package kd.bos.auth.filter.impl;

import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import kd.bos.auth.filter.AuthFilter;
import kd.bos.auth.filter.HandleResult;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.dc.api.model.Account;
import kd.bos.dc.utils.AccountUtils;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.openapi.common.constant.ApiErrorCode;
import kd.bos.openapi.common.constant.ResSystemType;
import kd.bos.openapi.common.exception.OpenApiException;
import kd.bos.openapi.common.util.ApiDataUtil;
import kd.bos.openapi.common.util.EncryptUtil;
import kd.bos.openapi.common.util.McConfigUtil;
import kd.bos.openapi.common.util.StringUtil;
import kd.bos.openapi.kcf.context.OpenApiAuthContext;
import kd.bos.openapi.kcf.result.ResultProcessUtil;
import kd.bos.openapi.kcf.spi.OpenApiServiceManager;
import kd.bos.openapi.kcf.utils.ApiAuthLogUtil;
import kd.bos.openapi.kcf.utils.OpenApiExceptionUtil;
import kd.bos.service.authorize.model.ApiCommonResult;
import kd.bos.service.authorize.model.AuthInfo;
import kd.bos.service.authorize.model.AuthResult;

/* loaded from: input_file:kd/bos/auth/filter/impl/BasicAuthFilter.class */
public class BasicAuthFilter extends AbstractCommonFilter implements AuthFilter {
    private static final Log log = LogFactory.getLog(BasicAuthFilter.class);

    @Override // kd.bos.auth.filter.AuthFilter
    public HandleResult<ApiCommonResult> doFilter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        long currentTimeMillis = System.currentTimeMillis();
        String apiUrl = ApiDataUtil.getApiUrl(httpServletRequest);
        try {
            try {
                String authType = OpenApiAuthContext.getContext().getAuthType();
                String requestURI = httpServletRequest.getRequestURI();
                String basicAuthParamsByRequest = getBasicAuthParamsByRequest(requestURI, "openapisign");
                if ((StringUtil.isNotEmpty(authType) && !"4".equalsIgnoreCase(authType)) || StringUtil.isEmpty(basicAuthParamsByRequest)) {
                    HandleResult<ApiCommonResult> handleResult = HandleResult.getHandleResult(null);
                    handleResult.setHandled(false);
                    int currentTimeMillis2 = (int) (System.currentTimeMillis() - currentTimeMillis);
                    if (OpenApiAuthContext.getContext().isParamErrorCode()) {
                        ApiAuthLogUtil.writeAuthApiLog(apiUrl, currentTimeMillis2);
                    }
                    return handleResult;
                }
                if (!EncryptUtil.isBase64(basicAuthParamsByRequest)) {
                    throw new OpenApiException(ApiErrorCode.LOGIN_BIZ_ERROR, String.format(ResManager.loadKDString("认证信息不正确，认证不通过。%1$s", "DigestFilter_2", ResSystemType.KCF.getType(), new Object[0]), "accessKey is invalid"), new Object[0]);
                }
                Map<String, String> accountIdAndSignCode = getAccountIdAndSignCode(basicAuthParamsByRequest);
                String str = accountIdAndSignCode.get("signCode");
                if (!EncryptUtil.isBase64(str)) {
                    throw new OpenApiException(ApiErrorCode.LOGIN_BIZ_ERROR, String.format(ResManager.loadKDString("认证信息不正确，认证不通过。%1$s", "DigestFilter_2", ResSystemType.KCF.getType(), new Object[0]), "signCode is invalid"), new Object[0]);
                }
                String str2 = accountIdAndSignCode.get("accountId");
                if (OpenApiAuthContext.getContext().getHeaders().get("accountId") != null) {
                    str2 = OpenApiAuthContext.getContext().getHeaders().get("accountId");
                }
                Account accountById = AccountUtils.getAccountById(str2);
                if (accountById == null) {
                    throw new OpenApiException(ApiErrorCode.HTTP_BAD_REQUEST, ResManager.loadKDString("获取数据中心错误。", "DigestFilter_1", ResSystemType.KCF.getType(), new Object[0]), new Object[0]);
                }
                AuthInfo of = AuthInfo.of("4", str, str2);
                of.setUrl(requestURI.substring(httpServletRequest.getContextPath().length()));
                of.setCommonAuth(true);
                AuthResult auth = OpenApiServiceManager.getOpenApiAuthService().auth(of);
                if (!auth.isStatus()) {
                    throw new OpenApiException(ApiErrorCode.HTTP_UNAUTHORIZED, String.format(ResManager.loadKDString("认证信息不正确，认证不通过。%1$s", "DigestFilter_2", ResSystemType.KCF.getType(), new Object[0]), auth.getMessage()), new Object[0]);
                }
                ApiCommonResult successResult = ApiCommonResult.getSuccessResult("0", ResManager.loadKDString("基本认证通过。", "BasicAuthFilter_0", ResSystemType.KCF.getType(), new Object[0]));
                successResult.setData(auth);
                ((AuthResult) successResult.getData()).setAccountId(accountById.getAccountId());
                if (McConfigUtil.isSecurityLogOpen(RequestContext.get().getTenantId())) {
                    log.info("BasicAuth pass.");
                }
                HandleResult<ApiCommonResult> handleResult2 = HandleResult.getHandleResult(successResult);
                int currentTimeMillis3 = (int) (System.currentTimeMillis() - currentTimeMillis);
                if (OpenApiAuthContext.getContext().isParamErrorCode()) {
                    ApiAuthLogUtil.writeAuthApiLog(apiUrl, currentTimeMillis3);
                }
                return handleResult2;
            } catch (Throwable th) {
                String str3 = "----BasicAuth OpenApi Auth Failed. error:" + th.getMessage();
                log.error(str3, th);
                ApiCommonResult failResult = ApiCommonResult.getFailResult(ApiErrorCode.HTTP_BAD_REQUEST.getStatusCode(), str3);
                OpenApiExceptionUtil.handleAuthException(th, httpServletResponse, failResult);
                ResultProcessUtil.processAuthResult(httpServletRequest, httpServletResponse, failResult, true);
                HandleResult<ApiCommonResult> handleResult3 = HandleResult.getHandleResult(failResult);
                int currentTimeMillis4 = (int) (System.currentTimeMillis() - currentTimeMillis);
                if (OpenApiAuthContext.getContext().isParamErrorCode()) {
                    ApiAuthLogUtil.writeAuthApiLog(apiUrl, currentTimeMillis4);
                }
                return handleResult3;
            }
        } catch (Throwable th2) {
            int currentTimeMillis5 = (int) (System.currentTimeMillis() - currentTimeMillis);
            if (OpenApiAuthContext.getContext().isParamErrorCode()) {
                ApiAuthLogUtil.writeAuthApiLog(apiUrl, currentTimeMillis5);
            }
            throw th2;
        }
    }
}
