package tech.hdis.framework.security.interceptor;

import com.google.gson.Gson;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import tech.hdis.framework.security.annotation.SessionMark;
import tech.hdis.framework.security.properties.SecurityResponseProperties;
import tech.hdis.framework.security.response.SecurityResponse;
import tech.hdis.framework.security.session.interfaces.SessionService;

@Component
/* loaded from: input_file:tech/hdis/framework/security/interceptor/SessionInterceptor.class */
public class SessionInterceptor extends HandlerInterceptorAdapter {
    private Gson gson = new Gson();

    @Autowired
    private SecurityResponseProperties securityResponseProperties;

    @Autowired
    private SessionService sessionService;

    private void setResponse(HttpServletResponse httpServletResponse, String str, String str2) throws IOException {
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json");
        httpServletResponse.setStatus(500);
        httpServletResponse.getWriter().write(this.gson.toJson(SecurityResponse.getInstance(str, str2)));
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        SessionMark sessionMark = (SessionMark) ((HandlerMethod) obj).getMethodAnnotation(SessionMark.class);
        boolean z = sessionMark != null;
        String parameter = httpServletRequest.getParameter("token");
        boolean isNotBlank = StringUtils.isNotBlank(parameter);
        if (!z && !isNotBlank) {
            return true;
        }
        if (!z && isNotBlank) {
            this.sessionService.bindingSession(parameter);
            return true;
        }
        if (z && !isNotBlank) {
            setResponse(httpServletResponse, SecurityResponseProperties.UNAUTHENTICATED_KEY, this.securityResponseProperties.getUnauthenticated());
            return false;
        }
        if (!z || !isNotBlank) {
            return true;
        }
        this.sessionService.bindingSession(parameter);
        if (this.sessionService.isExpired()) {
            setResponse(httpServletResponse, SecurityResponseProperties.UNAUTHENTICATED_KEY, this.securityResponseProperties.getUnauthenticated());
            return false;
        }
        this.sessionService.refresh();
        if (!this.sessionService.hasRoles(sessionMark.roles()).booleanValue()) {
            setResponse(httpServletResponse, SecurityResponseProperties.UNAUTHORIZED_KEY, this.securityResponseProperties.getUnauthorized());
            return false;
        }
        if (!this.sessionService.hasPermissions(sessionMark.permissions()).booleanValue()) {
            setResponse(httpServletResponse, SecurityResponseProperties.UNAUTHORIZED_KEY, this.securityResponseProperties.getUnauthorized());
            return false;
        }
        if (!sessionMark.isSingle() || this.sessionService.flush().booleanValue()) {
            return true;
        }
        setResponse(httpServletResponse, SecurityResponseProperties.UNAUTHENTICATED_KEY, this.securityResponseProperties.getUnauthenticated());
        return false;
    }
}
