package org.typroject.tyboot.core.restful.interceptor;

import com.baomidou.mybatisplus.core.toolkit.Sequence;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.AsyncHandlerInterceptor;
import org.typroject.tyboot.core.auth.exception.AuthException;
import org.typroject.tyboot.core.auth.face.model.SsoSessionsModel;
import org.typroject.tyboot.core.auth.face.service.SsoSessionsService;
import org.typroject.tyboot.core.foundation.context.RequestContext;
import org.typroject.tyboot.core.foundation.enumeration.UserType;
import org.typroject.tyboot.core.foundation.utils.DateUtil;
import org.typroject.tyboot.core.foundation.utils.StringUtil;
import org.typroject.tyboot.core.foundation.utils.ValidationUtil;
import org.typroject.tyboot.core.restful.auth.ExtendAuthHandler;
import org.typroject.tyboot.core.restful.doc.TycloudOperation;
import org.typroject.tyboot.core.restful.utils.RequestUtil;
import org.typroject.tyboot.core.restful.utils.RestfulConstans;

@Component
/* loaded from: input_file:BOOT-INF/lib/tyboot-core-restful-1.2.0-SNAPSHOT.jar:org/typroject/tyboot/core/restful/interceptor/AuthInterceptor.class */
public class AuthInterceptor implements AsyncHandlerInterceptor {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) AuthInterceptor.class);
    private static final Sequence sequence = new Sequence(StringUtil.getLocalInetAddress());

    @Autowired
    private SsoSessionsService ssoSessionsService;

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        RequestContext.clean();
        RequestContext.setRequestTimeMills(Long.valueOf(System.currentTimeMillis()));
        String header = httpServletRequest.getHeader(RestfulConstans.APPKEY);
        String header2 = httpServletRequest.getHeader("token");
        String header3 = httpServletRequest.getHeader(RestfulConstans.PRODUCT);
        String header4 = httpServletRequest.getHeader(RestfulConstans.TRACEID);
        String header5 = httpServletRequest.getHeader(RestfulConstans.DEVICE_ID);
        String remoteIp = RequestUtil.getRemoteIp(httpServletRequest);
        String header6 = httpServletRequest.getHeader(RestfulConstans.USER_AGENT);
        String valueOf = ValidationUtil.isEmpty(header4) ? String.valueOf(sequence.nextId()) : header4;
        RequestContext.setAppKey(header);
        RequestContext.setTraceId(valueOf);
        RequestContext.setRequestIP(remoteIp);
        RequestContext.setProduct(header3);
        RequestContext.setUserAgent(header6);
        RequestContext.setToken(header2);
        RequestContext.setDeviceId(header5);
        if (!(obj instanceof HandlerMethod)) {
            throw new AuthException("不支持的资源请求类型.");
        }
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        logger.info("\n**********************************************************" + ("\n* APP_KEY     :" + header) + ("\n* TOKEN       :" + header2) + ("\n* PRODUCT     :" + header3) + ("\n* REQUEST_IP  :" + remoteIp) + ("\n* USER_AGENT  :" + header6) + ("\n* TRACE_ID    :" + valueOf) + ("\n* HANDLER     :" + handlerMethod.getBean().getClass()) + ("\n* METHOD      :" + handlerMethod.getMethod().getName()) + ("\n* ACCESS_TIME :" + DateUtil.getNow("yyyy-MM-dd HH:mm:ss")));
        return doAuth(handlerMethod, header2, header, header3);
    }

    private boolean doAuth(HandlerMethod handlerMethod, String str, String str2, String str3) throws Exception {
        TycloudOperation tycloudOperation = (TycloudOperation) handlerMethod.getMethodAnnotation(TycloudOperation.class);
        Boolean doAuth = ExtendAuthHandler.doAuth(handlerMethod, str, str2, str3);
        String token = RequestContext.getToken();
        String appKey = RequestContext.getAppKey();
        String product = RequestContext.getProduct();
        if (doAuth.booleanValue()) {
            return true;
        }
        if (!tycloudOperation.needAuth()) {
            if (ValidationUtil.isEmpty(token)) {
                return true;
            }
            SsoSessionsModel queryByToken = this.ssoSessionsService.queryByToken(product, token);
            if (ValidationUtil.isEmpty(queryByToken)) {
                return true;
            }
            RequestContext.setExeUserId(queryByToken.getUserId());
            RequestContext.setAgencyCode(queryByToken.getAgencyCode());
            RequestContext.setUserType(UserType.valueOf(queryByToken.getUserType()));
            RequestContext.setLoginId(queryByToken.getLoginId());
            return true;
        }
        if (ValidationUtil.isEmpty(token) && tycloudOperation.needAuth()) {
            throw new AuthException("请求未包含认证信息.");
        }
        if (ValidationUtil.isEmpty(token)) {
            return true;
        }
        SsoSessionsModel refreshSession = this.ssoSessionsService.refreshSession(token, product);
        if (ValidationUtil.isEmpty(refreshSession)) {
            throw new AuthException("登录信息失效，请重新登录");
        }
        RequestContext.setExeUserId(refreshSession.getUserId());
        RequestContext.setAgencyCode(refreshSession.getAgencyCode());
        RequestContext.setUserType(UserType.valueOf(refreshSession.getUserType()));
        RequestContext.setLoginId(refreshSession.getLoginId());
        ExtendAuthHandler.doAuth(refreshSession, handlerMethod, token, appKey, product);
        return true;
    }

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, @Nullable Exception exc) throws Exception {
        StringBuilder sb = new StringBuilder();
        long currentTimeMillis = System.currentTimeMillis() - RequestContext.getRequestTimeMills().longValue();
        RequestContext.getTraceId();
        sb.append("\n* 请求耗时      :" + currentTimeMillis + "毫秒;  (TRACE_ID:" + sb + ")");
        sb.append("\n**********************************************************");
        logger.info(sb.toString());
    }
}
