package tech.corefinance.common.service;

import jakarta.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import tech.corefinance.common.annotation.InternalApi;
import tech.corefinance.common.context.JwtContext;
import tech.corefinance.common.enums.CommonConstants;
import tech.corefinance.common.model.AbstractInternalServiceConfig;
import tech.corefinance.common.repository.InternalServiceConfigRepository;

@Service
/* loaded from: input_file:tech/corefinance/common/service/InternalApiVerifyImpl.class */
public class InternalApiVerifyImpl implements InternalApiVerify {
    private static final Logger log = LoggerFactory.getLogger(InternalApiVerifyImpl.class);

    @Autowired
    private InternalServiceConfigRepository internalServiceConfigRepository;

    @Override // tech.corefinance.common.service.InternalApiVerify
    public boolean internalPermissionCheck(Class<?> cls, Method method, HttpServletRequest httpServletRequest) {
        InternalApi internalApi = (InternalApi) method.getAnnotation(InternalApi.class);
        if (internalApi == null) {
            internalApi = (InternalApi) cls.getAnnotation(InternalApi.class);
        }
        if (internalApi == null) {
            return true;
        }
        if (internalApi.needAuthenToken() && JwtContext.getInstance().getJwt() == null) {
            throw new AccessDeniedException("no_authen_token_found");
        }
        String header = httpServletRequest.getHeader(CommonConstants.HEADER_KEY_INTERNAL_API_KEY);
        if (!StringUtils.hasText(header)) {
            throw new AccessDeniedException("no_internal_key_found");
        }
        log.debug("Received call from service [{}]", (AbstractInternalServiceConfig) this.internalServiceConfigRepository.findFirstByApiKeyAndActivatedOrderByLastModifiedDateDesc(header, true).orElseThrow(() -> {
            return new AccessDeniedException("invalid_internal_api_key");
        }));
        return true;
    }
}
