package tech.mhuang.pacebox.springboot.auth.interceptor;

import com.alibaba.fastjson2.JSON;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.List;
import java.util.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.resource.ResourceHttpRequestHandler;
import tech.mhuang.pacebox.core.exception.BusinessException;
import tech.mhuang.pacebox.core.util.CollectionUtil;
import tech.mhuang.pacebox.core.util.StringUtil;
import tech.mhuang.pacebox.springboot.auth.constant.AuthConstant;
import tech.mhuang.pacebox.springboot.core.spring.start.SpringContextHolder;
import tech.mhuang.pacebox.springboot.protocol.GlobalHeader;
import tech.mhuang.pacebox.springboot.protocol.Result;
import tech.mhuang.pacebox.springboot.protocol.auth.AuthExcludeUrl;
import tech.mhuang.pacebox.springboot.protocol.auth.AuthUrl;
import tech.mhuang.pacebox.springboot.redis.commands.IRedisExtCommands;

/* loaded from: input_file:tech/mhuang/pacebox/springboot/auth/interceptor/OpAuthInterceptor.class */
public class OpAuthInterceptor implements HandlerInterceptor {
    private static final Logger log = LoggerFactory.getLogger(OpAuthInterceptor.class);
    private int redisDataBase;
    private boolean checkUrl;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        if (obj instanceof ResourceHttpRequestHandler) {
            return true;
        }
        try {
            if (this.checkUrl) {
                log.debug("拦截的URL:{},拦截类型:{}", httpServletRequest.getRequestURL().toString(), httpServletRequest.getMethod());
                if (!checkUrlIsNotLogin(getUri(httpServletRequest))) {
                    String header = httpServletRequest.getHeader("global_header");
                    if (!StringUtil.isNotBlank(header)) {
                        throw new BusinessException(500, "您没有权限访问!");
                    }
                    GlobalHeader globalHeader = (GlobalHeader) JSON.parseObject(header, GlobalHeader.class);
                    if (StringUtil.isNotBlank(globalHeader.getToken())) {
                        if (!checkUrlPower(globalHeader.getUserId(), httpServletRequest)) {
                            throw new BusinessException(500, "您没有权限访问!");
                        }
                    } else if (!checkUrlIsNotLogin(getUri(httpServletRequest))) {
                        throw new BusinessException(500, "您没有权限访问!");
                    }
                }
            }
            return true;
        } catch (Exception e) {
            writeJson(500, "授权失败！", httpServletResponse);
            log.error("检查权限异常{}", e);
            return false;
        } catch (BusinessException e2) {
            log.error("检查权限异常{}", e2);
            writeJson(e2.getCode(), e2.getMessage(), httpServletResponse);
            return false;
        }
    }

    private boolean checkUrlIsNotLogin(String str) {
        IRedisExtCommands iRedisExtCommands = (IRedisExtCommands) SpringContextHolder.getBean(IRedisExtCommands.class);
        log.debug("开始检查请求的URI:{}是否不需要登录", str);
        return isFilterFlag(str, iRedisExtCommands, false, AuthConstant.NOT_LOGIN_VIST_URLS_CACHEKEY);
    }

    private boolean isFilterFlag(String str, IRedisExtCommands iRedisExtCommands, boolean z, String str2) {
        List hgetList = iRedisExtCommands.hgetList(this.redisDataBase, AuthConstant.AUTH_DICT_KEY, str2, AuthExcludeUrl.class);
        if (CollectionUtil.isNotEmpty(hgetList)) {
            z = hgetList.parallelStream().anyMatch(authExcludeUrl -> {
                return StringUtil.isNotBlank(authExcludeUrl.getUrl()) && (str.startsWith(authExcludeUrl.getUrl()) || "*".equals(authExcludeUrl.getUrl()));
            });
        }
        return z;
    }

    private void writeJson(int i, String str, HttpServletResponse httpServletResponse) {
        try {
            Result result = new Result();
            result.setCode(i);
            result.setMessage(str);
            httpServletResponse.setContentType("application/json;charset=utf-8");
            httpServletResponse.setStatus(403);
            httpServletResponse.getWriter().write(JSON.toJSONString(result));
            httpServletResponse.getWriter().flush();
        } catch (Exception e) {
        }
    }

    private boolean checkUrlPower(String str, HttpServletRequest httpServletRequest) {
        String uri = getUri(httpServletRequest);
        log.debug("开始检查请求的URI:{}是否具有访问权限", uri);
        IRedisExtCommands iRedisExtCommands = (IRedisExtCommands) SpringContextHolder.getBean(IRedisExtCommands.class);
        boolean isFilterFlag = isFilterFlag(uri, iRedisExtCommands, false, AuthConstant.EXCLUDE_VIST_URLS_CACHEKEY);
        if (!isFilterFlag && ((AuthUrl) iRedisExtCommands.hget(this.redisDataBase, AuthConstant.USER_VIST_URL_CACHEKEY, str.concat("-").concat(uri), AuthUrl.class)) != null) {
            isFilterFlag = true;
        }
        return isFilterFlag;
    }

    public static String getServletPath(HttpServletRequest httpServletRequest) {
        String servletPath = httpServletRequest.getServletPath();
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI != null && servletPath != null && !requestURI.endsWith(servletPath) && requestURI.indexOf(servletPath) > -1) {
            servletPath = requestURI.substring(requestURI.indexOf(servletPath));
        }
        if (null != servletPath && !"".equals(servletPath)) {
            return servletPath;
        }
        int length = StringUtil.equals(httpServletRequest.getContextPath(), "") ? 0 : httpServletRequest.getContextPath().length();
        int length2 = httpServletRequest.getPathInfo() == null ? ((String) Objects.requireNonNull(requestURI)).length() : ((String) Objects.requireNonNull(requestURI)).lastIndexOf(httpServletRequest.getPathInfo());
        if (length > length2) {
            length2 = length;
        }
        return requestURI.substring(length, length2);
    }

    public static String getUri(HttpServletRequest httpServletRequest) {
        String str = (String) httpServletRequest.getAttribute("javax.servlet.include.servlet_path");
        if (str != null) {
            return str;
        }
        String servletPath = getServletPath(httpServletRequest);
        return (servletPath == null || "".equals(servletPath)) ? httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length()) : servletPath;
    }

    public void setRedisDataBase(int i) {
        this.redisDataBase = i;
    }

    public void setCheckUrl(boolean z) {
        this.checkUrl = z;
    }
}
