package com.sxy.web.plugin.auth;

import com.sxy.web.core.BizException;
import com.sxy.web.core.ReturnCode;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.lang.Nullable;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

@Configuration
/* loaded from: input_file:com/sxy/web/plugin/auth/AuthTokenInterceptor.class */
public class AuthTokenInterceptor implements WebMvcConfigurer {
    private static final Logger log = LoggerFactory.getLogger(AuthTokenInterceptor.class);
    private final AuthReadApi authReadApi;

    @Autowired
    public AuthTokenInterceptor(AuthReadApi authReadApi) {
        this.authReadApi = authReadApi;
        log.info("FastWeb: AuthTokenInterceptor init@{}", authReadApi.getClass().getName());
    }

    public void addInterceptors(InterceptorRegistry interceptorRegistry) {
        interceptorRegistry.addInterceptor(handlerInterceptor());
    }

    public HandlerInterceptor handlerInterceptor() {
        return new HandlerInterceptor() { // from class: com.sxy.web.plugin.auth.AuthTokenInterceptor.1
            public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
                if (!(obj instanceof HandlerMethod)) {
                    return true;
                }
                HandlerMethod handlerMethod = (HandlerMethod) obj;
                String str = null;
                try {
                    AuthInfo authInfo = new AuthInfo();
                    AuthContext.putAuthInfo(authInfo);
                    str = AuthTokenInterceptor.this.authReadApi.readAuthInfo(httpServletRequest);
                    authInfo.setAuthInfo(str);
                    authInfo.setPermissions(AuthTokenInterceptor.this.authReadApi.getPermissions(str));
                    authInfo.setIdentifier(AuthTokenInterceptor.this.authReadApi.getIdentifier(str));
                } catch (Exception e) {
                }
                Auth auth = (Auth) handlerMethod.getMethodAnnotation(Auth.class);
                if (auth == null) {
                    return true;
                }
                try {
                    if (AuthTokenInterceptor.this.authReadApi.hasPermission(str, auth.needPermissions())) {
                        return true;
                    }
                    throw BizException.newInstance(ReturnCode.ReturnCodeEnum.AUTH_FAIL);
                } catch (Exception e2) {
                    throw BizException.newInstance(ReturnCode.ReturnCodeEnum.AUTH_FAIL);
                }
            }

            public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, @Nullable Exception exc) throws Exception {
                AuthContext.removeAuthInfo();
            }
        };
    }
}
