package com.xforceplus.delivery.cloud.gateway.filter;

import com.xforceplus.delivery.cloud.common.api.AjaxResult;
import com.xforceplus.delivery.cloud.common.properties.ClientSecretProperties;
import com.xforceplus.delivery.cloud.common.properties.GlobalProperties;
import com.xforceplus.delivery.cloud.gateway.component.ISsoTokenUrlHandler;
import com.xforceplus.delivery.cloud.gateway.component.ISsoUserInfoHandler;
import com.xforceplus.delivery.cloud.gateway.webflux.SsoCallbackFailureHandler;
import java.nio.charset.StandardCharsets;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
import org.springframework.cloud.gateway.route.Route;
import org.springframework.cloud.gateway.support.ServerWebExchangeUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.util.Base64Utils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

@ConditionalOnProperty(prefix = "delivery.cloud.gateway.filter.sso.callback", name = {"enabled"}, havingValue = "true", matchIfMissing = true)
@Component
/* loaded from: input_file:com/xforceplus/delivery/cloud/gateway/filter/SsoCallbackGatewayFilterFactory.class */
public class SsoCallbackGatewayFilterFactory extends AbstractGatewayFilterFactory<Object> {
    private static final Logger log = LoggerFactory.getLogger(SsoCallbackGatewayFilterFactory.class);

    @Autowired
    private GlobalProperties globalProperties;

    @Autowired
    private ISsoTokenUrlHandler iSsoTokenUrlHandler;

    @Autowired
    private ISsoUserInfoHandler iSsoUserInfoHandler;

    @Autowired
    private SsoCallbackFailureHandler ssoCallbackFailureHandler;

    public GatewayFilter apply(Object obj) {
        return (serverWebExchange, gatewayFilterChain) -> {
            ServerHttpRequest request = serverWebExchange.getRequest();
            AjaxResult ssoToken = this.iSsoTokenUrlHandler.getSsoToken((String) request.getQueryParams().getFirst("code"));
            if (!ssoToken.isOk()) {
                return this.ssoCallbackFailureHandler.logoutTo(serverWebExchange, gatewayFilterChain, ssoToken);
            }
            AjaxResult userInfo = this.iSsoUserInfoHandler.getUserInfo((String) ssoToken.getData());
            return !userInfo.isOk() ? this.ssoCallbackFailureHandler.logoutTo(serverWebExchange, gatewayFilterChain, userInfo) : forwardTo(serverWebExchange, gatewayFilterChain, request, (String) userInfo.getData());
        };
    }

    protected Mono<Void> forwardTo(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain, ServerHttpRequest serverHttpRequest, String str) {
        String str2 = new String(Base64Utils.decodeFromString((String) serverHttpRequest.getQueryParams().getFirst("state")));
        ClientSecretProperties oauth = this.globalProperties.getOauth();
        ServerHttpRequest build = serverHttpRequest.mutate().header("SSO_USER_CODE", new String[]{str}).header("Authorization", new String[]{"Basic " + HttpHeaders.encodeBasicAuth(oauth.getClientId(), oauth.getClientSecret(), StandardCharsets.UTF_8)}).path("/" + str2 + "/sso/redirectTo").build();
        Route route = (Route) serverWebExchange.getAttribute(ServerWebExchangeUtils.GATEWAY_ROUTE_ATTR);
        serverWebExchange.getAttributes().put(ServerWebExchangeUtils.GATEWAY_ROUTE_ATTR, Route.async().asyncPredicate(route.getPredicate()).filters(route.getFilters()).id(route.getId()).order(route.getOrder()).uri("lb://" + str2).build());
        return gatewayFilterChain.filter(serverWebExchange.mutate().request(build).build());
    }
}
