package com.nepxion.permission.aop;

import com.nepxion.matrix.proxy.aop.AbstractInterceptor;
import com.nepxion.permission.annotation.Permission;
import com.nepxion.permission.annotation.Token;
import com.nepxion.permission.annotation.UserId;
import com.nepxion.permission.annotation.UserType;
import com.nepxion.permission.api.UserResource;
import com.nepxion.permission.constant.PermissionConstant;
import com.nepxion.permission.entity.PermissionType;
import com.nepxion.permission.entity.UserEntity;
import com.nepxion.permission.exception.PermissionAopException;
import java.lang.reflect.Method;
import javax.annotation.PostConstruct;
import org.aopalliance.intercept.MethodInvocation;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:com/nepxion/permission/aop/PermissionInterceptor.class */
public class PermissionInterceptor extends AbstractInterceptor {
    private static final Logger LOG = LoggerFactory.getLogger(PermissionInterceptor.class);

    @Value("${frequent.log.print}")
    private Boolean frequentLogPrint;

    @Value("${permission.interception.enabled:true}")
    private Boolean interceptionEnabled;

    @Value("${spring.application.name}")
    private String serviceName;

    @Value("${permission.user.type.whitelist:}")
    private String whitelist;

    @Autowired
    private UserResource userResource;

    @Autowired
    private PermissionAuthorization permissionAuthorization;

    @PostConstruct
    public void initialize() {
        LOG.info("Permission interception enabled is {}...", this.interceptionEnabled);
    }

    public Object invoke(MethodInvocation methodInvocation) throws Throwable {
        Permission permissionAnnotation;
        return (!this.interceptionEnabled.booleanValue() || (permissionAnnotation = getPermissionAnnotation(methodInvocation)) == null) ? methodInvocation.proceed() : invokePermission(methodInvocation, permissionAnnotation.name(), permissionAnnotation.label(), permissionAnnotation.description());
    }

    private Permission getPermissionAnnotation(MethodInvocation methodInvocation) {
        Method method = methodInvocation.getMethod();
        if (method.isAnnotationPresent(Permission.class)) {
            return (Permission) method.getAnnotation(Permission.class);
        }
        return null;
    }

    private Object invokePermission(MethodInvocation methodInvocation, String str, String str2, String str3) throws Throwable {
        if (StringUtils.isEmpty(this.serviceName)) {
            throw new PermissionAopException("Service name is null or empty");
        }
        if (StringUtils.isEmpty(str)) {
            throw new PermissionAopException("Annotation [Permission]'s name is null or empty");
        }
        String proxyType = getProxyType(methodInvocation);
        String proxiedClassName = getProxiedClassName(methodInvocation);
        String methodName = getMethodName(methodInvocation);
        if (this.frequentLogPrint.booleanValue()) {
            LOG.info("Intercepted for annotation - Permission [name={}, label={}, description={}, proxyType={}, proxiedClass={}, method={}]", new Object[]{str, str2, str3, proxyType, proxiedClassName, methodName});
        }
        UserEntity userEntityByIdAndType = getUserEntityByIdAndType(methodInvocation);
        if (userEntityByIdAndType == null) {
            userEntityByIdAndType = getUserEntityByToken(methodInvocation);
        }
        if (userEntityByIdAndType == null) {
            throw new PermissionAopException("No user context found");
        }
        String userId = userEntityByIdAndType.getUserId();
        String userType = userEntityByIdAndType.getUserType();
        if (checkUserTypeFilters(userType) && !this.permissionAuthorization.authorize(userId, userType, str, PermissionType.API.getValue(), this.serviceName)) {
            throw new PermissionAopException("No permision to proceed method [name=" + methodName + ", parameterTypes=" + getMethodParameterTypesValue(methodInvocation) + "], permissionName=" + str + ", permissionLabel=" + str2);
        }
        return methodInvocation.proceed();
    }

    private UserEntity getUserEntityByIdAndType(MethodInvocation methodInvocation) {
        ServletRequestAttributes requestAttributes;
        String str = (String) getValueByParameterAnnotation(methodInvocation, UserId.class, String.class);
        String str2 = (String) getValueByParameterAnnotation(methodInvocation, UserType.class, String.class);
        if (StringUtils.isEmpty(str) && StringUtils.isNotEmpty(str2)) {
            throw new PermissionAopException("Annotation [UserId]'s value is null or empty");
        }
        if (StringUtils.isNotEmpty(str) && StringUtils.isEmpty(str2)) {
            throw new PermissionAopException("Annotation [UserType]'s value is null or empty");
        }
        if (StringUtils.isEmpty(str) && StringUtils.isEmpty(str2) && (requestAttributes = RequestContextHolder.getRequestAttributes()) != null) {
            str = requestAttributes.getRequest().getHeader(PermissionConstant.USER_ID);
            str2 = requestAttributes.getRequest().getHeader(PermissionConstant.USER_TYPE);
        }
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            return null;
        }
        UserEntity userEntity = new UserEntity();
        userEntity.setUserId(str);
        userEntity.setUserType(str2);
        return userEntity;
    }

    private UserEntity getUserEntityByToken(MethodInvocation methodInvocation) {
        ServletRequestAttributes requestAttributes;
        String str = (String) getValueByParameterAnnotation(methodInvocation, Token.class, String.class);
        if (StringUtils.isEmpty(str) && (requestAttributes = RequestContextHolder.getRequestAttributes()) != null) {
            str = requestAttributes.getRequest().getHeader(PermissionConstant.TOKEN);
        }
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        UserEntity user = this.userResource.getUser(str);
        if (user == null) {
            throw new PermissionAopException("No user found for token=" + str);
        }
        return user;
    }

    private boolean checkUserTypeFilters(String str) {
        return StringUtils.isEmpty(this.whitelist) || this.whitelist.toLowerCase().indexOf(str.toLowerCase()) > -1;
    }
}
