package com.ajaxjs.iam.resource_server;

import com.ajaxjs.iam.jwt.JWebToken;
import com.ajaxjs.iam.jwt.JWebTokenMgr;
import com.ajaxjs.iam.model.User;
import java.io.IOException;
import java.io.PrintWriter;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.util.Enumeration;
import java.util.function.Function;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.http.HttpStatus;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;

/* loaded from: input_file:com/ajaxjs/iam/resource_server/UserInterceptor.class */
public class UserInterceptor implements HandlerInterceptor {
    private static final Logger log = LoggerFactory.getLogger(UserInterceptor.class);

    @Value("${auth.run:true}")
    private String run;

    @Value("${auth.cacheType:jvm_hash}")
    private String cacheType;

    @Autowired(required = false)
    private StringRedisTemplate redis;

    @Autowired(required = false)
    private Function<String, String> getUserFromJvmHash;

    @Value("${auth.jwtSecretKey}")
    private String jwtSecretKey;
    private static final String ERR_JSON = "{\"error\":\"%s\",\"error_description\":\"%s\"}";
    private static final String BEARER_TYPE = "Bearer";

    @Bean
    JWebTokenMgr jWebTokenMgr() {
        JWebTokenMgr jWebTokenMgr = new JWebTokenMgr();
        jWebTokenMgr.setSecretKey(this.jwtSecretKey);
        return jWebTokenMgr;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        String format;
        if (!StringUtils.hasText(this.run) || !Boolean.parseBoolean(this.run)) {
            return true;
        }
        String extractToken = extractToken(httpServletRequest);
        if (!StringUtils.hasText(extractToken)) {
            return returnErrorMsg(401, httpServletResponse);
        }
        String str = this.cacheType;
        boolean z = -1;
        switch (str.hashCode()) {
            case 105671:
                if (str.equals("jwt")) {
                    z = 2;
                    break;
                }
                break;
            case 108389755:
                if (str.equals("redis")) {
                    z = false;
                    break;
                }
                break;
            case 617060844:
                if (str.equals("jvm_hash")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                format = (String) this.redis.opsForValue().get(UserConstants.REDIS_PREFIX + extractToken);
                break;
            case true:
                if (this.getUserFromJvmHash != null) {
                    format = this.getUserFromJvmHash.apply(extractToken);
                    break;
                } else {
                    serverErr(httpServletResponse, "配置参数 jvm_hash 不正确");
                    return false;
                }
            case true:
                JWebTokenMgr jWebTokenMgr = jWebTokenMgr();
                JWebToken parse = jWebTokenMgr.parse(extractToken);
                if (!jWebTokenMgr.isValid(parse)) {
                    returnErrorMsg(403, httpServletResponse);
                    return false;
                }
                format = String.format("{\"id\": %s, \"name\": \"%s\"}", parse.getPayload().getSub(), parse.getPayload().getName());
                break;
            default:
                serverErr(httpServletResponse, "配置参数不正确");
                return false;
        }
        if (!StringUtils.hasText(format)) {
            return returnErrorMsg(401, httpServletResponse);
        }
        httpServletRequest.setAttribute(UserConstants.USER_KEY_IN_REQUEST, (User) Utils.jsonStr2Bean(format, User.class));
        return true;
    }

    private boolean returnErrorMsg(int i, HttpServletResponse httpServletResponse) {
        switch (i) {
            case 401:
                returnMsg(httpServletResponse, HttpStatus.UNAUTHORIZED.value(), "unauthorized", "未认证");
                return false;
            case 403:
                returnMsg(httpServletResponse, HttpStatus.FORBIDDEN.value(), "forbidden", "没有权限");
                return false;
            case 500:
                returnMsg(httpServletResponse, HttpStatus.INTERNAL_SERVER_ERROR.value(), "error", "认证失败");
                return false;
            default:
                return false;
        }
    }

    private void serverErr(HttpServletResponse httpServletResponse, String str) {
        returnMsg(httpServletResponse, HttpStatus.INTERNAL_SERVER_ERROR.value(), "error", str);
    }

    private void returnMsg(HttpServletResponse httpServletResponse, int i, String str, String str2) {
        returnMsg(httpServletResponse, i, String.format(ERR_JSON, str, str2));
    }

    static void returnMsg(HttpServletResponse httpServletResponse, int i, String str) {
        httpServletResponse.setStatus(i);
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json;charset=utf-8");
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            Throwable th = null;
            try {
                writer.write(str);
                if (writer != null) {
                    if (0 != 0) {
                        try {
                            writer.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        writer.close();
                    }
                }
            } finally {
            }
        } catch (IOException e) {
            log.warn("err::", e);
        }
    }

    static boolean checkIfExpire(long j) {
        return LocalDateTime.ofEpochSecond(j, 0, ZoneOffset.UTC).isBefore(LocalDateTime.now());
    }

    public String extractToken(HttpServletRequest httpServletRequest) {
        String extractHeaderToken = extractHeaderToken(httpServletRequest);
        httpServletRequest.getHeader("Authorization");
        httpServletRequest.getHeader("authorization");
        if (extractHeaderToken == null) {
            extractHeaderToken = httpServletRequest.getHeader("token");
            if (extractHeaderToken == null) {
                extractHeaderToken = httpServletRequest.getParameter("access_token");
                if (extractHeaderToken == null) {
                    log.warn("Token not found in request parameters. Not an OAuth2 request.");
                }
            }
        }
        return extractHeaderToken;
    }

    private String extractHeaderToken(HttpServletRequest httpServletRequest) {
        Enumeration headers = httpServletRequest.getHeaders("Authorization");
        while (headers.hasMoreElements()) {
            String str = (String) headers.nextElement();
            if (str.toLowerCase().startsWith(BEARER_TYPE.toLowerCase())) {
                String trim = str.substring(BEARER_TYPE.length()).trim();
                int indexOf = trim.indexOf(44);
                if (indexOf > 0) {
                    trim = trim.substring(0, indexOf);
                }
                return trim;
            }
        }
        return null;
    }
}
