package cn.authing.interceptor;

import cn.authing.bean.AuthingProperties;
import cn.authing.core.auth.AuthenticationClient;
import cn.authing.core.graphql.GraphQLException;
import cn.authing.core.mgmt.ManagementClient;
import cn.authing.core.types.ListAuthorizedResourcesOptions;
import cn.authing.core.types.PaginatedAuthorizedResources;
import cn.authing.core.types.PolicyAssignmentTargetType;
import cn.authing.core.types.ResourceType;
import cn.authing.core.types.User;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor;

/* loaded from: input_file:cn/authing/interceptor/AuthingHandlerInterceptor.class */
public class AuthingHandlerInterceptor implements HandlerInterceptor {
    private static final Logger log = LoggerFactory.getLogger(AuthingHandlerInterceptor.class);
    private final ManagementClient managementClient;
    private final AuthenticationClient authenticationClient;
    private final AuthingProperties authingProperties;

    public AuthingHandlerInterceptor(ManagementClient managementClient, AuthenticationClient authenticationClient, AuthingProperties authingProperties) {
        this.managementClient = managementClient;
        this.authenticationClient = authenticationClient;
        this.authingProperties = authingProperties;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        this.authenticationClient.setToken(httpServletRequest.getHeader("Authorization").replace("Bearer ", "").replace("bearer ", ""));
        try {
            List list = (List) ((PaginatedAuthorizedResources) this.managementClient.acl().listAuthorizedResources(PolicyAssignmentTargetType.USER, ((User) this.authenticationClient.getCurrentUser().execute()).getId(), this.authingProperties.getApp().getAppId(), new ListAuthorizedResourcesOptions(ResourceType.API)).execute()).getList().stream().map((v0) -> {
                return v0.getApiIdentifier();
            }).collect(Collectors.toList());
            String requestURI = httpServletRequest.getRequestURI();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                if (requestURI.contains((String) it.next())) {
                    log.info("鉴权通过");
                    return true;
                }
            }
            log.info("无权限");
            return false;
        } catch (IOException | GraphQLException e) {
            return false;
        }
    }
}
