package coo.mvc.security.interceptor;

import coo.base.exception.UncheckedException;
import coo.base.util.CollectionUtils;
import coo.core.security.annotations.Auth;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authz.UnauthenticatedException;
import org.apache.shiro.authz.UnauthorizedException;
import org.apache.shiro.subject.Subject;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:coo/mvc/security/interceptor/AuthInterceptor.class */
public class AuthInterceptor extends HandlerInterceptorAdapter {
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        Auth authorizeAnnotation;
        if (!(obj instanceof HandlerMethod) || (authorizeAnnotation = getAuthorizeAnnotation((HandlerMethod) obj)) == null) {
            return true;
        }
        Subject subject = SecurityUtils.getSubject();
        if (!subject.isAuthenticated()) {
            throw new UnauthenticatedException("未登录或回话已过期。");
        }
        if (isAccessable(subject, authorizeAnnotation.value()).booleanValue()) {
            return true;
        }
        throw new UnauthorizedException("没有相应的操作权限。");
    }

    private Auth getAuthorizeAnnotation(HandlerMethod handlerMethod) {
        try {
            Auth annotation = handlerMethod.getMethod().getAnnotation(Auth.class);
            return annotation != null ? annotation : handlerMethod.getBeanType().getAnnotation(Auth.class);
        } catch (Exception e) {
            throw new UncheckedException("查找Auth注解时发生异常。", e);
        }
    }

    private Boolean isAccessable(Subject subject, String[] strArr) {
        if (CollectionUtils.isEmpty(strArr).booleanValue()) {
            return true;
        }
        for (String str : strArr) {
            if (subject.hasRole(str)) {
                return true;
            }
        }
        return false;
    }
}
