package org.zodiac.security.http.reactive.interceptor;

import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.lang.NonNull;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import org.zodiac.commons.util.serialize.JsonUtil;
import org.zodiac.commons.util.web.ReactiveRequests;
import org.zodiac.commons.web.ReactiveUrlPathHelper;
import org.zodiac.sdk.toolkit.util.collection.CollUtil;
import org.zodiac.security.config.SecurityHttpInfo;
import org.zodiac.security.http.reactive.ReactiveResponseProvider;
import org.zodiac.security.registry.SecurityRegistry;
import org.zodiac.security.util.SecurityReactiveAuthUtil;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/zodiac/security/http/reactive/interceptor/TokenInterceptor.class */
public class TokenInterceptor implements WebFilter {
    private static final Logger LOG = LoggerFactory.getLogger(TokenInterceptor.class);
    private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher();
    private ReactiveUrlPathHelper urlPathHelper = new ReactiveUrlPathHelper();
    private List<String> excludePathPatterns;
    private final SecurityRegistry securityRegistry;
    private final SecurityHttpInfo securityHttpInfo;

    public TokenInterceptor(SecurityRegistry securityRegistry, SecurityHttpInfo securityHttpInfo) {
        this.securityRegistry = securityRegistry;
        this.securityHttpInfo = securityHttpInfo;
        if (!this.securityRegistry.isEnabled() && !this.securityHttpInfo.isEnabled()) {
            this.excludePathPatterns = Collections.emptyList();
            return;
        }
        List<String> list = CollUtil.list();
        list.addAll(this.securityRegistry.getExcludePatterns());
        list.addAll(this.securityRegistry.getDefaultExcludePatterns());
        list.addAll(this.securityHttpInfo.getIgnoredUrls());
        this.excludePathPatterns = list;
    }

    public Mono<Void> filter(@NonNull ServerWebExchange serverWebExchange, @NonNull WebFilterChain webFilterChain) {
        if (this.securityRegistry.isEnabled() || this.securityHttpInfo.isEnabled()) {
            ServerHttpRequest request = serverWebExchange.getRequest();
            ServerHttpResponse response = serverWebExchange.getResponse();
            if (CollUtil.isNotEmptyColl(this.excludePathPatterns)) {
                Iterator<String> it = this.excludePathPatterns.iterator();
                while (it.hasNext()) {
                    if (ANT_PATH_MATCHER.match(it.next(), this.urlPathHelper.getLookupPathForRequest(request))) {
                        return webFilterChain.filter(serverWebExchange);
                    }
                }
            }
            if (!checkToken(request)) {
                LOG.warn("签名认证失败，请求接口：{}，请求IP：{}，请求参数：{}", new Object[]{ReactiveRequests.getRequestUrl(request), ReactiveRequests.getIpAddress(request), JsonUtil.objectToJson(request.getQueryParams())});
                return ReactiveResponseProvider.writeWith(response);
            }
        }
        return webFilterChain.filter(serverWebExchange);
    }

    public ReactiveUrlPathHelper getUrlPathHelper() {
        return this.urlPathHelper;
    }

    public void setUrlPathHelper(ReactiveUrlPathHelper reactiveUrlPathHelper) {
        this.urlPathHelper = (ReactiveUrlPathHelper) Objects.requireNonNull(reactiveUrlPathHelper, "UrlPathHelper must not be null");
    }

    public void setAlwaysUseFullPath(boolean z) {
        this.urlPathHelper.setAlwaysUseFullPath(z);
    }

    public void setUrlDecode(boolean z) {
        this.urlPathHelper.setUrlDecode(z);
    }

    public void setRemoveSemicolonContent(boolean z) {
        this.urlPathHelper.setRemoveSemicolonContent(z);
    }

    private boolean checkToken(ServerHttpRequest serverHttpRequest) {
        return null != SecurityReactiveAuthUtil.getUser();
    }
}
