package net.ymate.module.oauth.web.intercept;

import javax.servlet.http.HttpServletRequest;
import net.ymate.module.oauth.IOAuth;
import net.ymate.module.oauth.IOAuthScopeProcessor;
import net.ymate.module.oauth.OAuth;
import net.ymate.module.oauth.OAuthEvent;
import net.ymate.module.oauth.annotation.OAuthScope;
import net.ymate.module.oauth.base.OAuthClientUserBean;
import net.ymate.platform.core.beans.intercept.AbstractInterceptor;
import net.ymate.platform.core.beans.intercept.InterceptContext;
import net.ymate.platform.webmvc.context.WebContext;
import net.ymate.platform.webmvc.view.impl.HttpStatusView;
import org.apache.commons.lang.StringUtils;
import org.apache.oltu.oauth2.common.message.OAuthResponse;

/* loaded from: input_file:net/ymate/module/oauth/web/intercept/UserAccessTokenCheckInterceptor.class */
public class UserAccessTokenCheckInterceptor extends AbstractInterceptor {
    protected Object __before(InterceptContext interceptContext) throws Exception {
        IOAuthScopeProcessor scopeProcessor;
        HttpServletRequest request = WebContext.getRequest();
        OAuthScope annotation = interceptContext.getTargetMethod().getAnnotation(OAuthScope.class);
        OAuthResponse checkUserAccessToken = OAuth.get().checkUserAccessToken(request, annotation != null ? annotation.value() : null);
        if (checkUserAccessToken == null && annotation != null) {
            if (StringUtils.isBlank(annotation.value())) {
                checkUserAccessToken = OAuth.get().getModuleCfg().getErrorAdapter().onError(IOAuth.ErrorType.INVALID_SCOPE);
            } else if (annotation.automatic()) {
                OAuthClientUserBean oAuthClientUserBean = (OAuthClientUserBean) request.getAttribute(OAuthClientUserBean.class.getName());
                if (oAuthClientUserBean != null && (scopeProcessor = OAuth.get().getScopeProcessor(annotation.value())) != null) {
                    if (!scopeProcessor.isInited()) {
                        scopeProcessor.init(OAuth.get());
                    }
                    checkUserAccessToken = scopeProcessor.process(request, oAuthClientUserBean);
                    interceptContext.getOwner().getEvents().fireEvent(new OAuthEvent(OAuth.get(), OAuthEvent.EVENT.SCOPE_PROCESSOR).setEventSource(annotation.value()).addParamExtend(OAuthClientUserBean.class.getName(), oAuthClientUserBean));
                }
                if (checkUserAccessToken == null) {
                    checkUserAccessToken = OAuth.get().getModuleCfg().getErrorAdapter().onError(IOAuth.ErrorType.INVALID_REQUEST);
                }
            }
        }
        if (checkUserAccessToken != null) {
            return new HttpStatusView(checkUserAccessToken.getResponseStatus(), false).writeBody(checkUserAccessToken.getBody());
        }
        return null;
    }

    protected Object __after(InterceptContext interceptContext) {
        return null;
    }
}
