package cn.dinodev.spring.core.security;

import cn.dinodev.spring.auth.Permission;
import cn.dinodev.spring.auth.session.AuthInfoProvider;
import cn.dinodev.spring.auth.session.AuthSession;
import cn.dinodev.spring.auth.session.AuthSessionResolver;
import cn.dinodev.spring.commons.context.DinoContext;
import cn.dinodev.spring.commons.function.Suppliers;
import cn.dinodev.spring.commons.response.Status;
import cn.dinodev.spring.commons.sys.Tenant;
import cn.dinodev.spring.commons.sys.User;
import cn.dinodev.spring.commons.sys.UserType;
import cn.dinodev.spring.commons.utils.Assert;
import cn.dinodev.spring.core.sys.tenant.TenantService;
import cn.dinodev.spring.core.sys.token.Token;
import cn.dinodev.spring.core.sys.token.TokenPrincaple;
import cn.dinodev.spring.core.sys.token.TokenService;
import cn.dinodev.spring.core.sys.user.UserServiceProvider;
import com.fasterxml.jackson.databind.ObjectMapper;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Base64;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.function.Supplier;
import lombok.Generated;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:cn/dinodev/spring/core/security/DinoAuthSessionResolver.class */
public class DinoAuthSessionResolver implements AuthSessionResolver<DinoAuthSession> {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(DinoAuthSessionResolver.class);

    @Autowired
    private TokenService tokenService;

    @Autowired
    private TenantService tenantService;

    @Autowired
    private UserServiceProvider userServiceProvider;

    @Autowired
    private ObjectMapper objectMapper;

    @Autowired
    private DinoContext context;

    @Autowired
    private AuthInfoProvider<User<?>> authzInfoProvider;
    private final String authHeader;

    /* loaded from: input_file:cn/dinodev/spring/core/security/DinoAuthSessionResolver$DinoAuthSession.class */
    public static class DinoAuthSession implements AuthSession {
        private final String sessionId;
        private final User<?> user;
        private final Supplier<List<Permission>> permissions;
        private final Supplier<Set<String>> roles;

        public DinoAuthSession(String str, User<?> user, AuthInfoProvider<User<?>> authInfoProvider) {
            this.sessionId = str;
            this.user = user;
            this.permissions = Suppliers.lazy(() -> {
                Collection permissions = authInfoProvider.getPermissions(user);
                return Objects.isNull(permissions) ? List.of() : List.copyOf(permissions);
            });
            this.roles = Suppliers.lazy(() -> {
                return new HashSet(authInfoProvider.getRoles(user));
            });
        }

        public String getSessionId() {
            return this.sessionId;
        }

        public boolean isLogin() {
            return Objects.nonNull(this.user);
        }

        public boolean isLoginAs(String str) {
            return isLogin() && this.user.getUserType().getType().equals(str);
        }

        public String getSubjectId() {
            if (Objects.isNull(this.user)) {
                return null;
            }
            return this.user.getId().toString();
        }

        public String getSubjectType() {
            if (isLogin()) {
                return this.user.getUserType().getType();
            }
            return null;
        }

        public Collection<String> getSubjectRoles() {
            return isLogin() ? this.roles.get() : Collections.emptyList();
        }

        public Collection<Permission> getSubjectPermissions() {
            return isLogin() ? this.permissions.get() : Collections.emptyList();
        }
    }

    public DinoAuthSessionResolver(String str) {
        this.authHeader = str;
    }

    /* renamed from: resolveSession, reason: merged with bridge method [inline-methods] */
    public DinoAuthSession m60resolveSession(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(getAuthHeader());
        if (StringUtils.isBlank(header)) {
            return null;
        }
        String extractPrinc = Token.extractPrinc(header);
        String extractToken = Token.extractToken(header);
        try {
            TokenPrincaple tokenPrincaple = (TokenPrincaple) this.objectMapper.readValue(Base64.getUrlDecoder().decode(extractPrinc), TokenPrincaple.class);
            log.info("req http:{}", httpServletRequest.getRequestURL());
            Assert.isTrue(this.tokenService.checkLoginToken(tokenPrincaple, extractToken), Status.CODE.FAIL_INVALID_AUTH_TOKEN);
            UserType resolveUserType = this.userServiceProvider.resolveUserType(tokenPrincaple.getUserType());
            Assert.notNull(resolveUserType, "user type not found", new Object[0]);
            User user = (User) this.userServiceProvider.resolveUserService(resolveUserType).getUserById(resolveUserType, tokenPrincaple.getUserId()).orElse(null);
            Assert.notNull(user, Status.CODE.FAIL_USER_NOT_EXIST);
            this.context.currentUser(user);
            Tenant currentTenant = this.context.currentTenant();
            if (StringUtils.isNotBlank(tokenPrincaple.getTenantId())) {
                Tenant findTenantById = this.tenantService.findTenantById(tokenPrincaple.getTenantId());
                Assert.notNull(findTenantById, "tenant[id={}] not found", new Object[]{tokenPrincaple.getTenantId()});
                if (resolveUserType.isTenantUser() && Objects.nonNull(currentTenant)) {
                    Assert.state(findTenantById.getId().equals(currentTenant.getId()), "tenant[id={}] not match", new Object[]{tokenPrincaple.getTenantId()});
                }
            }
            return new DinoAuthSession(this.tokenService.generateTokenId(tokenPrincaple), user, this.authzInfoProvider);
        } catch (IOException e) {
            log.error("error occured while create AuthSession from[{}]", extractPrinc, e);
            return null;
        }
    }

    public void closeSession(HttpServletRequest httpServletRequest, Object obj) {
        this.context.currentUser((User) null);
    }

    @Generated
    public String getAuthHeader() {
        return this.authHeader;
    }
}
