package cn.gtmap.gtc.starter.gscas.annotation;

import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.security.oauth2.resource.UserInfoRestTemplateFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@Aspect
/* loaded from: input_file:BOOT-INF/lib/gtmap-security-cloud-app-starter-1.2.11.jar:cn/gtmap/gtc/starter/gscas/annotation/ModuleAuthorityAspect.class */
public class ModuleAuthorityAspect {
    static final Logger log = LoggerFactory.getLogger((Class<?>) ModuleAuthorityAspect.class);
    private OAuth2RestTemplate template;
    private String clientId;
    private String authPath;

    public ModuleAuthorityAspect(ApplicationContext applicationContext, String str, String str2) {
        this.clientId = str;
        if (str2 == null || str2.endsWith("/")) {
            this.authPath = str2;
        } else {
            this.authPath = str2 + "/";
        }
        this.template = ((UserInfoRestTemplateFactory) applicationContext.getBean(UserInfoRestTemplateFactory.class)).getUserInfoRestTemplate();
    }

    @Pointcut("@annotation(authorityActuator)")
    public void AuthorityAspect(ModuleAuthority moduleAuthority) {
    }

    @Before("AuthorityAspect(authorityActuator)")
    public void doBefore(JoinPoint joinPoint, ModuleAuthority moduleAuthority) {
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        if (!StringUtils.isEmpty(moduleAuthority.code())) {
            if (!isEmptyCurrentAuthority(request)) {
                String[] split = ((String) request.getAttribute("currentAuthority")).split(":");
                if (moduleAuthority.code().equals(split[0]) || "all".equals(split[0])) {
                    return;
                }
            }
            setModuleCurrentAuthority(request, moduleAuthority.code());
            return;
        }
        if (!StringUtils.isEmpty(moduleAuthority.path())) {
            setUrlCurrentAuthority(request, moduleAuthority.path(), moduleAuthority.method());
            return;
        }
        if (isEmptyCurrentAuthority(request)) {
            StringBuilder sb = new StringBuilder();
            if (request.getServletPath() != null) {
                sb.append(request.getServletPath());
                if (request.getPathInfo() != null) {
                    sb.append(request.getPathInfo());
                }
            }
            setUrlCurrentAuthority(request, sb.toString(), request.getMethod());
        }
    }

    private boolean isEmptyCurrentAuthority(HttpServletRequest httpServletRequest) {
        return StringUtils.isEmpty(httpServletRequest.getAttribute("currentAuthority"));
    }

    private void setModuleCurrentAuthority(HttpServletRequest httpServletRequest, String str) {
        if (SecurityContextHolder.getContext().getAuthentication() == null) {
            httpServletRequest.setAttribute("currentAuthority", "");
            return;
        }
        String name = SecurityContextHolder.getContext().getAuthentication().getName();
        if ("anonymousUser".equals(name)) {
            httpServletRequest.setAttribute("currentAuthority", "");
            return;
        }
        StringBuilder sb = new StringBuilder(this.authPath);
        sb.append("auth/menu/module-authority?username=").append(name).append("&moduleCode=").append(str).append("&clientId=").append(this.clientId);
        Map map = (Map) this.template.getForObject(sb.toString(), Map.class, new Object[0]);
        httpServletRequest.setAttribute("currentAuthority", map.get("root"));
        httpServletRequest.setAttribute("elementAuthorities", map.get("elements"));
        if (log.isDebugEnabled()) {
            log.debug("set currentAuthority ==>" + map);
        }
    }

    private void setUrlCurrentAuthority(HttpServletRequest httpServletRequest, String str, String str2) {
        if (SecurityContextHolder.getContext().getAuthentication() == null) {
            httpServletRequest.setAttribute("currentAuthority", "");
            return;
        }
        String name = SecurityContextHolder.getContext().getAuthentication().getName();
        if ("anonymousUser".equals(name)) {
            httpServletRequest.setAttribute("currentAuthority", "");
            return;
        }
        if (StringUtils.isEmpty(str2)) {
            str2 = "GET";
        }
        StringBuilder sb = new StringBuilder(this.authPath);
        sb.append("auth/menu/url-authority?username=").append(name).append("&path=").append(str).append("&clientId=").append(this.clientId).append("&method=").append(str2.toUpperCase());
        Map map = (Map) this.template.getForObject(sb.toString(), Map.class, new Object[0]);
        httpServletRequest.setAttribute("currentAuthority", map.get("root"));
        httpServletRequest.setAttribute("elementAuthorities", map.get("elements"));
        if (log.isDebugEnabled()) {
            log.debug("set currentAuthority ==>" + map);
        }
    }
}
