package top.dcenter.ums.security.core.auth.controller;

import java.util.Map;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.savedrequest.SavedRequest;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import top.dcenter.ums.security.core.api.controller.BaseSecurityController;
import top.dcenter.ums.security.core.consts.SecurityConstants;
import top.dcenter.ums.security.core.enums.ErrorCodeEnum;
import top.dcenter.ums.security.core.exception.IllegalAccessUrlException;
import top.dcenter.ums.security.core.properties.ClientProperties;

@ResponseBody
/* loaded from: input_file:top/dcenter/ums/security/core/auth/controller/ClientSecurityController.class */
public class ClientSecurityController implements BaseSecurityController {
    private static final Logger log = LoggerFactory.getLogger(ClientSecurityController.class);
    public static final String URL_REGEX = "^.*://[^/]*(/.*$)";
    public static final String URI_$1 = "$1";
    private final ClientProperties clientProperties;
    private final Map<String, String> authRedirectUrls;
    private final RequestCache requestCache = new HttpSessionRequestCache();
    private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
    private final AntPathMatcher pathMatcher = new AntPathMatcher();

    public ClientSecurityController(ClientProperties clientProperties) {
        this.clientProperties = clientProperties;
        this.authRedirectUrls = (Map) clientProperties.getAuthRedirectSuffixCondition().stream().map(str -> {
            return str.split(SecurityConstants.KEY_VALUE_SEPARATOR);
        }).collect(Collectors.toMap(strArr -> {
            return strArr[0];
        }, strArr2 -> {
            return strArr2[1];
        }));
    }

    @Override // top.dcenter.ums.security.core.api.controller.BaseSecurityController
    @RequestMapping({SecurityConstants.DEFAULT_UN_AUTHENTICATION_URL})
    @ConditionalOnProperty(prefix = "security.client", name = {"login_un_authentication_url"}, havingValue = SecurityConstants.DEFAULT_UN_AUTHENTICATION_URL)
    public void requireAuthentication(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            SavedRequest request = this.requestCache.getRequest(httpServletRequest, httpServletResponse);
            if (request != null) {
                String redirectUrl = request.getRedirectUrl();
                if (StringUtils.isNotBlank(redirectUrl)) {
                    String replaceFirst = redirectUrl.replaceFirst(URL_REGEX, URI_$1);
                    for (Map.Entry<String, String> entry : this.authRedirectUrls.entrySet()) {
                        if (this.pathMatcher.match(entry.getKey(), replaceFirst)) {
                            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, entry.getValue());
                            return;
                        }
                    }
                }
            }
            this.redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, this.clientProperties.getLoginPage());
        } catch (Exception e) {
            String requestURI = httpServletRequest.getRequestURI();
            String remoteAddr = httpServletRequest.getRemoteAddr();
            log.error(String.format("IllegalAccessUrlException: ip={}, uri={}, sid={}, error={}", remoteAddr, requestURI, httpServletRequest.getSession(true).getId(), e.getMessage()), e);
            throw new IllegalAccessUrlException(ErrorCodeEnum.SERVER_ERROR, requestURI, remoteAddr);
        }
    }
}
