package org.beast.security.web.context;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.beast.security.core.UserToken;
import org.beast.security.core.codec.UserTokenCodec;
import org.beast.security.core.exception.TokenException;
import org.beast.security.web.resolver.CookieTokenValueWebExtractor;
import org.beast.security.web.resolver.HeaderTokenValueWebExtractor;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.context.SecurityContextImpl;
import org.springframework.security.web.context.HttpRequestResponseHolder;
import org.springframework.security.web.context.SecurityContextRepository;
import org.springframework.util.ObjectUtils;

/* loaded from: input_file:org/beast/security/web/context/UserSecurityContextRepository.class */
public class UserSecurityContextRepository implements SecurityContextRepository {
    private static final Logger log = LoggerFactory.getLogger(UserSecurityContextRepository.class);
    private final UserTokenCodec codec = new UserTokenCodec();
    private HeaderTokenValueWebExtractor headerTokenValueWebExtractor = new HeaderTokenValueWebExtractor("X-U-Token");
    private CookieTokenValueWebExtractor cookieTokenValueWebExtractor = new CookieTokenValueWebExtractor("u-token");

    public SecurityContext loadContext(HttpRequestResponseHolder httpRequestResponseHolder) {
        HttpServletRequest request = httpRequestResponseHolder.getRequest();
        String extract = this.headerTokenValueWebExtractor.extract(request);
        if (extract == null) {
            extract = this.cookieTokenValueWebExtractor.extract(request);
        }
        if (ObjectUtils.isEmpty(extract)) {
            return SecurityContextHolder.createEmptyContext();
        }
        try {
            UserToken decode = this.codec.decode(extract);
            decode.verify();
            UserAuthorizationToken userAuthorizationToken = new UserAuthorizationToken(decode);
            userAuthorizationToken.setAuthenticated(true);
            return new SecurityContextImpl(userAuthorizationToken);
        } catch (Exception e) {
            log.warn("token invalid, token:{}", extract, e);
            return SecurityContextHolder.createEmptyContext();
        } catch (TokenException e2) {
            log.warn("token exception, token: {}", extract, e2);
            return SecurityContextHolder.createEmptyContext();
        }
    }

    public void saveContext(SecurityContext securityContext, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
    }

    public boolean containsContext(HttpServletRequest httpServletRequest) {
        return false;
    }
}
