package cn.wjee.boot.security.api;

import cn.wjee.boot.WJeeVar;
import cn.wjee.boot.context.RestHttpInputMessage;
import cn.wjee.boot.context.SpringUtils;
import cn.wjee.commons.collection.MapUtils;
import cn.wjee.commons.crypto.EncodeUtils;
import cn.wjee.commons.exception.Asserts;
import cn.wjee.commons.exception.CipherAdviceException;
import cn.wjee.commons.exception.TokenAdviceException;
import cn.wjee.commons.http.WebUtils;
import cn.wjee.commons.io.IOUtils;
import cn.wjee.commons.lang.JacksonUtils;
import cn.wjee.commons.lang.StringUtils;
import java.lang.reflect.Type;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.RestControllerAdvice;

@RestControllerAdvice
@Order(-2147483548)
/* loaded from: input_file:cn/wjee/boot/security/api/SecurityBodyAdvice.class */
public class SecurityBodyAdvice extends AbstractSecurityAdvice {
    private static final Logger log = LoggerFactory.getLogger(SecurityBodyAdvice.class);
    private SecurityApiHandler defaultSecurityApiHandler;

    public SecurityBodyAdvice() {
    }

    public SecurityBodyAdvice(SecurityApiHandler securityApiHandler) {
        this.defaultSecurityApiHandler = securityApiHandler;
    }

    public SecurityApiHandler getSecurityApiHandler() {
        return this.defaultSecurityApiHandler;
    }

    public HttpInputMessage beforeBodyRead(HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> cls) {
        String iOUtils;
        if (log.isDebugEnabled()) {
            log.debug("RequestBody::beforeBodyRead::{}", getClass().getName());
        }
        SecurityApiHandler securityApiHandler = getSecurityApiHandler();
        try {
            if (enableRequestDecrypt(methodParameter)) {
                Asserts.isTrue(securityApiHandler != null, "adviceCustomizer缺失");
                iOUtils = securityApiHandler.handleRequest(IOUtils.toString(httpInputMessage.getBody(), StandardCharsets.UTF_8));
            } else {
                iOUtils = IOUtils.toString(httpInputMessage.getBody(), StandardCharsets.UTF_8);
            }
            try {
                if (!enableRequestToken(methodParameter)) {
                    return new RestHttpInputMessage(httpInputMessage.getHeaders(), IOUtils.toInputStream(iOUtils, StandardCharsets.UTF_8));
                }
                Asserts.isTrue(securityApiHandler != null, "adviceCustomizer缺失");
                HttpServletRequest request = SpringUtils.getRequest();
                Map convertMap = JacksonUtils.convertMap(iOUtils);
                String str = "Authorization";
                Map.Entry entry = (Map.Entry) httpInputMessage.getHeaders().entrySet().stream().filter(entry2 -> {
                    return StringUtils.equalsIgnoreCase((String) entry2.getKey(), str);
                }).findFirst().orElse(null);
                String join = entry == null ? WJeeVar.Cors.DEFAULT_EXPOSED_HEADERS : StringUtils.join((List) entry.getValue(), WJeeVar.Cors.DEFAULT_EXPOSED_HEADERS);
                if (StringUtils.isBlank(join) && MapUtils.isNotEmpty(convertMap) && convertMap.containsKey("Authorization")) {
                    join = MapUtils.getValue(convertMap, "Authorization");
                }
                if (StringUtils.isBlank(join)) {
                    join = EncodeUtils.urlDecode(WebUtils.getCookieValue(request, "Authorization"));
                }
                Asserts.isTrue(StringUtils.isNotBlank(join), "认证Token缺失");
                Asserts.isTrue(securityApiHandler.handleVerifyToken(join), "认证Token验证不通过");
                convertMap.remove("Authorization");
                return new RestHttpInputMessage(httpInputMessage.getHeaders(), IOUtils.toInputStream(JacksonUtils.toJson(convertMap), StandardCharsets.UTF_8));
            } catch (Exception e) {
                throw new TokenAdviceException("RequestBodyAdvice::afterBodyRead::fail", e);
            }
        } catch (Exception e2) {
            throw new CipherAdviceException((Integer) null, "RequestBodyAdvice::beforeBodyRead::fail", e2);
        } catch (CipherAdviceException e3) {
            throw e3;
        }
    }

    public Object beforeBodyWrite(Object obj, MethodParameter methodParameter, MediaType mediaType, Class<? extends HttpMessageConverter<?>> cls, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
        try {
            if (!MediaType.APPLICATION_JSON.isCompatibleWith(mediaType)) {
                return obj;
            }
            log.debug("ResponseBody::beforeBodyWrite::{}", getClass().getName());
            if (!enableResponseEncrypt(methodParameter)) {
                return obj;
            }
            String json = JacksonUtils.toJson(obj);
            if (StringUtils.isBlank(json)) {
                return obj;
            }
            SecurityApiHandler securityApiHandler = getSecurityApiHandler();
            Asserts.isTrue(securityApiHandler != null, "advice decrypt customizers needed");
            return securityApiHandler.handleResponse(json);
        } catch (Exception e) {
            throw new TokenAdviceException("ResponseBodyEncrypt Fail!", e);
        }
    }
}
