e);
            servletServerHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
            log.debug("用户认证失败URL:" + str);
            httpServletResponse.setCharacterEncoding("UTF-8");
            throw e;
        } catch (Throwable th) {
            log.error("过滤器日志Throwable：", th);
            servletServerHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
            log.debug("用户认证失败URL:" + str);
            httpServletResponse.setCharacterEncoding("UTF-8");
            throw new ServletException("获取用户信息错误，Token=" + header, th);
        }
    }

    public void destroy() {
    }
}
