package com.feingto.cloud.security;

import com.feingto.cloud.constants.Constants;
import com.feingto.cloud.constants.SdkConstants;
import com.feingto.cloud.core.annotation.Logical;
import com.feingto.cloud.core.context.WebContext;
import com.feingto.cloud.domain.account.User;
import com.feingto.cloud.domain.oauth2.ClientDetail;
import com.feingto.cloud.helpers.ClientCacheHelper;
import com.feingto.cloud.helpers.UserResCacheHelper;
import com.feingto.cloud.security.core.userdetails.SecurityUserDetails;
import com.feingto.cloud.security.oauth2.common.exceptions.CustomOAuth2Exception;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.commons.collections.CollectionUtils;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.jwt.JwtHelper;
import org.springframework.security.oauth2.common.util.JsonParser;
import org.springframework.security.oauth2.common.util.JsonParserFactory;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
import org.springframework.util.StringUtils;

/* loaded from: input_file:BOOT-INF/lib/feingto-core-2.3.3.RELEASE.jar:com/feingto/cloud/security/SecurityUtils.class */
public class SecurityUtils {
    private static final JsonParser objectMapper = JsonParserFactory.create();

    public static Authentication getAuthentication() {
        return SecurityContextHolder.getContext().getAuthentication();
    }

    public static String getToken() {
        Authentication authentication = getAuthentication();
        if ((authentication instanceof OAuth2Authentication) && (authentication.getDetails() instanceof OAuth2AuthenticationDetails)) {
            return ((OAuth2AuthenticationDetails) authentication.getDetails()).getTokenValue();
        }
        return null;
    }

    public static String getClientId() {
        Authentication authentication = getAuthentication();
        if (authentication instanceof OAuth2Authentication) {
            return ((OAuth2Authentication) authentication).getOAuth2Request().getClientId();
        }
        return null;
    }

    public static String getUsername() {
        Authentication authentication = getAuthentication();
        if (Objects.isNull(authentication) || (authentication instanceof AnonymousAuthenticationToken)) {
            return User.ANONYMOUS_USER;
        }
        Object principal = authentication.getPrincipal();
        return principal instanceof UserDetails ? ((UserDetails) principal).getUsername() : principal.toString();
    }

    public static List<String> getAuthorities() {
        Authentication authentication = getAuthentication();
        return (!Objects.nonNull(authentication) || (authentication instanceof AnonymousAuthenticationToken)) ? new ArrayList() : (List) authentication.getAuthorities().stream().map((v0) -> {
            return v0.getAuthority();
        }).collect(Collectors.toList());
    }

    public static List<String> getRoles() {
        return (List) getAuthorities().stream().filter(str -> {
            return str.startsWith(Constants.ROLE_PREFIX);
        }).map(str2 -> {
            return SecurityUserDetails.eliminateRole.apply(str2);
        }).collect(Collectors.toList());
    }

    public static Map<String, Object> parseToken(String str) {
        try {
            return objectMapper.parseMap(JwtHelper.decode(str).getClaims());
        } catch (Exception e) {
            throw new CustomOAuth2Exception(CustomOAuth2Exception.ErrorType.INVALID_TOKEN);
        }
    }

    public static List<String> getAuthoritiesFromClaims(Map<String, Object> map) {
        return (List) Optional.ofNullable(map).filter(map2 -> {
            return map2.containsKey("authorities");
        }).map(map3 -> {
            return map3.get("authorities");
        }).filter(obj -> {
            return obj instanceof List;
        }).map(obj2 -> {
            return (List) obj2;
        }).map(list -> {
            return (List) list.stream().map(obj3 -> {
                return (String) obj3;
            }).collect(Collectors.toList());
        }).orElse(new ArrayList());
    }

    public static List<String> getAuthoritiesFromClient(String str) {
        return (List) Optional.ofNullable(ClientCacheHelper.get(str)).map((v0) -> {
            return v0.getAuthorities();
        }).filter((v0) -> {
            return CollectionUtils.isNotEmpty(v0);
        }).map(list -> {
            return ClientDetail.prefixAuthority.apply(list);
        }).orElse(new ArrayList());
    }

    public static boolean hasSystemRole(Logical logical, String... strArr) {
        boolean z = false;
        for (String str : strArr) {
            z = hasSystemRole(str.trim());
            if (Logical.AND.equals(logical) && !z) {
                return false;
            }
            if (Logical.OR.equals(logical) && z) {
                break;
            }
        }
        return z;
    }

    public static boolean hasSystemRole(String str) {
        Stream<String> stream = getRoles().stream();
        str.getClass();
        return stream.anyMatch((v1) -> {
            return r1.equals(v1);
        });
    }

    public static boolean hasSystemAuthorize(Logical logical, String... strArr) {
        boolean z = false;
        for (String str : strArr) {
            String[] split = str.split(":");
            if (split.length != 2) {
                throw new IllegalArgumentException("Illegal argument");
            }
            String username = getUsername();
            z = hasSystemBtn(username, split[0], split[1]);
            if (!z) {
                z = ((Boolean) Optional.ofNullable(WebContext.getRequest()).map(httpServletRequest -> {
                    String header = httpServletRequest.getHeader(SdkConstants.X_CA_STAGE_HEADER);
                    String header2 = httpServletRequest.getHeader(SdkConstants.X_CA_KEY_HEADER);
                    return Boolean.valueOf(StringUtils.hasLength(header) && StringUtils.hasLength(header2) && hasClientApi(username, header, header2));
                }).orElse(false)).booleanValue();
            }
            if (Logical.OR.equals(logical) && z) {
                break;
            }
        }
        return z;
    }

    public static boolean hasSystemBtn(String str, String str2, String str3) {
        return ((Boolean) Optional.ofNullable(UserResCacheHelper.getList(str)).map(list -> {
            return Boolean.valueOf(list.stream().filter(resource -> {
                return resource.getSn().equals(str2);
            }).anyMatch(resource2 -> {
                return resource2.getButtons().stream().filter(resourceButton -> {
                    return StringUtils.hasLength(resourceButton.getCode());
                }).anyMatch(resourceButton2 -> {
                    return resourceButton2.getCode().equals(str3);
                });
            }));
        }).orElse(false)).booleanValue();
    }

    public static boolean hasClientApi(String str, String str2, String str3) {
        Predicate predicate = list -> {
            return list.stream().map(str4 -> {
                return ClientDetail.eliminateAuthority.apply(str4);
            }).anyMatch(str5 -> {
                return str5.equals(str2 + ":" + str3);
            });
        };
        Optional of = Optional.of(getAuthoritiesFromClient(str));
        predicate.getClass();
        return ((Boolean) of.map((v1) -> {
            return r1.test(v1);
        }).orElse(false)).booleanValue();
    }
}
