package noo.rest.security.processor;

import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import noo.exception.AuthenticateException;
import noo.json.JsonObject;
import noo.rest.security.AbstractUser;
import noo.rest.security.AuthcodeService;
import noo.rest.security.SecueHelper;
import noo.rest.security.delegate.DelegateHttpServletRequest;
import noo.util.ID;
import noo.util.S;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;

/* loaded from: input_file:noo/rest/security/processor/AuthCodeLoginInterceptor.class */
public class AuthCodeLoginInterceptor extends RequestInterceptor {
    public static final Logger log = LoggerFactory.getLogger(AuthCodeLoginInterceptor.class);
    public static final String AUTHCODE = "authcode";

    @Override // noo.rest.security.processor.RequestInterceptor
    public boolean process(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        String method = httpServletRequest.getMethod();
        if (!AuthcodeService.is_AuthcodeUrl(str) || !HttpMethod.POST.matches(method)) {
            return false;
        }
        checkAndGenAuthcode(httpServletRequest, httpServletResponse);
        return true;
    }

    protected void checkAndGenAuthcode(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpServletRequest delegateHttpServletRequest = new DelegateHttpServletRequest(httpServletRequest);
        String parameter = delegateHttpServletRequest.getParameter(LoginInterceptor.USERNAME);
        String parameter2 = delegateHttpServletRequest.getParameter(LoginInterceptor.PASSWORD);
        if (S.isBlank(parameter)) {
            SecueHelper.writeResponse(httpServletResponse, new AuthenticateException("必须有用户名！").toString());
            return;
        }
        AbstractUser loadUserByName = this.us.loadUserByName(parameter);
        if (loadUserByName == null) {
            SecueHelper.writeResponse(httpServletResponse, new AuthenticateException("用户不存在！").toString());
            return;
        }
        String client = SecueHelper.getClient(delegateHttpServletRequest);
        if (!this.us.checkUserPassword(loadUserByName, parameter2, delegateHttpServletRequest) || !this.us.checkClient(parameter, parameter2, client)) {
            checkFailed(httpServletResponse);
        } else {
            loadUserByName.setClient(client);
            genAndReturnAuthcodeOnSuccess(delegateHttpServletRequest, httpServletResponse, loadUserByName);
        }
    }

    protected void checkFailed(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(405);
        SecueHelper.writeResponse(httpServletResponse, new AuthenticateException("用户名或密码错误！").toString());
    }

    protected void genAndReturnAuthcodeOnSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AbstractUser abstractUser) throws IOException {
        abstractUser.setToken(ID.uuid());
        String genAuthcode = AuthcodeService.genAuthcode(this.redis, abstractUser);
        log.info("generate auth code " + genAuthcode + "for user:" + abstractUser.toJsonObject());
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("text/html;charset=utf-8");
        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
        JsonObject jsonObject = new JsonObject();
        jsonObject.put(AUTHCODE, genAuthcode);
        httpServletResponse.getWriter().print(jsonObject.encode());
    }
}
