package com.boot.auth.starter;

import com.boot.auth.starter.annotation.Auth;
import com.boot.auth.starter.annotation.IgnoreLogin;
import com.boot.auth.starter.annotation.NoAuthGetSession;
import com.boot.auth.starter.annotation.OperLog;
import com.boot.auth.starter.common.AuthConstant;
import com.boot.auth.starter.common.LogicSession;
import com.boot.auth.starter.common.Session;
import com.boot.auth.starter.model.OperLogAnnotationEntity;
import com.boot.auth.starter.service.AuthService;
import com.boot.auth.starter.service.LogService;
import com.boot.auth.starter.utils.IPUtils;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import java.util.stream.Stream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.Nullable;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:com/boot/auth/starter/AuthInterceptor.class */
public class AuthInterceptor extends HandlerInterceptorAdapter {
    private static final Logger log = LoggerFactory.getLogger(AuthInterceptor.class);
    private final SessionResolver sessionResolver;
    private final String loginRequired;
    private final String tokenInvalid;
    private final String authNoInvalid;
    private final AuthService authService;
    private final LogService logService;

    public AuthInterceptor(SessionResolver sessionResolver, String str, String str2, String str3, AuthService authService, LogService logService) {
        this.sessionResolver = sessionResolver;
        this.loginRequired = str;
        this.tokenInvalid = str2;
        this.authNoInvalid = str3;
        this.authService = authService;
        this.logService = logService;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        LogicSession session = getSession(httpServletRequest);
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        Auth auth = (Auth) handlerMethod.getMethod().getDeclaringClass().getAnnotation(Auth.class);
        if (auth == null) {
            auth = (Auth) handlerMethod.getMethodAnnotation(Auth.class);
        }
        if (auth == null) {
            requestAttribute(httpServletRequest, session);
            return true;
        }
        IgnoreLogin ignoreLogin = (IgnoreLogin) handlerMethod.getMethod().getDeclaringClass().getAnnotation(IgnoreLogin.class);
        if (ignoreLogin == null) {
            ignoreLogin = (IgnoreLogin) handlerMethod.getMethodAnnotation(IgnoreLogin.class);
        }
        if (null != ignoreLogin && ignoreLogin.ignore()) {
            requestAttribute(httpServletRequest, session);
            return true;
        }
        NoAuthGetSession noAuthGetSession = (NoAuthGetSession) handlerMethod.getMethod().getDeclaringClass().getAnnotation(NoAuthGetSession.class);
        if (noAuthGetSession == null) {
            noAuthGetSession = (NoAuthGetSession) handlerMethod.getMethodAnnotation(NoAuthGetSession.class);
        }
        if (noAuthGetSession != null) {
            if (!noAuthGetSession.loginRequired()) {
                return true;
            }
            requestAttribute(httpServletRequest, session);
            return true;
        }
        if (session == null || !session.getValidLogin().booleanValue()) {
            send(httpServletResponse, this.loginRequired);
            log.warn("用户未登录,拒绝访问[" + httpServletRequest.getRequestURI() + "]");
            return false;
        }
        if (!session.getValidToken().booleanValue()) {
            send(httpServletResponse, this.tokenInvalid);
            log.warn("用户token失效,拒绝访问[" + httpServletRequest.getRequestURI() + "]");
            return false;
        }
        List list = (List) session.getSessionOptional().map(session2 -> {
            return Arrays.asList(session2.getRoles().split(AuthConstant.HEAD_TOKEN_SEPARATOR));
        }).orElse(new ArrayList());
        Stream stream = Arrays.stream(auth.roles());
        list.getClass();
        if (stream.filter((v1) -> {
            return r1.contains(v1);
        }).findFirst().isPresent()) {
            requestAttribute(httpServletRequest, session);
            return true;
        }
        send(httpServletResponse, this.authNoInvalid);
        log.warn("用户不具备访问权限,拒绝访问[" + httpServletRequest.getRequestURI() + "]");
        return false;
    }

    private void requestAttribute(HttpServletRequest httpServletRequest, LogicSession logicSession) {
        if (logicSession == null) {
            return;
        }
        logicSession.getSessionOptional().ifPresent(session -> {
            httpServletRequest.setAttribute(AuthConstant.ATTR_SESSION, session);
        });
    }

    private void send(HttpServletResponse httpServletResponse, String str) throws Exception {
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.getWriter().write(str);
        httpServletResponse.getWriter().close();
    }

    private LogicSession getSession(HttpServletRequest httpServletRequest) {
        try {
            return this.sessionResolver.resolve(this.authService.analysisToken(httpServletRequest), getHeaderValue(httpServletRequest, AuthConstant.HEADER_KEY_PLATFORM), getHeaderValue(httpServletRequest, AuthConstant.HEADER_KEY_VERSION), IPUtils.getClientIP(httpServletRequest));
        } catch (Exception e) {
            return null;
        }
    }

    private void saveOperLog(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (obj instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) obj;
            OperLog operLog = (OperLog) handlerMethod.getMethod().getDeclaringClass().getAnnotation(OperLog.class);
            if (operLog == null) {
                operLog = (OperLog) handlerMethod.getMethodAnnotation(OperLog.class);
            }
            if (operLog == null || !operLog.flag()) {
                return;
            }
            OperLogAnnotationEntity operLogAnnotationEntity = new OperLogAnnotationEntity();
            operLogAnnotationEntity.setOperType(operLog.operType());
            operLogAnnotationEntity.setChannel(getHeaderValue(httpServletRequest, AuthConstant.HEADER_KEY_CHANNEL));
            operLogAnnotationEntity.setDeviceId(getHeaderValue(httpServletRequest, AuthConstant.HEADER_KEY_DEVICEID));
            Optional<Session> sessionOptional = getSession(httpServletRequest).getSessionOptional();
            if (sessionOptional.isPresent()) {
                Session session = sessionOptional.get();
                operLogAnnotationEntity.setUserNo(session.getUserNo());
                operLogAnnotationEntity.setUsername(session.getUsername());
                operLogAnnotationEntity.setRoles(session.getRoles());
                operLogAnnotationEntity.setObj(session.getObj());
                operLogAnnotationEntity.setVersion(session.getVersion());
                operLogAnnotationEntity.setPlatform(session.getPlatform());
            } else {
                operLogAnnotationEntity.setIp(IPUtils.getClientIP(httpServletRequest));
                operLogAnnotationEntity.setVersion(getHeaderValue(httpServletRequest, AuthConstant.HEADER_KEY_VERSION));
                operLogAnnotationEntity.setPlatform(getHeaderValue(httpServletRequest, AuthConstant.HEADER_KEY_PLATFORM));
            }
            this.logService.addLog(operLogAnnotationEntity);
        }
    }

    private String getHeaderValue(HttpServletRequest httpServletRequest, String str) {
        String str2 = "";
        try {
            str2 = httpServletRequest.getHeader(str);
        } catch (Exception e) {
            log.warn("header key is null", e);
        }
        return str2;
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, @Nullable Exception exc) throws Exception {
        saveOperLog(httpServletRequest, httpServletResponse, obj);
    }
}
