package com.alibaba.csp.sentinel.dashboard.auth;

import com.alibaba.csp.sentinel.dashboard.auth.AuthService;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.util.AntPathMatcher;

/* loaded from: input_file:BOOT-INF/classes/com/alibaba/csp/sentinel/dashboard/auth/DefaultLoginAuthenticationFilter.class */
public class DefaultLoginAuthenticationFilter implements LoginAuthenticationFilter {
    private static final AntPathMatcher PATH_MATCHER = new AntPathMatcher();
    private static final String URL_SUFFIX_DOT = ".";

    @Value("#{'${auth.filter.exclude-urls}'.split(',')}")
    private List<String> authFilterExcludeUrls;

    @Value("#{'${auth.filter.exclude-url-suffixes}'.split(',')}")
    private List<String> authFilterExcludeUrlSuffixes;
    private final AuthService<HttpServletRequest> authService;

    public DefaultLoginAuthenticationFilter(AuthService<HttpServletRequest> authService) {
        this.authService = authService;
    }

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String servletPath = httpServletRequest.getServletPath();
        if (this.authFilterExcludeUrls.stream().anyMatch(str -> {
            return PATH_MATCHER.match(str, servletPath);
        })) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        Iterator<String> it = this.authFilterExcludeUrlSuffixes.iterator();
        while (it.hasNext()) {
            String next = it.next();
            if (!StringUtils.isBlank(next)) {
                if (!next.startsWith(".")) {
                    next = "." + next;
                }
                if (servletPath.endsWith(next)) {
                    filterChain.doFilter(servletRequest, servletResponse);
                    return;
                }
            }
        }
        AuthService.AuthUser authUser = this.authService.getAuthUser(httpServletRequest);
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (authUser == null) {
            httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
