package org.onetwo.ext.security.metadata;

import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.io.IOException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.sql.DataSource;
import org.onetwo.common.exception.BaseException;
import org.onetwo.common.file.FileUtils;
import org.onetwo.common.reflect.ReflectUtils;
import org.onetwo.common.spring.SpringUtils;
import org.onetwo.common.utils.LangUtils;
import org.onetwo.common.utils.StringUtils;
import org.onetwo.ext.permission.MenuInfoParserFactory;
import org.onetwo.ext.permission.SimplePermissionConfig;
import org.onetwo.ext.permission.api.IPermission;
import org.onetwo.ext.permission.parser.PermClassParser;
import org.onetwo.ext.permission.utils.UrlResourceInfo;
import org.onetwo.ext.permission.utils.UrlResourceInfoParser;
import org.onetwo.ext.security.utils.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.io.Resource;
import org.springframework.jdbc.core.RowMapper;
import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
import org.springframework.jdbc.core.support.JdbcDaoSupport;
import org.springframework.jdbc.object.MappingSqlQuery;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.access.expression.DefaultWebSecurityExpressionHandler;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;

/* loaded from: input_file:org/onetwo/ext/security/metadata/DatabaseSecurityMetadataSource.class */
public class DatabaseSecurityMetadataSource extends JdbcDaoSupport implements JdbcSecurityMetadataSourceBuilder {
    private static final String AUTHORITY_RESOURCE_SQL_FILE = "/plugins/security/authority_resource.sql";
    private String resourceQuery;
    private List<String> appCodes;
    private LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = Maps.newLinkedHashMap();
    private DefaultWebSecurityExpressionHandler securityExpressionHandler = new DefaultWebSecurityExpressionHandler();
    private boolean allowManyPermissionMapToOneUrl = true;
    private FilterSecurityInterceptor filterSecurityInterceptor;

    @Autowired(required = false)
    private MenuInfoParserFactory<? extends IPermission> menuInfoParserFactory;
    private Map<RequestMatcher, Collection<ConfigAttribute>> defaultRequestMap;

    /* loaded from: input_file:org/onetwo/ext/security/metadata/DatabaseSecurityMetadataSource$AuthorityResource.class */
    public static class AuthorityResource {
        private String authority;
        private List<UrlResourceInfo> urlResourceInfo;
        private Integer sort;
        private String authorityName;

        public List<UrlResourceInfo> getUrlResourceInfo() {
            return this.urlResourceInfo;
        }

        public String getAuthority() {
            return this.authority;
        }

        public Integer getSort() {
            return this.sort;
        }

        public String getAuthorityName() {
            return this.authorityName;
        }

        public void setAuthority(String str) {
            this.authority = str;
        }

        public void setUrlResourceInfo(List<UrlResourceInfo> list) {
            this.urlResourceInfo = list;
        }

        public void setSort(Integer num) {
            this.sort = num;
        }

        public void setAuthorityName(String str) {
            this.authorityName = str;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof AuthorityResource)) {
                return false;
            }
            AuthorityResource authorityResource = (AuthorityResource) obj;
            if (!authorityResource.canEqual(this)) {
                return false;
            }
            String authority = getAuthority();
            String authority2 = authorityResource.getAuthority();
            if (authority == null) {
                if (authority2 != null) {
                    return false;
                }
            } else if (!authority.equals(authority2)) {
                return false;
            }
            List<UrlResourceInfo> urlResourceInfo = getUrlResourceInfo();
            List<UrlResourceInfo> urlResourceInfo2 = authorityResource.getUrlResourceInfo();
            if (urlResourceInfo == null) {
                if (urlResourceInfo2 != null) {
                    return false;
                }
            } else if (!urlResourceInfo.equals(urlResourceInfo2)) {
                return false;
            }
            Integer sort = getSort();
            Integer sort2 = authorityResource.getSort();
            if (sort == null) {
                if (sort2 != null) {
                    return false;
                }
            } else if (!sort.equals(sort2)) {
                return false;
            }
            String authorityName = getAuthorityName();
            String authorityName2 = authorityResource.getAuthorityName();
            return authorityName == null ? authorityName2 == null : authorityName.equals(authorityName2);
        }

        protected boolean canEqual(Object obj) {
            return obj instanceof AuthorityResource;
        }

        public int hashCode() {
            String authority = getAuthority();
            int hashCode = (1 * 59) + (authority == null ? 43 : authority.hashCode());
            List<UrlResourceInfo> urlResourceInfo = getUrlResourceInfo();
            int hashCode2 = (hashCode * 59) + (urlResourceInfo == null ? 43 : urlResourceInfo.hashCode());
            Integer sort = getSort();
            int hashCode3 = (hashCode2 * 59) + (sort == null ? 43 : sort.hashCode());
            String authorityName = getAuthorityName();
            return (hashCode3 * 59) + (authorityName == null ? 43 : authorityName.hashCode());
        }

        public String toString() {
            return "DatabaseSecurityMetadataSource.AuthorityResource(authority=" + getAuthority() + ", urlResourceInfo=" + getUrlResourceInfo() + ", sort=" + getSort() + ", authorityName=" + getAuthorityName() + ")";
        }
    }

    /* loaded from: input_file:org/onetwo/ext/security/metadata/DatabaseSecurityMetadataSource$ResourceMapping.class */
    public static class ResourceMapping extends MappingSqlQuery<AuthorityResource> implements RowMapper<AuthorityResource> {
        private UrlResourceInfoParser urlResourceInfoParser;
        private boolean hasAuthorityName;

        public ResourceMapping() {
            this.urlResourceInfoParser = new UrlResourceInfoParser();
        }

        public ResourceMapping(DataSource dataSource, String str) {
            super(dataSource, str);
            this.urlResourceInfoParser = new UrlResourceInfoParser();
            this.hasAuthorityName = str.contains("authority_name");
        }

        /* renamed from: mapRow, reason: merged with bridge method [inline-methods] */
        public AuthorityResource m9mapRow(ResultSet resultSet, int i) throws SQLException {
            AuthorityResource authorityResource = new AuthorityResource();
            authorityResource.setUrlResourceInfo(this.urlResourceInfoParser.parseToUrlResourceInfos(resultSet.getString("resources_pattern")));
            authorityResource.setAuthority(resultSet.getString("authority"));
            authorityResource.setSort(Integer.valueOf(resultSet.getInt(PermClassParser.SORT)));
            if (this.hasAuthorityName) {
                authorityResource.setAuthorityName(resultSet.getString("authority_name"));
            }
            return authorityResource;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/onetwo/ext/security/metadata/DatabaseSecurityMetadataSource$SortableAntPathRequestMatcher.class */
    public static class SortableAntPathRequestMatcher {
        private AntPathRequestMatcher pathMatcher;
        private Integer sort;

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            SortableAntPathRequestMatcher sortableAntPathRequestMatcher = (SortableAntPathRequestMatcher) obj;
            return this.pathMatcher == null ? sortableAntPathRequestMatcher.pathMatcher == null : this.pathMatcher.equals(sortableAntPathRequestMatcher.pathMatcher);
        }

        public int hashCode() {
            return (31 * 1) + (this.pathMatcher == null ? 0 : this.pathMatcher.hashCode());
        }

        public String toString() {
            return this.pathMatcher.toString();
        }

        public AntPathRequestMatcher getPathMatcher() {
            return this.pathMatcher;
        }

        public Integer getSort() {
            return this.sort;
        }

        public void setPathMatcher(AntPathRequestMatcher antPathRequestMatcher) {
            this.pathMatcher = antPathRequestMatcher;
        }

        public void setSort(Integer num) {
            this.sort = num;
        }

        public SortableAntPathRequestMatcher(AntPathRequestMatcher antPathRequestMatcher, Integer num) {
            this.pathMatcher = antPathRequestMatcher;
            this.sort = num;
        }
    }

    protected void checkDaoConfig() {
        List<SimplePermissionConfig<? extends IPermission>> permissionConfigList;
        super.checkDaoConfig();
        if (this.menuInfoParserFactory == null || (permissionConfigList = this.menuInfoParserFactory.getPermissionConfigList()) == null) {
            return;
        }
        setAppCodes((List) permissionConfigList.stream().map(permissionConfig -> {
            return permissionConfig.getAppCode();
        }).collect(Collectors.toList()));
    }

    protected List<AuthorityResource> fetchAuthorityResources() {
        if (StringUtils.isBlank(this.resourceQuery)) {
            Resource classpath = SpringUtils.classpath(AUTHORITY_RESOURCE_SQL_FILE);
            if (classpath.exists()) {
                try {
                    this.resourceQuery = StringUtils.join(FileUtils.readAsList(classpath.getInputStream()), " ");
                } catch (IOException e) {
                    throw new BaseException("read sql file error: /plugins/security/authority_resource.sql", e);
                }
            } else {
                this.resourceQuery = "SELECT perm.code as authority, perm.resources_pattern as resources_pattern, perm.sort FROM admin_permission perm WHERE perm.resources_pattern is not null " + (LangUtils.isEmpty(this.appCodes) ? "" : "and perm.app_code in ( :appCode ) ") + "order by perm.sort";
            }
        }
        Assert.hasText(this.resourceQuery, "resourceQuery must has text!");
        ResourceMapping resourceMapping = new ResourceMapping();
        NamedParameterJdbcTemplate namedParameterJdbcTemplate = new NamedParameterJdbcTemplate(getDataSource());
        HashMap hashMap = new HashMap();
        if (!LangUtils.isEmpty(this.appCodes)) {
            hashMap.put(PermClassParser.APP_CODE, this.appCodes);
        }
        List<AuthorityResource> query = namedParameterJdbcTemplate.query(this.resourceQuery, hashMap, resourceMapping);
        if (query.isEmpty()) {
            this.logger.warn("no authorities fetch, check your application!");
        }
        return query;
    }

    public void setAppCodes(List<String> list) {
        this.appCodes = list;
    }

    public void setResourceQuery(String str) {
        this.resourceQuery = str;
    }

    public void buildRequestMap() {
        List<AuthorityResource> fetchAuthorityResources = fetchAuthorityResources();
        HashMap hashMap = new HashMap(fetchAuthorityResources.size());
        fetchAuthorityResources.forEach(authorityResource -> {
            authorityResource.getUrlResourceInfo().forEach(urlResourceInfo -> {
                SortableAntPathRequestMatcher sortableAntPathRequestMatcher = new SortableAntPathRequestMatcher(new AntPathRequestMatcher(urlResourceInfo.getUrl(), urlResourceInfo.getMethod()), authorityResource.getSort());
                if (!hashMap.containsKey(sortableAntPathRequestMatcher)) {
                    hashMap.put(sortableAntPathRequestMatcher, Lists.newArrayList(new ConfigAttribute[]{createSecurityConfig(authorityResource)}));
                    return;
                }
                Collection collection = (Collection) hashMap.get(sortableAntPathRequestMatcher);
                if (!this.allowManyPermissionMapToOneUrl) {
                    throw new RuntimeException("permission conflict, don't allow many permission map to one url. exist: " + collection + ", new: " + authorityResource.getAuthority());
                }
                collection.add(createSecurityConfig(authorityResource));
            });
        });
        List list = (List) hashMap.keySet().stream().sorted((sortableAntPathRequestMatcher, sortableAntPathRequestMatcher2) -> {
            int length = sortableAntPathRequestMatcher2.getPathMatcher().getPattern().length() - sortableAntPathRequestMatcher.getPathMatcher().getPattern().length();
            return length != 0 ? length : -sortableAntPathRequestMatcher.getPathMatcher().getPattern().compareTo(sortableAntPathRequestMatcher2.getPathMatcher().getPattern());
        }).collect(Collectors.toList());
        this.requestMap.clear();
        list.forEach(sortableAntPathRequestMatcher3 -> {
            this.requestMap.put(sortableAntPathRequestMatcher3.getPathMatcher(), hashMap.get(sortableAntPathRequestMatcher3));
        });
    }

    protected SecurityConfig createSecurityConfig(AuthorityResource authorityResource) {
        return new CodeSecurityConfig(authorityResource, this.securityExpressionHandler.getExpressionParser().parseExpression(SecurityUtils.createSecurityExpression(authorityResource.getAuthority())));
    }

    @Override // org.onetwo.ext.security.metadata.SecurityMetadataSourceBuilder
    public void buildSecurityMetadataSource() {
        Assert.notNull(this.filterSecurityInterceptor, "filterSecurityInterceptor can not be null");
        buildRequestMap();
        Map<? extends RequestMatcher, ? extends Collection<ConfigAttribute>> defaultRequestMap = getDefaultRequestMap();
        if (defaultRequestMap != null && !defaultRequestMap.isEmpty()) {
            this.requestMap.putAll(defaultRequestMap);
        }
        this.filterSecurityInterceptor.setSecurityMetadataSource(new MatchAllFilterInvocationSecurityMetadataSource(this.requestMap));
    }

    protected final Map<RequestMatcher, Collection<ConfigAttribute>> getDefaultRequestMap() {
        Map<RequestMatcher, Collection<ConfigAttribute>> map = this.defaultRequestMap;
        if (map == null) {
            map = (Map) ReflectUtils.getFieldValue(this.filterSecurityInterceptor.getSecurityMetadataSource(), "requestMap", false);
            this.defaultRequestMap = map;
        }
        return map;
    }

    @Override // org.onetwo.ext.security.metadata.SecurityMetadataSourceBuilder
    public void setFilterSecurityInterceptor(FilterSecurityInterceptor filterSecurityInterceptor) {
        this.filterSecurityInterceptor = filterSecurityInterceptor;
    }
}
