package com.hccake.ballcat.auth.filter;

import com.hccake.ballcat.common.core.request.wrapper.ModifyParamMapRequestWrapper;
import com.hccake.ballcat.common.model.result.R;
import com.hccake.ballcat.common.model.result.SystemResultCode;
import com.hccake.ballcat.common.security.util.PasswordUtils;
import com.hccake.ballcat.common.security.util.SecurityUtils;
import com.hccake.ballcat.common.util.JsonUtils;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/hccake/ballcat/auth/filter/LoginPasswordDecoderFilter.class */
public class LoginPasswordDecoderFilter extends OncePerRequestFilter {
    private static final Logger log = LoggerFactory.getLogger(LoginPasswordDecoderFilter.class);
    private final String passwordSecretKey;
    private static final String PASSWORD = "password";
    private static final String GRANT_TYPE = "grant_type";

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        if (this.passwordSecretKey == null) {
            log.warn("passwordSecretKey not configured, skip password decoder");
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        if (SecurityUtils.isTestClient()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        HashMap hashMap = new HashMap(httpServletRequest.getParameterMap());
        String parameter = httpServletRequest.getParameter(PASSWORD);
        try {
            if (httpServletRequest.getParameter(GRANT_TYPE).equals(PASSWORD)) {
                hashMap.put(PASSWORD, new String[]{PasswordUtils.decodeAES(parameter, this.passwordSecretKey)});
            }
            filterChain.doFilter(new ModifyParamMapRequestWrapper(httpServletRequest, hashMap), httpServletResponse);
        } catch (Exception e) {
            log.error("[doFilterInternal] password decode aes error，passwordAes: {}，passwordSecretKey: {}", new Object[]{parameter, this.passwordSecretKey, e});
            httpServletResponse.setHeader("Content-Type", MediaType.APPLICATION_JSON.toString());
            httpServletResponse.setHeader("Accept-Charset", StandardCharsets.UTF_8.toString());
            httpServletResponse.setStatus(HttpStatus.BAD_REQUEST.value());
            httpServletResponse.getWriter().write(JsonUtils.toJson(R.failed(SystemResultCode.UNAUTHORIZED, "用户名或密码错误！")));
        }
    }

    public LoginPasswordDecoderFilter(String str) {
        this.passwordSecretKey = str;
    }
}
