package team.sailboat.commons.ms.ac_api;

import java.lang.annotation.Annotation;
import java.lang.reflect.Method;
import javax.security.sasl.AuthenticationException;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import team.sailboat.commons.fan.app.AppContext;
import team.sailboat.commons.fan.collection.XC;
import team.sailboat.commons.fan.file.FileUtils;
import team.sailboat.commons.fan.lang.Assert;
import team.sailboat.commons.ms.cors.CORSFilter;

@Aspect
@Component
/* loaded from: input_file:team/sailboat/commons/ms/ac_api/ApiAccessControlAspect.class */
public class ApiAccessControlAspect {
    final Logger mLogger = LoggerFactory.getLogger(ApiAccessControlAspect.class);
    IApiPredicate mApiPred;

    public ApiAccessControlAspect(IApiPredicate iApiPredicate) {
        this.mApiPred = iApiPredicate;
    }

    @Around("@annotation(com.cimstech.ms.common.ac_api.ProtectedApi)")
    public Object check(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication == null) {
            throw new AuthenticationException("未提供合法认证信息！");
        }
        Object principal = authentication.getPrincipal();
        if (principal == null || !(principal instanceof String)) {
            throw new AuthenticationException("未提供合法认证信息！");
        }
        if ("anonymousUser".equals(principal)) {
            throw new AuthenticationException("未提供合法认证信息！");
        }
        String str = (String) authentication.getDetails();
        Class<?> cls = proceedingJoinPoint.getTarget().getClass();
        RequestMapping annotation = cls.getAnnotation(RequestMapping.class);
        String str2 = CORSFilter.DEFAULT_EXPOSED_HEADERS;
        if (annotation != null) {
            String[] value = annotation.value();
            if (XC.isNotEmpty(value)) {
                str2 = value[0];
            }
        }
        Method method = proceedingJoinPoint.getSignature().getMethod();
        RequestMapping[] annotations = method.getAnnotations();
        String[] strArr = null;
        String[] strArr2 = null;
        if (XC.isNotEmpty(annotations)) {
            int length = annotations.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                RequestMapping requestMapping = annotations[i];
                Class<? extends Annotation> annotationType = requestMapping.annotationType();
                if (PostMapping.class.equals(annotationType)) {
                    strArr = ((PostMapping) requestMapping).value();
                    if (XC.isEmpty(strArr)) {
                        strArr = ((PostMapping) requestMapping).path();
                    }
                    strArr2 = new String[]{HttpMethod.POST.name()};
                } else if (GetMapping.class.equals(annotationType)) {
                    strArr = ((GetMapping) requestMapping).value();
                    if (XC.isEmpty(strArr)) {
                        strArr = ((GetMapping) requestMapping).path();
                    }
                    strArr2 = new String[]{HttpMethod.GET.name()};
                } else if (PutMapping.class.equals(annotationType)) {
                    strArr = ((PutMapping) requestMapping).value();
                    if (XC.isEmpty(strArr)) {
                        strArr = ((PutMapping) requestMapping).path();
                    }
                    strArr2 = new String[]{HttpMethod.PUT.name()};
                } else if (DeleteMapping.class.equals(annotationType)) {
                    strArr = ((DeleteMapping) requestMapping).value();
                    if (XC.isEmpty(strArr)) {
                        strArr = ((DeleteMapping) requestMapping).path();
                    }
                    strArr2 = new String[]{HttpMethod.DELETE.name()};
                } else if (PatchMapping.class.equals(annotationType)) {
                    strArr = ((PatchMapping) requestMapping).value();
                    if (XC.isEmpty(strArr)) {
                        strArr = ((PatchMapping) requestMapping).path();
                    }
                    strArr2 = new String[]{HttpMethod.PATCH.name()};
                } else if (RequestMapping.class.equals(annotationType)) {
                    strArr = requestMapping.value();
                    if (XC.isEmpty(strArr)) {
                        strArr = requestMapping.path();
                    }
                    strArr2 = (String[]) XC.extract(requestMapping.method(), (v0) -> {
                        return v0.name();
                    }, String.class);
                } else {
                    i++;
                }
            }
        }
        Assert.notNull(strArr, "没有在方法%1$s.%2$s上找到RequestMapping相关注解!", new Object[]{cls.getName(), method.getName()});
        boolean z = false;
        String[] strArr3 = strArr;
        int length2 = strArr3.length;
        int i2 = 0;
        loop1: while (true) {
            if (i2 >= length2) {
                break;
            }
            String deflatePath = deflatePath(FileUtils.getPath(str2, strArr3[i2]));
            for (String str3 : strArr2) {
                if (this.mApiPred.appCanVisitApi(str, deflatePath + str3)) {
                    z = true;
                    break loop1;
                }
            }
            i2++;
        }
        if (!z) {
            throw new AuthenticationException("未获得调用此API的授权！");
        }
        try {
            AppContext.setThreadLocal("ApiGuard:appId", str);
            Object proceed = proceedingJoinPoint.proceed(proceedingJoinPoint.getArgs());
            AppContext.removeThreadLocal("ApiGuard:appId");
            return proceed;
        } catch (Throwable th) {
            AppContext.removeThreadLocal("ApiGuard:appId");
            throw th;
        }
    }

    public static String deflatePath(String str) {
        StringBuilder sb = new StringBuilder();
        int length = str.length();
        int i = 0;
        while (i < length) {
            char charAt = str.charAt(i);
            if (charAt != '/') {
                sb.append(charAt);
            } else if (i < length - 1) {
                sb.append(Character.toUpperCase(str.charAt(i + 1)));
                i++;
            }
            i++;
        }
        return sb.toString();
    }
}
