package com.ebaiyihui.server.interceptor;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.ebaiyihui.common.enums.ErrorEnum;
import com.ebaiyihui.common.pojo.annotation.AccessCheck;
import com.ebaiyihui.framework.response.BaseResponse;
import com.ebaiyihui.server.service.IAccessTokenService;
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.Method;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:BOOT-INF/classes/com/ebaiyihui/server/interceptor/ApiAccessInterceptor.class */
public class ApiAccessInterceptor extends HandlerInterceptorAdapter {
    private final Logger log = LoggerFactory.getLogger(getClass());

    @Autowired
    private IAccessTokenService accessTokenService;
    private static final String AUTHORIZATION_FIELD = "accessToken";

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        AccessCheck accessCheck;
        boolean z;
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        Class<?> beanType = handlerMethod.getBeanType();
        Method method = handlerMethod.getMethod();
        if (beanType == null || method == null) {
            return true;
        }
        try {
            boolean isAnnotationPresent = beanType.isAnnotationPresent(AccessCheck.class);
            if (method.isAnnotationPresent(AccessCheck.class)) {
                accessCheck = (AccessCheck) method.getAnnotation(AccessCheck.class);
            } else {
                if (!isAnnotationPresent) {
                    return true;
                }
                accessCheck = (AccessCheck) beanType.getAnnotation(AccessCheck.class);
            }
            switch (accessCheck.value()) {
                case OPEN_API:
                    z = true;
                    break;
                case ACCESS_TOKEN_API:
                    z = checkAccessToken(httpServletRequest, method);
                    this.log.info("权限token校验接口 ACCESS_TOKEN_API 校验结果：" + z);
                    break;
                case BIZ_API:
                case ADMIN_API:
                    z = true;
                    break;
                default:
                    z = false;
                    break;
            }
            if (z) {
                return true;
            }
            buildErrorResponse(httpServletResponse);
            return false;
        } catch (Exception e) {
            buildErrorResponse(httpServletResponse);
            this.log.error("权限校验产生异常,访问接口名称[{}],请求参数[{}],请求头参数[{}]", method.getName(), getRequestParams(httpServletRequest), httpServletRequest.getHeader(AUTHORIZATION_FIELD));
            return false;
        }
    }

    private void buildErrorResponse(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setCharacterEncoding("utf-8");
        httpServletResponse.setContentType("application/json; charset=utf-8");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(JSON.toJSONString(BaseResponse.error(ErrorEnum.NO_PERMISSION), SerializerFeature.WriteNullStringAsEmpty));
        writer.close();
    }

    private boolean checkAccessToken(HttpServletRequest httpServletRequest, Method method) {
        String header = httpServletRequest.getHeader(AUTHORIZATION_FIELD);
        String name = method.getName();
        if (StringUtils.isBlank(header)) {
            this.log.error("请求中未获取到AccessToken,访问接口名称[{}],请求参数[{}]", name, getRequestParams(httpServletRequest));
            return false;
        }
        if (this.accessTokenService.validateAccessToken(header).booleanValue()) {
            return true;
        }
        this.log.error("AccessToken合法性校验失败,访问接口名称[{}],请求参数[{}]", name, getRequestParams(httpServletRequest));
        return false;
    }

    private Map<String, String> getRequestParams(HttpServletRequest httpServletRequest) {
        Enumeration<String> parameterNames = httpServletRequest.getParameterNames();
        HashMap hashMap = new HashMap();
        while (parameterNames.hasMoreElements()) {
            String nextElement = parameterNames.nextElement();
            hashMap.put(nextElement, httpServletRequest.getParameter(nextElement));
        }
        return hashMap;
    }
}
