package plus.easydo.starter.oauth.server.exception;

import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.InternalAuthenticationServiceException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.DefaultThrowableAnalyzer;
import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.common.exceptions.UnsupportedGrantTypeException;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.web.util.ThrowableAnalyzer;
import org.springframework.web.HttpRequestMethodNotSupportedException;
import plus.easydo.core.result.DataResult;
import plus.easydo.starter.oauth.core.exception.CustomizeOAuth2Exception;

/* loaded from: input_file:plus/easydo/starter/oauth/server/exception/CustomizeOauth2WebResponseExceptionTranslator.class */
public class CustomizeOauth2WebResponseExceptionTranslator implements WebResponseExceptionTranslator<OAuth2Exception> {
    private static final String UNSUPPORTED_GRANT_TYPE = "Unsupported grant type";
    private static final String BAD_CREDENTIALS = "Bad credentials";
    private final ThrowableAnalyzer throwableAnalyzer = new DefaultThrowableAnalyzer();

    public ResponseEntity<OAuth2Exception> translate(Exception exc) {
        Exception exc2 = (Exception) this.throwableAnalyzer.getFirstThrowableOfType(Exception.class, this.throwableAnalyzer.determineCauseChain(exc));
        if (exc2 instanceof InternalAuthenticationServiceException) {
            return handleOauth2Exception(new CustomizeOAuth2Exception("内部认证服务异常:" + exc.getMessage()));
        }
        if (exc2 instanceof UnsupportedGrantTypeException) {
            return handleOauth2Exception(new CustomizeOAuth2Exception("不支持的验证方式", exc2));
        }
        if (!(exc2 instanceof InvalidGrantException)) {
            return exc2 instanceof AccessDeniedException ? handleOauth2Exception(new CustomizeOAuth2Exception("拒绝被访问:" + exc.getMessage(), exc2)) : exc2 instanceof AuthenticationException ? handleOauth2Exception(new CustomizeOAuth2Exception("验证异常:" + exc.getMessage())) : exc2 instanceof OAuth2Exception ? handleOauth2Exception((OAuth2Exception) exc2) : exc2 instanceof HttpRequestMethodNotSupportedException ? handleOauth2Exception(new CustomizeOAuth2Exception(exc2.getMessage(), exc2)) : handleOauth2Exception(new CustomizeOAuth2Exception(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase(), exc2));
        }
        String message = exc2.getMessage();
        return message.contains(UNSUPPORTED_GRANT_TYPE) ? handleOauth2Exception(new CustomizeOAuth2Exception("不支持的验证方式", exc2)) : message.contains(BAD_CREDENTIALS) ? handleOauth2Exception(new CustomizeOAuth2Exception("账号或密码错误", exc2)) : handleOauth2Exception(new CustomizeOAuth2Exception("请求类型或参数错误:" + exc.getMessage(), exc2));
    }

    private ResponseEntity<OAuth2Exception> handleOauth2Exception(OAuth2Exception oAuth2Exception) {
        int httpErrorCode = oAuth2Exception.getHttpErrorCode();
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.set("Content-Type", "application/json;charset=UTF-8");
        if (httpErrorCode == HttpStatus.UNAUTHORIZED.value() || (oAuth2Exception instanceof InsufficientScopeException)) {
            httpHeaders.set("WWW-Authenticate", String.format("%s %s", "Bearer", oAuth2Exception.getSummary()));
        }
        return new ResponseEntity<>(DataResult.fail(httpErrorCode, oAuth2Exception.getMessage()), httpHeaders, HttpStatus.valueOf(httpErrorCode));
    }
}
