package com.alibaba.nacos.naming.web;

import com.alibaba.nacos.naming.acl.AuthChecker;
import com.alibaba.nacos.naming.exception.NacosException;
import com.alibaba.nacos.naming.misc.Switch;
import com.alibaba.nacos.naming.misc.UtilsAndCommons;
import java.io.IOException;
import java.lang.reflect.Method;
import java.net.URI;
import java.security.AccessControlException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:com/alibaba/nacos/naming/web/AuthFilter.class */
public class AuthFilter implements Filter {

    @Autowired
    private AuthChecker authChecker;
    private static ConcurrentMap<String, Method> methodCache = new ConcurrentHashMap();

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            String path = new URI(httpServletRequest.getRequestURI()).getPath();
            String methodName = getMethodName(path);
            Method method = methodCache.get(methodName);
            if (method == null) {
                method = path.contains(UtilsAndCommons.NACOS_NAMING_RAFT_CONTEXT) ? RaftCommands.class.getMethod(methodName, HttpServletRequest.class, HttpServletResponse.class) : ApiCommands.class.getMethod(methodName, HttpServletRequest.class);
                methodCache.put(methodName, method);
            }
            if (method.isAnnotationPresent(NeedAuth.class) && !Switch.isEnableAuthentication()) {
                if (path.contains(UtilsAndCommons.NACOS_NAMING_RAFT_CONTEXT)) {
                    this.authChecker.doRaftAuth(httpServletRequest);
                } else {
                    this.authChecker.doAuth(httpServletRequest.getParameterMap(), httpServletRequest);
                }
            }
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        } catch (NoSuchMethodException e) {
            httpServletResponse.sendError(501, "no such api");
        } catch (AccessControlException e2) {
            httpServletResponse.sendError(NacosException.NO_RIGHT, "access denied: " + UtilsAndCommons.getAllExceptionMsg(e2));
        } catch (Exception e3) {
            httpServletResponse.sendError(500, "Server failed," + UtilsAndCommons.getAllExceptionMsg(e3));
        }
    }

    public void destroy() {
    }

    protected static String getMethodName(String str) throws Exception {
        String trim = str.substring(str.lastIndexOf("/") + 1).trim();
        if (StringUtils.isEmpty(trim)) {
            throw new IllegalArgumentException("URL target required");
        }
        return trim;
    }
}
