package com.bootbase.handler;

import com.auth0.jwt.JWTExpiredException;
import com.bootbase.annotation.PassSecure;
import com.bootbase.api.Result;
import com.bootbase.config.SpringContentUtils;
import com.bootbase.consts.DefaultConsts;
import com.bootbase.consts.ErrorCode;
import com.bootbase.consts.HeaderConsts;
import com.bootbase.domain.BaseHttp;
import com.bootbase.exception.BaseException;
import com.bootbase.util.JwtUtils;
import com.bootbase.util.ObjectId;
import com.bootbase.util.StringUtils;
import java.lang.reflect.Method;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

@Component
/* loaded from: input_file:com/bootbase/handler/BaseHandlerInterceptor.class */
public class BaseHandlerInterceptor extends HandlerInterceptorAdapter {

    @Autowired
    private ThreadLocal<BaseHttp> baseHttpThreadLocal;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (httpServletRequest.getMethod().equals("OPTIONS")) {
            httpServletResponse.setStatus(200);
            return true;
        }
        this.baseHttpThreadLocal.set(new BaseHttp(httpServletRequest, httpServletResponse));
        setHeader(httpServletRequest, httpServletResponse);
        securtJwt(httpServletRequest, obj);
        return true;
    }

    private void setHeader(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str = (String) httpServletRequest.getAttribute(HeaderConsts.REQUEST_ID_KEY);
        httpServletRequest.setAttribute(HeaderConsts.REQUEST_ID_KEY, StringUtils.isNotEmpty(str) ? new StringBuffer(20).append(ObjectId.get().toString()).append("-").append(str).toString() : ObjectId.get().toString());
        String id = httpServletRequest.getSession().getId();
        if (StringUtils.isNotEmpty(id)) {
            httpServletResponse.addHeader(HeaderConsts.SESSION_ID_KEY, id);
        }
        httpServletResponse.setContentType(HeaderConsts.DEFAULT_CONTENT_TYPE_KEY);
        if (httpServletResponse.getContentType().equalsIgnoreCase("application/json")) {
            httpServletResponse.setContentType(HeaderConsts.DEFAULT_CONTENT_TYPE_KEY);
        }
        httpServletResponse.addHeader("Access-Control-Allow-Origin", "*");
        httpServletResponse.addHeader(HeaderConsts.ACCESS_CONTROL_EXPOSE_HEADERS_KEY, HeaderConsts.ACCESS_CONTROL_EXPOSE_HEADERS_VALUE);
        if (httpServletRequest.getMethod().equalsIgnoreCase("OPTIONS")) {
            httpServletResponse.setHeader(HeaderConsts.ACCESS_CONTROL_ALLOW_METHODS_KEY, HeaderConsts.ACCESS_CONTROL_ALLOW_METHODS_VALUE);
            httpServletResponse.setHeader(HeaderConsts.ACCESS_CONTROL_MAX_AGE_KEY, HeaderConsts.ACCESS_CONTROL_MAX_AGE_VALUE);
        }
    }

    private void securtJwt(HttpServletRequest httpServletRequest, Object obj) {
        if ((obj instanceof HandlerMethod) && !DefaultConsts.MODE.DEV.getProfile().equalsIgnoreCase(SpringContentUtils.getActiveProfile())) {
            Method method = ((HandlerMethod) obj).getMethod();
            if (method.isAnnotationPresent(PassSecure.class) && ((PassSecure) method.getAnnotation(PassSecure.class)).required()) {
                return;
            }
            String trim = StringUtils.trim(StringUtils.substringAfter(httpServletRequest.getHeader("authorization"), "Bearer"));
            Result result = new Result();
            result.setCodeWithDefaultMsg(ErrorCode.CLIENT_AUTH_ERROR);
            if (StringUtils.isEmpty(trim)) {
                unauthorized(result);
                return;
            }
            try {
                String valueOf = String.valueOf(JwtUtils.verify(trim).get("aud"));
                httpServletRequest.setAttribute("requestLogCustomData", "[USER-" + valueOf + "]");
                httpServletRequest.setAttribute("aud", valueOf);
            } catch (Exception e) {
                if (e instanceof JWTExpiredException) {
                    result.setCodeWithDefaultMsg(ErrorCode.CLIENT_AUTH_TOKEN_EXPIRED);
                    unauthorized(result);
                }
                result.setCodeWithDefaultMsg(ErrorCode.CLIENT_AUTH_ERROR);
                unauthorized(result);
            }
        }
    }

    private void unauthorized(Result result) {
        throw new BaseException(HttpStatus.UNAUTHORIZED, result.getCode(), result.getMessage());
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
        httpServletRequest.getSession().invalidate();
        if (this.baseHttpThreadLocal != null) {
            this.baseHttpThreadLocal.remove();
        }
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }
}
