package com.els.base.auth.web.security.impl;

import com.auth0.jwt.JWT;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.els.base.auth.exception.InvalidTokenException;
import java.io.IOException;
import java.util.Date;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;

/* loaded from: input_file:com/els/base/auth/web/security/impl/CustomSsoAuthenticationFilter.class */
public class CustomSsoAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private static final Logger logger = LoggerFactory.getLogger(CustomSsoAuthenticationFilter.class);

    public CustomSsoAuthenticationFilter() {
        super("/sso");
    }

    public Authentication attemptAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws AuthenticationException, IOException, ServletException {
        String parameter = httpServletRequest.getParameter("token");
        if (StringUtils.isBlank(parameter)) {
            throw new InvalidTokenException("token不能为空");
        }
        try {
            DecodedJWT decode = JWT.decode(parameter);
            String subject = decode.getSubject();
            Date expiresAt = decode.getExpiresAt();
            if (expiresAt != null && expiresAt.getTime() < System.currentTimeMillis()) {
                throw new InvalidTokenException("token已过期,请重新获取");
            }
            return getAuthenticationManager().authenticate(new UsernamePasswordAuthenticationToken(subject, parameter));
        } catch (JWTDecodeException e) {
            logger.error("token无效", e);
            throw new InvalidTokenException("无效token");
        }
    }
}
