package com.geoway.landteam.gas.authentication.server.miniapp;

import com.geoway.landteam.gas.authentication.server.utils.ResponseWriter;
import com.gw.base.data.result.GiResult;
import java.io.IOException;
import java.util.Objects;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.client.RestOperations;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.util.UriComponentsBuilder;

/* loaded from: input_file:com/geoway/landteam/gas/authentication/server/miniapp/MiniAppPreAuthenticationFilter.class */
public class MiniAppPreAuthenticationFilter extends OncePerRequestFilter {
    private static final String ENDPOINT = "https://api.weixin.qq.com/sns/jscode2session";
    private static final String MINI_CLIENT_KEY = "clientId";
    private static final String JS_CODE_KEY = "jsCode";
    private static final String ATTRIBUTE_KEY = "miniappAuth";
    private final MiniAppClientService miniAppClientService;
    private final MiniAppSessionKeyCache miniAppSessionKeyCache;
    private final RequestMatcher requiresAuthenticationRequestMatcher = new AntPathRequestMatcher("/miniapp/preauth", "POST");
    private final PreAuthResponseWriter preAuthResponseWriter = new PreAuthResponseWriter();
    private final RestOperations restOperations = new RestTemplate();

    /* loaded from: input_file:com/geoway/landteam/gas/authentication/server/miniapp/MiniAppPreAuthenticationFilter$PreAuthResponseWriter.class */
    private static class PreAuthResponseWriter extends ResponseWriter {
        private PreAuthResponseWriter() {
        }

        @Override // com.geoway.landteam.gas.authentication.server.utils.ResponseWriter
        protected GiResult<?> body(HttpServletRequest httpServletRequest) {
            return GiResult.successValue((WechatLoginResponse) httpServletRequest.getAttribute(MiniAppPreAuthenticationFilter.ATTRIBUTE_KEY));
        }
    }

    public MiniAppPreAuthenticationFilter(MiniAppClientService miniAppClientService, MiniAppSessionKeyCache miniAppSessionKeyCache) {
        this.miniAppClientService = miniAppClientService;
        this.miniAppSessionKeyCache = miniAppSessionKeyCache;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (httpServletResponse.isCommitted()) {
            return;
        }
        if (!this.requiresAuthenticationRequestMatcher.matches(httpServletRequest)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String parameter = httpServletRequest.getParameter(MINI_CLIENT_KEY);
        WechatLoginResponse response = getResponse(this.miniAppClientService.get(parameter), httpServletRequest.getParameter(JS_CODE_KEY));
        this.miniAppSessionKeyCache.put(parameter + "::" + response.getOpenid(), response.getSessionKey());
        response.setSessionKey(null);
        httpServletRequest.setAttribute(ATTRIBUTE_KEY, response);
        this.preAuthResponseWriter.write(httpServletRequest, httpServletResponse);
    }

    private WechatLoginResponse getResponse(MiniAppClient miniAppClient, String str) {
        LinkedMultiValueMap linkedMultiValueMap = new LinkedMultiValueMap();
        linkedMultiValueMap.add("appid", miniAppClient.getAppId());
        linkedMultiValueMap.add("secret", miniAppClient.getSecret());
        linkedMultiValueMap.add("js_code", str);
        linkedMultiValueMap.add("grant_type", "authorization_code");
        if (Objects.isNull((String) this.restOperations.getForObject(UriComponentsBuilder.fromHttpUrl(ENDPOINT).queryParams(linkedMultiValueMap).build().toUri(), String.class))) {
            throw new BadCredentialsException("miniapp response is null");
        }
        return null;
    }
}
