package com.gccloud.starter.cloud.security.shiro;

import com.gccloud.starter.cloud.security.feign.IUserFeignService;
import com.gccloud.starter.common.config.GlobalConfig;
import com.gccloud.starter.common.entity.SysMenuEntity;
import com.gccloud.starter.common.exception.GlobalException;
import com.gccloud.starter.common.module.user.vo.SysCurrentUserVO;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;

@ConditionalOnProperty(prefix = "gc.starter.cloud.component", name = {"CloudStarterShiroAuthRealm"}, havingValue = "CloudStarterShiroAuthRealm", matchIfMissing = true)
@Component
/* loaded from: input_file:com/gccloud/starter/cloud/security/shiro/CloudStarterShiroAuthRealm.class */
public class CloudStarterShiroAuthRealm extends AuthorizingRealm {
    private static final Logger log = LoggerFactory.getLogger(CloudStarterShiroAuthRealm.class);

    @Resource
    private GlobalConfig globalConfig;

    @Resource
    private UserContext userContext;

    @Resource
    private IUserFeignService userFeignService;

    @PostConstruct
    public void initTip() {
        log.info("----------------------------------------");
        log.info("初始化 CloudStarter Shiro认证逻辑");
        log.info("----------------------------------------");
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof ShiroAuthToken;
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        CurrentUser currentUser = (CurrentUser) principalCollection.getPrimaryPrincipal();
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setStringPermissions(currentUser.getPermissions());
        simpleAuthorizationInfo.setRoles(currentUser.getRoleCodeList());
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String str = (String) authenticationToken.getPrincipal();
        if (StringUtils.isBlank(str)) {
            throw new GlobalException("未登录", 401);
        }
        Claims claims = (Claims) Jwts.parser().setSigningKey(this.globalConfig.getJwt().getSecret()).setAllowedClockSkewSeconds(System.currentTimeMillis()).parseClaimsJws(str).getBody();
        return new SimpleAuthenticationInfo(this.userContext.get((String) claims.get("uid", String.class), str2 -> {
            List<SysMenuEntity> navList = this.userFeignService.getNavList(this.globalConfig.getModule().getModuleCode());
            log.debug("当前用户权限:{}", navList.toString());
            SysCurrentUserVO currentUser = this.userFeignService.getCurrentUser();
            log.debug("当前登录用户:{}", currentUser);
            CurrentUser currentUser2 = new CurrentUser();
            currentUser2.setId(currentUser.getId());
            currentUser2.setName(currentUser.getUsername());
            currentUser2.setOrgId(currentUser.getOrgId());
            currentUser2.setRealName(currentUser.getRealName());
            currentUser2.setTenantId((String) claims.get("tid", String.class));
            HashSet hashSet = new HashSet();
            navList.forEach(sysMenuEntity -> {
                if (2 == sysMenuEntity.getType().intValue()) {
                    String permissions = sysMenuEntity.getPermissions();
                    if (StringUtils.isBlank(permissions)) {
                        return;
                    }
                    hashSet.addAll((Collection) Arrays.stream(permissions.split(",")).collect(Collectors.toSet()));
                }
            });
            currentUser2.setPermissions(hashSet);
            return currentUser2;
        }), str, getName());
    }
}
