package kd.bos.mservice.auth.filter;

import kd.bos.bundle.BosRes;
import kd.bos.extension.ExtensionFactory;
import kd.bos.mservice.auth.api.AuthContext;
import kd.bos.mservice.auth.api.AuthorizationService;
import kd.bos.mservice.auth.api.Filter;
import kd.bos.mservice.auth.api.FilterChain;
import kd.bos.mservice.auth.constant.AuthType;
import kd.bos.mservice.auth.exception.AuthErrorCode;
import kd.bos.mservice.auth.exception.AuthException;
import kd.bos.mservice.sdk.extension.Activate;
import kd.bos.util.StringUtils;

@Activate(value = {"${mservice.auth.enable}", "${mservice.auth.check.filter.enable}"}, order = -900000)
/* loaded from: input_file:kd/bos/mservice/auth/filter/AuthCheckFilterImpl.class */
public class AuthCheckFilterImpl implements Filter {
    public void doFilter(AuthContext authContext, FilterChain filterChain) {
        if (authContext == null) {
            throw new AuthException(AuthErrorCode.DATA_INVALID, new Object[]{BosRes.get("bos-mservice-auth", "authCheck3", "微服务鉴权不通过，缺少验权信息。", new Object[0])});
        }
        String authType = getAuthType(authContext);
        ExtensionFactory extensionFacotry = ExtensionFactory.getExtensionFacotry(AuthorizationService.class);
        if (!extensionFacotry.existsExtension(authType)) {
            throw new AuthException(AuthErrorCode.DATA_INVALID, new Object[]{BosRes.get("bos-mservice-auth", "authCheck1", "微服务鉴权不通过，请选择有效的认证方式。", new Object[0])});
        }
        try {
            ((AuthorizationService) extensionFacotry.getExtension(authType)).authorize(authContext);
            filterChain.doFilter(authContext);
        } catch (Exception e) {
            throw new AuthException(e, AuthErrorCode.UNAUTHORIZED, new Object[]{BosRes.get("bos-mservice-auth", "authCheck2", "微服务鉴权不通过，认证信息不正确。", new Object[0])});
        }
    }

    private String getAuthType(AuthContext authContext) {
        return StringUtils.isNotEmpty(authContext.getAuthType()) ? authContext.getAuthType() : AuthType.getDefaultAuthType();
    }
}
