package cn.bctools.oauth2.config;

import cn.bctools.common.entity.dto.DataScopeDto;
import cn.bctools.common.entity.dto.UserInfoDto;
import cn.bctools.common.exception.BusinessException;
import cn.bctools.common.utils.BeanCopyUtil;
import cn.bctools.common.utils.ObjectNull;
import cn.bctools.common.utils.SpringContextUtil;
import cn.bctools.common.utils.SystemThreadLocal;
import cn.bctools.common.utils.TenantContextHolder;
import cn.bctools.database.interceptor.datascope.DataScopeContextHolder;
import cn.bctools.oauth2.dto.CustomUser;
import cn.bctools.oauth2.utils.UserCurrentUtils;
import cn.hutool.core.bean.BeanUtil;
import cn.hutool.core.bean.copier.CopyOptions;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:cn/bctools/oauth2/config/JvsUserAuthenticationConverter.class */
public class JvsUserAuthenticationConverter extends DefaultUserAuthenticationConverter {
    public static final String MGR = "-mgr";
    public static final String BIZ = "-biz";
    private static final Logger log = LoggerFactory.getLogger(JvsUserAuthenticationConverter.class);
    private static final AntPathMatcher MATCHER = new AntPathMatcher();

    public Authentication extractAuthentication(Map<String, ?> map) {
        CustomUser customUser = (CustomUser) BeanUtil.mapToBean(map, CustomUser.class, false, CopyOptions.create());
        UserInfoDto userInfoDto = (UserInfoDto) BeanCopyUtil.copy(customUser, UserInfoDto.class);
        if (Objects.isNull(userInfoDto.getUserDto())) {
            throw new BusinessException("授权无效或已过期");
        }
        SystemThreadLocal.set(UserCurrentUtils.USER, userInfoDto);
        TenantContextHolder.setTenantId(userInfoDto.getUserDto().getTenantId());
        DataScopeContextHolder.setDataScope(getMatchedDataScope(userInfoDto.getDataScope()));
        return new UsernamePasswordAuthenticationToken(userInfoDto, "N/A", customUser.getAuthorities());
    }

    private DataScopeDto getMatchedDataScope(List<DataScopeDto> list) {
        ServletRequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        if (Objects.isNull(requestAttributes)) {
            log.error("请求异常");
            return null;
        }
        HttpServletRequest request = requestAttributes.getRequest();
        String method = request.getMethod();
        String requestURI = request.getRequestURI();
        log.info("请求地址: {}", requestURI);
        if (ObjectUtils.isEmpty(list)) {
            log.info("当前用户数据权限为空");
            return null;
        }
        String addUriPrefix = addUriPrefix(requestURI);
        log.info("匹配原始请求地址: {}", addUriPrefix);
        DataScopeDto orElse = list.stream().filter(dataScopeDto -> {
            return method.equals(dataScopeDto.getDataApi().getType());
        }).filter(dataScopeDto2 -> {
            return MATCHER.match(dataScopeDto2.getDataApi().getApi(), addUriPrefix);
        }).findAny().orElse(null);
        if (ObjectNull.isNotNull(new Object[]{orElse})) {
            log.info("最匹配的数据权限路径: {}", orElse.getDataApi().getApi());
        } else {
            log.info("没有匹配的数据权限");
        }
        return orElse;
    }

    private String addUriPrefix(String str) {
        String applicationContextName = SpringContextUtil.getApplicationContextName();
        if (StringUtils.isNotBlank(applicationContextName)) {
            int length = applicationContextName.length();
            if (applicationContextName.endsWith(MGR)) {
                str = "/mgr/" + applicationContextName.substring(0, length - MGR.length()) + str;
            }
            if (applicationContextName.endsWith(BIZ)) {
                str = "/api/" + applicationContextName.substring(0, length - BIZ.length()) + str;
            }
        }
        return str;
    }
}
