package help.lixin.security.service;

import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.security.authorization.AuthorizationDecision;
import org.springframework.security.authorization.ReactiveAuthorizationManager;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
import org.springframework.security.web.server.authorization.AuthorizationContext;
import org.springframework.util.AntPathMatcher;
import reactor.core.publisher.Mono;

/* loaded from: input_file:help/lixin/security/service/ResourceServerAuthorizationManager.class */
public class ResourceServerAuthorizationManager implements ReactiveAuthorizationManager<AuthorizationContext> {
    private Logger logger = LoggerFactory.getLogger(ResourceServerAuthorizationManager.class);
    private IPermissionListService permissionListService;
    private IPathCustomizerService pathCustomizerService;
    private IWhiteListService whiteListService;

    public ResourceServerAuthorizationManager(IPermissionListService iPermissionListService, IPathCustomizerService iPathCustomizerService, IWhiteListService iWhiteListService) {
        this.permissionListService = iPermissionListService;
        this.pathCustomizerService = iPathCustomizerService;
        this.whiteListService = iWhiteListService;
    }

    public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
        AntPathMatcher antPathMatcher = new AntPathMatcher();
        ServerHttpRequest request = authorizationContext.getExchange().getRequest();
        if (request.getMethod() == HttpMethod.OPTIONS) {
            return Mono.just(new AuthorizationDecision(true));
        }
        List whiteList = this.whiteListService.whiteList();
        Iterator it = whiteList.iterator();
        while (it.hasNext()) {
            if (antPathMatcher.match((String) it.next(), request.getURI().getPath())) {
                return Mono.just(new AuthorizationDecision(true));
            }
        }
        String extractPath = extractPath(request);
        Iterator it2 = whiteList.iterator();
        while (it2.hasNext()) {
            if (antPathMatcher.match((String) it2.next(), extractPath)) {
                return Mono.just(new AuthorizationDecision(true));
            }
        }
        return mono.filter((v0) -> {
            return v0.isAuthenticated();
        }).filter(authentication -> {
            return authentication instanceof JwtAuthenticationToken;
        }).cast(JwtAuthenticationToken.class).map(jwtAuthenticationToken -> {
            return jwtAuthenticationToken.getAuthorities();
        }).map(collection -> {
            List list = (List) collection.stream().map((v0) -> {
                return v0.getAuthority();
            }).collect(Collectors.toList());
            try {
                return this.permissionListService.loadPermissionListByRoles(list);
            } catch (Exception e) {
                this.logger.error("根据角色:[{}],获取授权列表失败,失败原因:[{}]", list, e.getMessage());
                return null;
            }
        }).flatMapIterable(list -> {
            return list;
        }).any(str -> {
            return antPathMatcher.match(str, extractPath);
        }).map((v1) -> {
            return new AuthorizationDecision(v1);
        }).defaultIfEmpty(new AuthorizationDecision(false));
    }

    protected String extractPath(ServerHttpRequest serverHttpRequest) {
        String path = serverHttpRequest.getURI().getPath();
        return null != this.pathCustomizerService ? this.pathCustomizerService.customizer(path) : path;
    }

    public /* bridge */ /* synthetic */ Mono check(Mono mono, Object obj) {
        return check((Mono<Authentication>) mono, (AuthorizationContext) obj);
    }
}
