package org.ifinalframework.security.web.servlet.interceptor;

import java.util.Objects;
import java.util.function.Predicate;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.ifinalframework.context.exception.UnauthorizedException;
import org.springframework.security.access.prepost.PostAuthorize;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

@Component
/* loaded from: input_file:org/ifinalframework/security/web/servlet/interceptor/PrePostAnnotationHandlerInterceptor.class */
public class PrePostAnnotationHandlerInterceptor implements HandlerInterceptor {
    private final Predicate<HandlerMethod> predicate = new PrePostAnnotationPredicate();

    /* loaded from: input_file:org/ifinalframework/security/web/servlet/interceptor/PrePostAnnotationHandlerInterceptor$PrePostAnnotationPredicate.class */
    private static class PrePostAnnotationPredicate implements Predicate<HandlerMethod> {
        private PrePostAnnotationPredicate() {
        }

        @Override // java.util.function.Predicate
        public boolean test(HandlerMethod handlerMethod) {
            if (handlerMethod.hasMethodAnnotation(PreAuthorize.class) || handlerMethod.hasMethodAnnotation(PostAuthorize.class)) {
                return true;
            }
            Class beanType = handlerMethod.getBeanType();
            return beanType.isAnnotationPresent(PreAuthorize.class) || beanType.isAnnotationPresent(PostAuthorize.class);
        }
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if ((obj instanceof HandlerMethod) && this.predicate.test((HandlerMethod) obj) && Objects.isNull(SecurityContextHolder.getContext().getAuthentication())) {
            throw new UnauthorizedException("用户未登录", new Object[0]);
        }
        return true;
    }
}
