package io.github.lishangbu.avalon.security.exception;

import io.github.lishangbu.avalon.security.result.WebSecurityErrorResultCode;
import io.github.lishangbu.avalon.web.result.ApiResult;
import io.jsonwebtoken.ExpiredJwtException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseStatus;
import org.springframework.web.bind.annotation.RestControllerAdvice;

@RestControllerAdvice
@Order(Integer.MIN_VALUE)
/* loaded from: input_file:io/github/lishangbu/avalon/security/exception/SecurityExceptionHandler.class */
public class SecurityExceptionHandler {
    private static final Logger log = LoggerFactory.getLogger(SecurityExceptionHandler.class);

    @ExceptionHandler({JsonWebTokenNotFoundException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public ApiResult<Void> handleJsonWebTokenNotFoundException(JsonWebTokenNotFoundException jsonWebTokenNotFoundException) {
        return ApiResult.failed(WebSecurityErrorResultCode.UNAUTHORIZED, new String[]{"需要登录"});
    }

    @ExceptionHandler({BadCredentialsException.class, UsernameNotFoundException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public ApiResult<Void> handleUserInputException(AuthenticationException authenticationException) {
        log.error("User input cause exception:[{}]", authenticationException.getMessage());
        return ApiResult.failed(WebSecurityErrorResultCode.UNAUTHORIZED, new String[]{"用户名或密码错误"});
    }

    @ExceptionHandler({AuthenticationException.class})
    @ResponseStatus(HttpStatus.UNAUTHORIZED)
    public ApiResult<Void> handleAuthenticationException(AuthenticationException authenticationException) {
        log.error("认证异常信息:[{}]", authenticationException.getMessage());
        return ApiResult.failed(WebSecurityErrorResultCode.UNAUTHORIZED, new String[]{authenticationException.getMessage()});
    }

    @ExceptionHandler({AccessDeniedException.class})
    @ResponseStatus(HttpStatus.FORBIDDEN)
    public ApiResult<Void> handleAccessDeniedException(AccessDeniedException accessDeniedException) {
        log.error("访问异常:[{}]", accessDeniedException.getMessage());
        return ApiResult.failed(WebSecurityErrorResultCode.FORBIDDEN, new String[]{accessDeniedException.getMessage()});
    }

    @ExceptionHandler({ExpiredJwtException.class})
    @ResponseStatus(HttpStatus.OK)
    public ApiResult<Void> handleExpiredJwtException(ExpiredJwtException expiredJwtException) {
        log.error("JWT令牌过期:[{}]", expiredJwtException.getMessage());
        return ApiResult.failed(WebSecurityErrorResultCode.EXPIRED_JWT, new String[]{expiredJwtException.getMessage()});
    }
}
