package cn.gudqs.system.interceptor;

import cn.gudqs.exception.CustomException;
import cn.gudqs.exception.ErrorCodes;
import cn.gudqs.system.admin.service.ISysAuthService;
import cn.gudqs.util.CommonUtil;
import cn.gudqs.util.JsonResultUtil;
import cn.gudqs.util.JsonUtils;
import cn.gudqs.util.JwtUtil;
import com.auth0.jwt.interfaces.Claim;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

@Component
/* loaded from: input_file:cn/gudqs/system/interceptor/AdminInterceptor.class */
public class AdminInterceptor implements HandlerInterceptor {

    @Value("${project.env}")
    private String env;
    private static final List<String> NO_AUTH_URLS = new ArrayList();

    @Resource
    private ISysAuthService sysAuthService;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        Map<String, Claim> verify;
        boolean z = true;
        try {
            verify = JwtUtil.verify(httpServletRequest.getHeader("Authorization"));
        } catch (Exception e) {
            ErrorCodes errorCodes = ErrorCodes.TOKEN_ERROR;
            if (e instanceof CustomException) {
                CustomException customException = e;
                if (customException.getStatusCode().intValue() == ErrorCodes.TOKEN_NOT_MATCH.getCode()) {
                    errorCodes = ErrorCodes.TOKEN_NOT_MATCH;
                }
                if (customException.getStatusCode().intValue() == ErrorCodes.NO_PERMISSION.getCode()) {
                    errorCodes = ErrorCodes.NO_PERMISSION;
                }
            }
            if (CommonUtil.isDev(this.env)) {
                CommonUtil.setUserId("1", httpServletRequest);
            } else {
                httpServletResponse.setContentType("application/json;charset=UTF-8");
                httpServletResponse.getWriter().print(JsonUtils.getJsonString(JsonResultUtil.errorResult(errorCodes)));
                z = false;
            }
        }
        if (!verify.containsKey("type")) {
            throw new CustomException(ErrorCodes.TOKEN_ERROR);
        }
        String asString = verify.get("type").asString();
        if (!("1".equals(asString) || "2".equals(asString))) {
            throw new CustomException(ErrorCodes.TOKEN_NOT_MATCH);
        }
        if (verify.containsKey("uid")) {
            String asString2 = verify.get("uid").asString();
            int parseInt = Integer.parseInt(asString2);
            CommonUtil.setUserId(asString2, httpServletRequest);
            String requestURI = httpServletRequest.getRequestURI();
            if (!NO_AUTH_URLS.contains(requestURI) && !this.sysAuthService.hasPermission(parseInt, requestURI)) {
                throw new CustomException(ErrorCodes.NO_PERMISSION);
            }
        }
        return z;
    }

    static {
        NO_AUTH_URLS.add("/admin/menu/findAll");
        NO_AUTH_URLS.add("/admin/auth/findAll");
    }
}
