package cn.authing.interceptor;

import cn.authing.bean.AuthingProperties;
import cn.authing.bean.JwtPayload;
import cn.authing.core.mgmt.ManagementClient;
import cn.authing.core.types.ListAuthorizedResourcesOptions;
import cn.authing.core.types.PaginatedAuthorizedResources;
import cn.authing.core.types.PolicyAssignmentTargetType;
import cn.authing.core.types.ResourceType;
import cn.authing.exception.AuthingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.HandlerInterceptor;

/* loaded from: input_file:cn/authing/interceptor/AuthingHandlerInterceptor.class */
public class AuthingHandlerInterceptor implements HandlerInterceptor {
    private static final Logger log = LoggerFactory.getLogger(AuthingHandlerInterceptor.class);
    private final ManagementClient managementClient;
    private final AuthingProperties authingProperties;
    private final ObjectMapper objectMapper;

    public AuthingHandlerInterceptor(ManagementClient managementClient, AuthingProperties authingProperties, ObjectMapper objectMapper) {
        this.managementClient = managementClient;
        this.authingProperties = authingProperties;
        this.objectMapper = objectMapper;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        try {
            List list = (List) ((PaginatedAuthorizedResources) this.managementClient.acl().listAuthorizedResources(PolicyAssignmentTargetType.USER, ((JwtPayload) this.objectMapper.readValue(Base64.getDecoder().decode(httpServletRequest.getHeader("Authorization").replace("Bear ", "").replace("bearer ", "").split("\\.")[1]), JwtPayload.class)).getSub(), this.authingProperties.getApp().getAppId(), new ListAuthorizedResourcesOptions(ResourceType.API)).execute()).getList().stream().map((v0) -> {
                return v0.getApiIdentifier();
            }).collect(Collectors.toList());
            String requestURI = httpServletRequest.getRequestURI();
            Iterator it = list.iterator();
            while (it.hasNext()) {
                if (requestURI.contains((String) it.next())) {
                    log.info("鉴权通过");
                    return true;
                }
            }
            log.info("没有权限");
            throw new AuthingException("Wrong Token", HttpStatus.FORBIDDEN);
        } catch (Exception e) {
            log.info("没有权限");
            throw new AuthingException("Wrong Token", HttpStatus.FORBIDDEN);
        }
    }
}
