package com.chinare.axe.auth;

import com.chinare.axe.auth.Auth;
import java.lang.reflect.Method;
import java.util.Iterator;
import java.util.List;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.nutz.json.Json;
import org.nutz.json.JsonFormat;
import org.nutz.lang.Strings;
import org.nutz.log.Log;
import org.nutz.log.Logs;
import org.springframework.core.annotation.AnnotationUtils;

@Aspect
/* loaded from: input_file:com/chinare/axe/auth/TokenAuthInterceptor.class */
public class TokenAuthInterceptor {
    AuthService authService;
    List<String> withoutAuthenticationUrlRegulars;
    Log logger = Logs.get();

    public TokenAuthInterceptor(AuthService authService, List<String> list) {
        this.authService = authService;
        this.withoutAuthenticationUrlRegulars = list;
    }

    public Auth getAuth(JoinPoint joinPoint) {
        MethodSignature signature = joinPoint.getSignature();
        Method method = signature.getMethod();
        if (method.isAnnotationPresent(Auth.class)) {
            return (Auth) method.getAnnotation(Auth.class);
        }
        Auth auth = (Auth) AnnotationUtils.findAnnotation(signature.getMethod().getDeclaringClass(), Auth.class);
        if (auth != null) {
            return auth;
        }
        return null;
    }

    @Around("@within(com.kerbores.mdp.axe.auth.Auth)|| @annotation(com.kerbores.mdp.axe.auth.Auth)")
    public Object filter(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        if (!this.authService.authentication(this.withoutAuthenticationUrlRegulars)) {
            throw new AuthException();
        }
        Auth auth = getAuth(proceedingJoinPoint);
        if (auth == null || auth.value().length == 0) {
            return proceedingJoinPoint.proceed();
        }
        if (checkAuth(auth)) {
            return proceedingJoinPoint.proceed();
        }
        throw new AuthException();
    }

    private boolean checkAuth(Auth auth) {
        if (this.authService.user() == null) {
            return false;
        }
        return auth.type() == Auth.AuthType.ROLE ? checkRole(auth.value(), auth.logical()) : checkPermission(auth.value(), auth.logical());
    }

    private boolean checkPermission(String[] strArr, Auth.Logical logical) {
        if (logical != Auth.Logical.AND) {
            for (String str : strArr) {
                if (hasPermission(str)) {
                    return true;
                }
            }
            this.logger.debugf("user does not has any permission of %s", new Object[]{Json.toJson(strArr, JsonFormat.compact())});
            return false;
        }
        for (String str2 : strArr) {
            if (!hasPermission(str2)) {
                this.logger.debugf("user does not has peermission %s", new Object[]{str2});
                return false;
            }
        }
        return true;
    }

    private boolean hasPermission(String str) {
        Iterator<String> it = this.authService.permissions().iterator();
        while (it.hasNext()) {
            if (Strings.equals(it.next(), str)) {
                return true;
            }
        }
        return false;
    }

    private boolean checkRole(String[] strArr, Auth.Logical logical) {
        if (logical != Auth.Logical.AND) {
            for (String str : strArr) {
                if (hasRole(str)) {
                    return true;
                }
            }
            this.logger.debugf("user does not has any role of %s", new Object[]{Json.toJson(strArr, JsonFormat.compact())});
            return false;
        }
        for (String str2 : strArr) {
            if (!hasRole(str2)) {
                this.logger.debugf("user does not has role %s", new Object[]{str2});
                return false;
            }
        }
        return true;
    }

    private boolean hasRole(String str) {
        Iterator<String> it = this.authService.roles().iterator();
        while (it.hasNext()) {
            if (Strings.equals(it.next(), str)) {
                return true;
            }
        }
        return false;
    }
}
