package dev.soffa.foundation.spring.config;

import dev.soffa.foundation.commons.Logger;
import dev.soffa.foundation.commons.TextUtil;
import dev.soffa.foundation.context.ContextHolder;
import dev.soffa.foundation.error.ErrorUtil;
import dev.soffa.foundation.error.FunctionalException;
import io.opentelemetry.api.trace.Span;
import java.util.Date;
import java.util.LinkedHashMap;
import java.util.Optional;
import java.util.stream.Collectors;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.core.env.Environment;
import org.springframework.core.env.Profiles;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.context.request.ServletWebRequest;
import org.springframework.web.context.request.WebRequest;
import org.springframework.web.server.ResponseStatusException;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;

@ControllerAdvice
@Order(Integer.MIN_VALUE)
/* loaded from: input_file:dev/soffa/foundation/spring/config/CustomRestExceptionHandler.class */
class CustomRestExceptionHandler extends ResponseEntityExceptionHandler {
    private static final Logger LOG = Logger.get(CustomRestExceptionHandler.class);
    private final Environment environment;

    @Autowired
    public CustomRestExceptionHandler(Environment environment) {
        this.environment = environment;
    }

    protected ResponseEntity<Object> handleMethodArgumentNotValid(MethodArgumentNotValidException methodArgumentNotValidException, HttpHeaders httpHeaders, HttpStatus httpStatus, WebRequest webRequest) {
        return handleGlobalErrors(methodArgumentNotValidException, webRequest);
    }

    @ExceptionHandler({Throwable.class, Exception.class})
    public ResponseEntity<Object> handleGlobalErrors(Throwable th, WebRequest webRequest) {
        String header = webRequest.getHeader("accept");
        if (TextUtil.isNotEmpty(new String[]{header}) && header.contains("octet-stream")) {
            Logger.app.error(ErrorUtil.loookupOriginalMessage(th), new Object[0]);
            throw new ResponseStatusException(HttpStatus.INTERNAL_SERVER_ERROR, ErrorUtil.loookupOriginalMessage(th), th);
        }
        boolean acceptsProfiles = this.environment.acceptsProfiles(Profiles.of(new String[]{"prod", "production"}));
        Throwable unwrap = ErrorUtil.unwrap(th);
        HttpStatus deriveStatus = deriveStatus(unwrap);
        String loookupOriginalMessage = ErrorUtil.loookupOriginalMessage(unwrap);
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("timestamp", new Date());
        linkedHashMap.put("source", this.environment.getRequiredProperty("spring.application.name"));
        linkedHashMap.put("kind", unwrap.getClass().getSimpleName());
        linkedHashMap.put("status", Integer.valueOf(deriveStatus.value()));
        linkedHashMap.put("message", loookupOriginalMessage);
        linkedHashMap.put("prod", Boolean.valueOf(acceptsProfiles));
        ContextHolder.get().ifPresent(context -> {
            linkedHashMap.put("livemode", Boolean.valueOf(context.isLiveMode()));
        });
        if (!acceptsProfiles) {
            Optional.ofNullable(SecurityContextHolder.getContext()).ifPresent(securityContext -> {
                Authentication authentication = securityContext.getAuthentication();
                if (authentication == null || authentication.getAuthorities() == null) {
                    return;
                }
                linkedHashMap.put("permissions", authentication.getAuthorities().stream().map((v0) -> {
                    return v0.toString();
                }).collect(Collectors.joining(",")));
            });
        }
        linkedHashMap.put("path", ((ServletWebRequest) webRequest).getRequest().getRequestURI());
        String header2 = ((ServletWebRequest) webRequest).getRequest().getHeader("Authorization");
        if (TextUtil.isNotEmpty(new String[]{header2})) {
            linkedHashMap.put("authorization", "*****" + TextUtil.takeLast(header2, 4));
        }
        Span current = Span.current();
        if (current != null && current.getSpanContext().getTraceId() != null && !current.getSpanContext().getTraceId().startsWith("0000000000000000")) {
            linkedHashMap.put("traceId", current.getSpanContext().getTraceId());
            linkedHashMap.put("spanId", current.getSpanContext().getSpanId());
        }
        ContextHolder.get().ifPresent(context2 -> {
            Optional.ofNullable(context2.getApplicationName()).ifPresent(str -> {
                linkedHashMap.put("application", str);
            });
            context2.getUsername().ifPresent(str2 -> {
                linkedHashMap.put("user", str2);
            });
            if (context2.hasTenant()) {
                linkedHashMap.put("tenant", context2.getTenantId());
            }
        });
        if (deriveStatus.value() >= HttpStatus.INTERNAL_SERVER_ERROR.value()) {
            LOG.error(unwrap);
        } else {
            LOG.error(unwrap.getMessage(), new Object[0]);
        }
        if (!acceptsProfiles && deriveStatus != HttpStatus.UNAUTHORIZED && deriveStatus != HttpStatus.FORBIDDEN) {
            linkedHashMap.put("trace", ErrorUtil.getStacktrace(unwrap).split("\n"));
        }
        return ResponseEntity.status(deriveStatus).body(linkedHashMap);
    }

    private HttpStatus deriveStatus(Throwable th) {
        int resolveErrorCode = ErrorUtil.resolveErrorCode(th);
        if (resolveErrorCode > -1) {
            return HttpStatus.valueOf(resolveErrorCode);
        }
        if (!(th instanceof AccessDeniedException)) {
            return th instanceof MethodArgumentNotValidException ? HttpStatus.BAD_REQUEST : th instanceof FunctionalException ? HttpStatus.NOT_IMPLEMENTED : th instanceof ResponseStatusException ? ((ResponseStatusException) th).getStatus() : HttpStatus.INTERNAL_SERVER_ERROR;
        }
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        return (!authentication.isAuthenticated() || (authentication instanceof AnonymousAuthenticationToken)) ? HttpStatus.UNAUTHORIZED : HttpStatus.FORBIDDEN;
    }
}
