package org.wu.framework.authorization.web.interceptors;

import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.web.method.HandlerMethod;
import org.wu.framework.authorization.annotation.RequiredRole;
import org.wu.framework.authorization.config.pro.AuthorizationProperties;
import org.wu.framework.authorization.login.ILoginService;
import org.wu.framework.authorization.login.UserDetailsService;
import org.wu.framework.authorization.model.UserDetails;
import org.wu.framework.authorization.util.ShiroSessionContextUtil;
import org.wu.framework.core.utils.ObjectUtils;

@ConditionalOnProperty(prefix = AuthorizationProperties.AUTHORIZATION_PREFIX, name = {"verification"}, havingValue = "TOKEN", matchIfMissing = true)
/* loaded from: input_file:org/wu/framework/authorization/web/interceptors/AccessPermissionInterceptorAbstract.class */
public class AccessPermissionInterceptorAbstract extends AbstractAuthorizationHandlerInterceptorAbstract {
    private static final Logger log = LoggerFactory.getLogger(AccessPermissionInterceptorAbstract.class);
    private final AuthorizationProperties authorizationProperties;
    private final ILoginService iLoginService;
    private final UserDetailsService userDetailsService;

    public AccessPermissionInterceptorAbstract(AuthorizationProperties authorizationProperties, ILoginService iLoginService, UserDetailsService userDetailsService) {
        super(authorizationProperties);
        this.authorizationProperties = authorizationProperties;
        this.iLoginService = iLoginService;
        this.userDetailsService = userDetailsService;
    }

    @Override // org.wu.framework.authorization.web.interceptors.AbstractAuthorizationHandlerInterceptorAbstract
    public boolean doHasPermission(HttpServletRequest httpServletRequest, HandlerMethod handlerMethod) {
        httpServletRequest.getSession(true).getAttribute(ShiroSessionContextUtil.SESSION_USER_ID);
        String header = httpServletRequest.getHeader(this.authorizationProperties.getTokenName());
        if (ObjectUtils.isEmpty(header)) {
            log.error("获取请求头中令牌失败请求地址:==>" + httpServletRequest.getRequestURI());
            return false;
        }
        RequiredRole requiredRole = (RequiredRole) handlerMethod.getMethod().getAnnotation(RequiredRole.class);
        if (requiredRole == null) {
            requiredRole = (RequiredRole) handlerMethod.getMethod().getDeclaringClass().getAnnotation(RequiredRole.class);
        }
        UserDetails userDetails = (UserDetails) this.iLoginService.user(header);
        if (requiredRole == null) {
            return userDetails != null;
        }
        UserDetails loadUserByUsername = this.userDetailsService.loadUserByUsername(userDetails.getUsername());
        cacheAuthorization(loadUserByUsername);
        httpServletRequest.setAttribute(AbstractAuthorizationHandlerInterceptorAbstract.REQUEST_TOKEN_USER_ATTR_KEY, loadUserByUsername);
        httpServletRequest.setAttribute(AbstractAuthorizationHandlerInterceptorAbstract.REQUEST_TOKEN_USER_ID_ATTR_KEY, loadUserByUsername.getId());
        if (ObjectUtils.isEmpty(loadUserByUsername.getRoleSignList())) {
            return false;
        }
        if (!ObjectUtils.isEmpty(requiredRole.orRoles())) {
            for (String str : requiredRole.orRoles()) {
                if (loadUserByUsername.getRoleSignList().contains(str)) {
                    return true;
                }
            }
        }
        if (ObjectUtils.isEmpty(requiredRole.roles())) {
            return true;
        }
        for (String str2 : requiredRole.roles()) {
            if (!loadUserByUsername.getRoleSignList().contains(str2)) {
                return false;
            }
        }
        return true;
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
    }

    @Override // org.wu.framework.authorization.web.interceptors.AbstractAuthorizationHandlerInterceptorAbstract
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        super.afterCompletion(httpServletRequest, httpServletResponse, obj, exc);
    }
}
