package dev.soffa.foundation.spring.config;

import com.google.common.collect.ImmutableMap;
import dev.soffa.foundation.commons.DigestUtil;
import dev.soffa.foundation.commons.IdGenerator;
import dev.soffa.foundation.commons.Logger;
import dev.soffa.foundation.commons.Mappers;
import dev.soffa.foundation.commons.TextUtil;
import dev.soffa.foundation.context.Context;
import dev.soffa.foundation.context.ContextHolder;
import dev.soffa.foundation.error.ErrorUtil;
import dev.soffa.foundation.multitenancy.TenantHolder;
import dev.soffa.foundation.security.PlatformAuthManager;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.function.Consumer;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:dev/soffa/foundation/spring/config/RequestFilter.class */
public class RequestFilter extends OncePerRequestFilter {
    private static final Logger LOG = Logger.get(RequestFilter.class);
    private PlatformAuthManager authManager;

    public RequestFilter(PlatformAuthManager platformAuthManager) {
        this.authManager = platformAuthManager;
    }

    /* JADX WARN: Finally extract failed */
    protected void doFilterInternal(HttpServletRequest httpServletRequest, final HttpServletResponse httpServletResponse, FilterChain filterChain) {
        if (LOG.isDebugEnabled()) {
            LOG.debug("===================== Serving request: %s %s =====================", new Object[]{httpServletRequest.getMethod(), httpServletRequest.getRequestURI()});
        }
        final Context context = new Context();
        lookupHeader(httpServletRequest, "X-TenantId", "X-Tenant").ifPresent(str -> {
            LOG.debug("Tenant found in header", new Object[]{str});
            context.setTenantId(str);
            TenantHolder.set(str);
        });
        Optional<String> lookupHeader = lookupHeader(httpServletRequest, "X-Application", "X-ApplicationName", "X-ApplicationId", "X-App");
        Objects.requireNonNull(context);
        lookupHeader.ifPresent(context::setApplicationName);
        Optional<String> lookupHeader2 = lookupHeader(httpServletRequest, "X-TraceId", "X-Trace-Id");
        Objects.requireNonNull(context);
        lookupHeader2.ifPresent(context::setTraceId);
        Optional<String> lookupHeader3 = lookupHeader(httpServletRequest, "traceparent");
        Objects.requireNonNull(context);
        lookupHeader3.ifPresent(context::setTraceId);
        LOG.debug("Pre-setting context with tracing data", new Object[0]);
        processTracing(context);
        ContextHolder.set(context);
        final AtomicBoolean atomicBoolean = new AtomicBoolean(true);
        LOG.debug("Looking up authorization", new Object[0]);
        lookupHeader(httpServletRequest, "Authorization", "X-JWT-Assertion", "X-JWT-Assertions").ifPresent(new Consumer<String>() { // from class: dev.soffa.foundation.spring.config.RequestFilter.1
            @Override // java.util.function.Consumer
            public void accept(String str2) {
                if (RequestFilter.LOG.isDebugEnabled()) {
                    RequestFilter.LOG.debug("Authorization header found, fingerpint: %s", new Object[]{DigestUtil.md5(str2)});
                }
                try {
                    RequestFilter.this.authManager.handle(context, str2);
                } catch (Exception e) {
                    atomicBoolean.set(false);
                    int resolveErrorCode = ErrorUtil.resolveErrorCode(e);
                    if (resolveErrorCode > -1) {
                        httpServletResponse.setContentType("application/json");
                        httpServletResponse.sendError(resolveErrorCode, Mappers.JSON.serialize(ImmutableMap.of("message", e.getMessage())));
                    } else if (e instanceof AccessDeniedException) {
                        httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), e.getMessage());
                    } else {
                        RequestFilter.LOG.error(e);
                        httpServletResponse.sendError(HttpStatus.INTERNAL_SERVER_ERROR.value(), e.getMessage());
                    }
                }
            }
        });
        if (!atomicBoolean.get()) {
            LOG.debug("Aborting current request", new Object[0]);
            return;
        }
        try {
            LOG.debug("Setting request context and tenant before proceeding", new Object[0]);
            ContextHolder.set(context);
            TenantHolder.set(context.getTenantId());
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            if (LOG.isDebugEnabled() && context.getSideEffects() != null && !context.getSideEffects().isEmpty()) {
                LOG.debug("SIDE_EFFECTS", new Object[0]);
                LOG.debug(Mappers.JSON.prettyPrint(context.getSideEffects()), new Object[0]);
            }
            ContextHolder.clear();
            TenantHolder.clear();
        } catch (Throwable th) {
            if (LOG.isDebugEnabled() && context.getSideEffects() != null && !context.getSideEffects().isEmpty()) {
                LOG.debug("SIDE_EFFECTS", new Object[0]);
                LOG.debug(Mappers.JSON.prettyPrint(context.getSideEffects()), new Object[0]);
            }
            ContextHolder.clear();
            TenantHolder.clear();
            throw th;
        }
    }

    private void processTracing(Context context) {
        String str = "";
        if (context.getTenantId() != null) {
            str = context.getTenantId() + "_";
            Logger.setTenantId(context.getTenantId());
        }
        if (TextUtil.isEmpty(context.getSpanId())) {
            context.setSpanId(IdGenerator.shortUUID(new String[]{str}));
        }
        if (TextUtil.isEmpty(context.getTraceId())) {
            context.setTraceId(IdGenerator.shortUUID(new String[]{str}));
        }
    }

    protected boolean shouldNotFilter(HttpServletRequest httpServletRequest) {
        if ("OPTIONS".equalsIgnoreCase(httpServletRequest.getMethod())) {
            return true;
        }
        String replace = ("/" + httpServletRequest.getRequestURI().split("\\?")[0].replaceAll("^/|/$", "".toLowerCase())).replace(httpServletRequest.getContextPath(), "");
        if (!replace.startsWith("/")) {
            replace = "/";
        }
        if (replace.matches(".*\\.(css|js|ts|html|htm|map|g?zip|gz|ico|png|gif|svg|woff|ttf|eot|jpe?g2?)$")) {
            return true;
        }
        if (replace.matches("/swagger.*") || replace.matches("/v3/api-docs/?.*?")) {
            return true;
        }
        return replace.matches("/actuator/.*|/healthz");
    }

    private Optional<String> lookupHeader(HttpServletRequest httpServletRequest, String... strArr) {
        for (String str : strArr) {
            String header = httpServletRequest.getHeader(str);
            if (TextUtil.isNotEmpty(new String[]{header})) {
                return Optional.of(header.trim());
            }
        }
        return Optional.empty();
    }

    public RequestFilter() {
    }
}
