package cn.patterncat.rsq.component.security;

import cn.patterncat.rest.ApiResult;
import cn.patterncat.rsq.RsqProperties;
import cn.patterncat.rsq.component.security.auth.UrlAuth;
import cn.patterncat.rsq.component.security.auth.UrlAuthInfo;
import cn.patterncat.rsq.component.security.auth.UrlAuthRole;
import cn.patterncat.rsq.domain.pg.UserAccount;
import cn.patterncat.rsq.model.HttpConstants;
import cn.patterncat.rsq.service.TokenAuthService;
import cn.patterncat.rsq.util.ContextHolder;
import java.lang.reflect.Method;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.util.StopWatch;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.HandlerMapping;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import org.springframework.web.util.WebUtils;

/* loaded from: input_file:cn/patterncat/rsq/component/security/RsqAuthInterceptor.class */
public class RsqAuthInterceptor implements HandlerInterceptor, ApplicationContextAware, ApplicationListener<ContextRefreshedEvent> {
    private static final Logger LOGGER = LoggerFactory.getLogger(RsqAuthInterceptor.class);
    protected ApplicationContext applicationContext;
    protected Map<String, UrlAuthInfo> authInfoMap = new HashMap();
    RsqProperties rsqProperties;

    @Autowired
    TokenAuthService tokenAuthService;

    public RsqAuthInterceptor(RsqProperties rsqProperties) {
        this.rsqProperties = rsqProperties;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!this.rsqProperties.getAuth().isEnabled()) {
            return true;
        }
        String objects = Objects.toString(httpServletRequest.getAttribute(HandlerMapping.BEST_MATCHING_PATTERN_ATTRIBUTE), "");
        if (!this.authInfoMap.containsKey(objects)) {
            return true;
        }
        UrlAuthInfo urlAuthInfo = this.authInfoMap.get(objects);
        if (!urlAuthInfo.getMethods().contains(httpServletRequest.getMethod())) {
            return true;
        }
        Cookie cookie = WebUtils.getCookie(httpServletRequest, HttpConstants.ACCESS_TOKEN);
        if (cookie == null) {
            httpServletResponse.sendError(401);
            return false;
        }
        ApiResult<UserAccount> validateToken = this.tokenAuthService.validateToken(cookie.getValue());
        if (!validateToken.isSuccess()) {
            httpServletResponse.sendError(401);
            return false;
        }
        UserAccount userAccount = (UserAccount) validateToken.getData();
        if (StringUtils.isEmpty(userAccount.getRoles())) {
            httpServletResponse.sendError(403);
            return false;
        }
        if (userAccount.getRoles().contains(urlAuthInfo.getRole())) {
            ContextHolder.setLoginId(userAccount.getLoginId());
            return true;
        }
        httpServletResponse.sendError(403);
        return false;
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        ContextHolder.resetLoginId();
    }

    public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
        this.applicationContext = applicationContext;
    }

    public void onApplicationEvent(ContextRefreshedEvent contextRefreshedEvent) {
        initUrlAuthMap(((RequestMappingHandlerMapping) this.applicationContext.getBean(RequestMappingHandlerMapping.class)).getHandlerMethods());
    }

    protected void initUrlAuthMap(Map<RequestMappingInfo, HandlerMethod> map) {
        StopWatch stopWatch = new StopWatch("initUrlAuthMap");
        stopWatch.start();
        for (Map.Entry<RequestMappingInfo, HandlerMethod> entry : map.entrySet()) {
            RequestMappingInfo key = entry.getKey();
            Method method = entry.getValue().getMethod();
            if (method.isAnnotationPresent(UrlAuth.class)) {
                UrlAuthRole role = ((UrlAuth) method.getAnnotation(UrlAuth.class)).role();
                Set patterns = key.getPatternsCondition().getPatterns();
                UrlAuthInfo build = UrlAuthInfo.builder().role(role).methods((Set) key.getMethodsCondition().getMethods().stream().map(requestMethod -> {
                    return requestMethod.name();
                }).collect(Collectors.toSet())).build();
                patterns.stream().forEach(str -> {
                    this.authInfoMap.put(str, build);
                });
            }
        }
        stopWatch.stop();
        LOGGER.info(stopWatch.prettyPrint());
    }
}
