package cc.cc4414.spring.resource.config;

import cc.cc4414.spring.resource.core.CommonUser;
import cc.cc4414.spring.resource.core.TokenContextHolder;
import cc.cc4414.spring.resource.core.UserContextHolder;
import cn.hutool.json.JSONUtil;
import java.lang.reflect.Method;
import javax.servlet.http.HttpServletRequest;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.AnnotatedElementUtils;
import org.springframework.core.annotation.Order;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.stereotype.Component;

@Aspect
@Component
@Order(3)
/* loaded from: input_file:cc/cc4414/spring/resource/config/ResourceAspect.class */
public class ResourceAspect {
    private static final Logger log = LoggerFactory.getLogger(ResourceAspect.class);
    private final HttpServletRequest request;
    private final PermissionService permissionService;
    private final ResourceProperties resourceProperties;

    @Around("@within(resourceAnnotation)")
    public Object around(ProceedingJoinPoint proceedingJoinPoint, ResourceAnnotation resourceAnnotation) throws Throwable {
        Method method = proceedingJoinPoint.getSignature().getMethod();
        boolean inner = this.permissionService.inner();
        if (!this.resourceProperties.isPermitAll() && !AnnotatedElementUtils.hasAnnotation(method, PreAuthorize.class) && !inner) {
            throw new AccessDeniedException("不允许访问");
        }
        String header = this.request.getHeader("Authorization");
        log.debug("authorization: {}", header);
        CommonUser sys = CommonUser.getSys();
        if (header != null && header.toLowerCase().startsWith("Bearer".toLowerCase())) {
            sys = (CommonUser) JSONUtil.toBean(JwtHelper.decode(header.substring("Bearer".length()).trim()).getClaims(), CommonUser.class);
        }
        try {
            TokenContextHolder.setToken(header);
            UserContextHolder.setUser(sys);
            Object proceed = proceedingJoinPoint.proceed();
            TokenContextHolder.clear();
            UserContextHolder.clear();
            return proceed;
        } catch (Throwable th) {
            TokenContextHolder.clear();
            UserContextHolder.clear();
            throw th;
        }
    }

    public ResourceAspect(HttpServletRequest httpServletRequest, PermissionService permissionService, ResourceProperties resourceProperties) {
        this.request = httpServletRequest;
        this.permissionService = permissionService;
        this.resourceProperties = resourceProperties;
    }
}
