package vip.isass.core.web.security.metadata;

import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.util.StrUtil;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerExecutionChain;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
import vip.isass.core.exception.UnifiedException;
import vip.isass.core.exception.code.StatusMessageEnum;
import vip.isass.core.web.security.RoleVo;
import vip.isass.core.web.security.SecurityConst;
import vip.isass.core.web.uri.UriPrefixProvider;

/* loaded from: input_file:vip/isass/core/web/security/metadata/SecurityMetadataSource.class */
public class SecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
    private RequestMappingHandlerMapping requestMappingHandlerMapping;
    private FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource;
    private SecurityMetadataSourceProviderManager securityMetadataSourceProviderManager;
    private List<String> permitUrls;
    private UriPrefixProvider uriPrefixProvider;
    private static final Logger log = LoggerFactory.getLogger(SecurityMetadataSource.class);
    private static final List<String> IGNORE_LOGGING_URI = CollUtil.newArrayList(new String[]{"/error"});

    public SecurityMetadataSource(RequestMappingHandlerMapping requestMappingHandlerMapping, FilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource, SecurityMetadataSourceProviderManager securityMetadataSourceProviderManager, UriPrefixProvider uriPrefixProvider, List<String> list) {
        this.requestMappingHandlerMapping = requestMappingHandlerMapping;
        this.filterInvocationSecurityMetadataSource = filterInvocationSecurityMetadataSource;
        this.securityMetadataSourceProviderManager = securityMetadataSourceProviderManager;
        this.uriPrefixProvider = uriPrefixProvider;
        this.permitUrls = list;
    }

    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return this.filterInvocationSecurityMetadataSource.getAllConfigAttributes();
    }

    public Collection<ConfigAttribute> getAttributes(Object obj) {
        HttpServletRequest request = getRequest(obj);
        Map.Entry<RequestMappingInfo, HandlerMethod> requestMappingInfoAndHandlerMethodEntry = getRequestMappingInfoAndHandlerMethodEntry(request);
        if (requestMappingInfoAndHandlerMethodEntry == null) {
            if (!this.permitUrls.contains(request.getRequestURI())) {
                log.trace("解析不到uri对应的方法：{}", request.getRequestURI());
            }
            return Collections.emptyList();
        }
        String method = request.getMethod();
        Collection<ConfigAttribute> collection = null;
        String mappingUri = getMappingUri(requestMappingInfoAndHandlerMethodEntry, obj);
        requestMappingInfoAndHandlerMethodEntry.getValue();
        Collection<RoleVo> findRolesByUri = this.securityMetadataSourceProviderManager.findRolesByUri(this.uriPrefixProvider.getUriPrefix() + mappingUri, method);
        if (CollUtil.isNotEmpty(findRolesByUri)) {
            collection = (Collection) findRolesByUri.stream().filter((v0) -> {
                return Objects.nonNull(v0);
            }).filter(roleVo -> {
                return StrUtil.isNotBlank(roleVo.getCode());
            }).map(roleVo2 -> {
                return new SecurityConfig(roleVo2.getCode());
            }).collect(Collectors.toList());
        }
        if (collection == null) {
            collection = new HashSet(16);
        }
        collection.addAll(SecurityConst.CONFIG_ATTRIBUTES);
        Collection attributes = this.filterInvocationSecurityMetadataSource.getAttributes(obj);
        CollUtil.addAll(collection, attributes == null ? Collections.emptyList() : attributes);
        if (!IGNORE_LOGGING_URI.contains(request.getRequestURI())) {
            log.debug("访问 {} {} 所需权限：{}", new Object[]{method, request.getRequestURI(), collection});
        }
        return collection;
    }

    public boolean supports(Class<?> cls) {
        return FilterInvocation.class.isAssignableFrom(cls);
    }

    private String getMappingUri(Map.Entry<RequestMappingInfo, HandlerMethod> entry, Object obj) {
        if (entry != null) {
            return ((String) entry.getKey().getPatternsCondition().getPatterns().iterator().next()).trim();
        }
        if (obj instanceof FilterInvocation) {
            return ((FilterInvocation) obj).getRequestUrl();
        }
        throw new UnifiedException(StatusMessageEnum.URI_PARSE_ERROR);
    }

    private HttpServletRequest getRequest(Object obj) {
        if (obj instanceof FilterInvocation) {
            return ((FilterInvocation) obj).getRequest();
        }
        return null;
    }

    private Map.Entry<RequestMappingInfo, HandlerMethod> getRequestMappingInfoAndHandlerMethodEntry(HttpServletRequest httpServletRequest) {
        try {
            HandlerExecutionChain handler = this.requestMappingHandlerMapping.getHandler(httpServletRequest);
            if (handler == null) {
                return null;
            }
            Object handler2 = handler.getHandler();
            for (Map.Entry<RequestMappingInfo, HandlerMethod> entry : this.requestMappingHandlerMapping.getHandlerMethods().entrySet()) {
                if (entry.getValue().toString().equals(handler2.toString())) {
                    return entry;
                }
            }
            return null;
        } catch (Exception e) {
            return null;
        }
    }
}
