package org.njgzr.security.base.realm;

import javax.annotation.PostConstruct;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.njgzr.security.base.AuthorizedUser;
import org.njgzr.security.base.token.JWTToken;
import org.njgzr.security.credential.JWTCredentialsMatcher;
import org.njgzr.security.interfaces.SecurityService;
import org.njgzr.security.service.JwtService;
import org.njgzr.security.utils.JWTUtil;
import org.njgzr.security.utils.SecurityUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:org/njgzr/security/base/realm/JWTRealm.class */
public class JWTRealm extends AuthorizingRealm {

    @Autowired
    private JwtService jwtService;

    @Autowired
    private SecurityService securityService;

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof JWTToken;
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        AuthorizedUser currentUser = SecurityUtil.getCurrentUser();
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        if (null != currentUser.getStringRoles()) {
            simpleAuthorizationInfo.addRoles(currentUser.getStringRoles());
        }
        if (null != currentUser.getStringPermissions()) {
            simpleAuthorizationInfo.addStringPermissions(currentUser.getStringPermissions());
        }
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        String val = ((JWTToken) authenticationToken).getVal();
        AuthorizedUser findByPrincipal = this.securityService.findByPrincipal(JWTUtil.getUsername(val));
        if (findByPrincipal == null) {
            throw new AuthenticationException("token过期，请重新登录");
        }
        return new SimpleAuthenticationInfo(findByPrincipal, val, getName());
    }

    @PostConstruct
    private void initCredentialsMatcher() {
        setCredentialsMatcher(new JWTCredentialsMatcher(this.jwtService));
    }
}
