package top.klw8.alita.starter.web.interceptor;

import com.alibaba.fastjson.JSON;
import com.google.common.collect.Lists;
import io.netty.buffer.UnpooledByteBufAllocator;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.core.annotation.Order;
import org.springframework.core.env.Environment;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.Assert;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.reactive.result.method.annotation.RequestMappingHandlerMapping;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilterChain;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import top.klw8.alita.service.result.JsonResult;
import top.klw8.alita.service.result.code.CommonResultCodeEnum;
import top.klw8.alita.starter.aures.AuthoritysResource;
import top.klw8.alita.starter.aures.AuthoritysResourceControllerMethodsCache;
import top.klw8.alita.starter.aures.IResourceParser;
import top.klw8.alita.starter.aures.ResourceParserData;
import top.klw8.alita.starter.aures.ResourceParserResult;
import top.klw8.alita.starter.cfg.AuthorityAppInfoInConfigBean;
import top.klw8.alita.starter.cfg.ResServerAuthPathCfgBean;
import top.klw8.alita.starter.common.UserCacheHelper;
import top.klw8.alita.starter.utils.FormDataNoFileParserUtil;
import top.klw8.alita.starter.utils.ResServerTokenUtil;
import top.klw8.alita.starter.web.base.BaseWebFilter;
import top.klw8.alita.starter.web.base.SynchronossFormFieldPart;
import top.klw8.alita.utils.AuthorityUtil;

@Order(2)
/* loaded from: input_file:top/klw8/alita/starter/web/interceptor/AuthorityInterceptor.class */
public class AuthorityInterceptor extends BaseWebFilter {
    private static final String MONO_DATA_KEY_NEW_REQUEST = "newRequest";

    @Autowired
    private UserCacheHelper userCacheHelper;

    @Autowired
    private ApplicationContext applicationContext;

    @Autowired
    private RequestMappingHandlerMapping reqMapping;

    @Autowired
    private Environment env;

    @Autowired
    private AuthorityAppInfoInConfigBean currectApp;

    @Resource
    private ResServerAuthPathCfgBean cfgBean;
    private AntPathMatcher pathMatcher = new AntPathMatcher();
    private static final Logger log = LoggerFactory.getLogger(AuthorityInterceptor.class);
    public static final List<MediaType> legalLogMediaTypes = Lists.newArrayList(new MediaType[]{MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.APPLICATION_JSON_UTF8, MediaType.MULTIPART_FORM_DATA, MediaType.TEXT_XML});

    public Mono<Void> filter(ServerWebExchange serverWebExchange, WebFilterChain webFilterChain) {
        if (CollectionUtils.isEmpty(this.cfgBean.getAuthPath())) {
            return webFilterChain.filter(serverWebExchange);
        }
        ServerHttpRequest request = serverWebExchange.getRequest();
        ServerHttpResponse response = serverWebExchange.getResponse();
        String path = request.getURI().getPath();
        Iterator<String> it = this.cfgBean.getAuthPath().iterator();
        while (it.hasNext()) {
            if (this.pathMatcher.match(it.next(), path)) {
                String token = ResServerTokenUtil.getToken(request);
                if (StringUtils.isBlank(token)) {
                    return sendJsonStr(response, JSON.toJSONString(JsonResult.failed(CommonResultCodeEnum.NO_TOKEN, "需要验证权限,但没有token,请检查配制是否正确!")));
                }
                String userId = ResServerTokenUtil.getUserId(token);
                Map<String, String> userAuthority = this.userCacheHelper.getUserAuthority(userId, this.currectApp.getAppTag());
                if (userAuthority == null) {
                    return sendJsonStr(response, JSON.toJSONString(JsonResult.failed(CommonResultCodeEnum.LOGIN_TIMEOUT)));
                }
                HandlerMethod handlerMethod = (HandlerMethod) this.reqMapping.getHandlerInternal(serverWebExchange).block();
                if (handlerMethod == null) {
                    return webFilterChain.filter(serverWebExchange);
                }
                String resolvePlaceholders = this.env.resolvePlaceholders(AuthorityUtil.getCompleteMappingUrl(handlerMethod));
                if (StringUtils.isBlank(resolvePlaceholders) || StringUtils.isEmpty(userAuthority.get(resolvePlaceholders))) {
                    return sendJsonStr(response, JSON.toJSONString(JsonResult.failed(CommonResultCodeEnum.NO_PRIVILEGES)));
                }
                if (StringUtils.isBlank(resolvePlaceholders)) {
                    resolvePlaceholders = AuthorityUtil.composeWithSeparator(request.getMethod(), path);
                }
                AuthoritysResource method = AuthoritysResourceControllerMethodsCache.getMethod(resolvePlaceholders);
                if (method == null) {
                    return webFilterChain.filter(serverWebExchange.mutate().request(request).build());
                }
                Map<String, List<String>> userAuthoritysResource = this.userCacheHelper.getUserAuthoritysResource(userId, this.currectApp.getAppTag());
                if (method.parser() == IResourceParser.class) {
                    String[] resource = method.resource();
                    return resource.length == 0 ? sendJsonStr(response, JSON.toJSONString(JsonResult.failed(CommonResultCodeEnum.AUTHORITYS_RESOURCE_NO_RES))) : checkAuthoritysResource(resolvePlaceholders, resource, userAuthoritysResource) ? webFilterChain.filter(serverWebExchange) : sendJsonStr(response, JSON.toJSONString(JsonResult.failed(CommonResultCodeEnum.NO_PRIVILEGES)));
                }
                ResourceParserData resourceParserData = new ResourceParserData(path);
                request.getQueryParams().forEach((str, list) -> {
                    resourceParserData.putQueryPrarm(str, list);
                });
                Map<String, String> extractUriTemplateVariables = this.pathMatcher.extractUriTemplateVariables(AuthorityUtil.removeSeparator(resolvePlaceholders), path);
                if (MapUtils.isNotEmpty(extractUriTemplateVariables)) {
                    resourceParserData.putAllPathPrarms(extractUriTemplateVariables);
                }
                MediaType contentType = request.getHeaders().getContentType();
                HashMap hashMap = new HashMap();
                Mono map = contentType != null ? MediaType.APPLICATION_FORM_URLENCODED.equals(contentType) ? serverWebExchange.getFormData().map(multiValueMap -> {
                    multiValueMap.forEach((str2, list2) -> {
                        resourceParserData.putQueryPrarm(str2, list2);
                    });
                    return resourceParserData;
                }) : method.fileUpload() ? serverWebExchange.getMultipartData().map(multiValueMap2 -> {
                    multiValueMap2.forEach((str2, list2) -> {
                        ArrayList arrayList = new ArrayList(list2.size());
                        ArrayList arrayList2 = new ArrayList(list2.size());
                        list2.forEach(part -> {
                            if ("org.springframework.http.codec.multipart.SynchronossPartHttpMessageReader$SynchronossFormFieldPart".equals(part.getClass().getName())) {
                                part.content().subscribe(dataBuffer -> {
                                    String str2 = null;
                                    try {
                                        str2 = IOUtils.toString(dataBuffer.asInputStream(), Charset.forName("utf-8"));
                                    } catch (IOException e) {
                                        log.error("", e);
                                    }
                                    NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory(new UnpooledByteBufAllocator(false));
                                    DataBufferUtils.release(dataBuffer);
                                    arrayList.add(new SynchronossFormFieldPart(part.headers(), nettyDataBufferFactory, str2));
                                    arrayList2.add(str2);
                                });
                            } else {
                                arrayList.add(part);
                            }
                        });
                        multiValueMap2.put(str2, arrayList);
                        if (arrayList2.isEmpty()) {
                            return;
                        }
                        resourceParserData.putFormData(str2, arrayList2);
                    });
                    return resourceParserData;
                }) : request.getBody().map(dataBuffer -> {
                    byte[] bArr = new byte[0];
                    try {
                        bArr = IOUtils.toByteArray(dataBuffer.asInputStream());
                    } catch (IOException e) {
                        log.error("", e);
                    }
                    if (legalLogMediaTypes.contains(contentType)) {
                        String str2 = new String(bArr);
                        if (MediaType.APPLICATION_XML.equals(contentType) || MediaType.APPLICATION_XML.equals(contentType)) {
                            resourceParserData.setXmlString(str2);
                        } else if (MediaType.APPLICATION_JSON.equals(contentType) || MediaType.APPLICATION_JSON_UTF8.equals(contentType)) {
                            resourceParserData.setJsonString(str2);
                        } else {
                            resourceParserData.putAllFormData(FormDataNoFileParserUtil.parser(str2, contentType.getParameter("boundary")));
                        }
                    }
                    NettyDataBufferFactory nettyDataBufferFactory = new NettyDataBufferFactory(new UnpooledByteBufAllocator(false));
                    DataBufferUtils.release(dataBuffer);
                    return nettyDataBufferFactory.wrap(bArr);
                }).collectList().map(list2 -> {
                    hashMap.put(MONO_DATA_KEY_NEW_REQUEST, new ServerHttpRequestDecorator(request) { // from class: top.klw8.alita.starter.web.interceptor.AuthorityInterceptor.1
                        public Flux<DataBuffer> getBody() {
                            return Flux.fromIterable(list2);
                        }
                    });
                    return resourceParserData;
                }) : Mono.just(resourceParserData);
                String str2 = resolvePlaceholders;
                return map.map(resourceParserData2 -> {
                    IResourceParser iResourceParser = (IResourceParser) this.applicationContext.getBean(method.parser());
                    Assert.notNull(iResourceParser, "【" + path + "】没有找到资源权限资源解析器,解析器需要放入spring容器中,请检查");
                    return iResourceParser.parseResource(resourceParserData2);
                }).flatMap(resourceParserResult -> {
                    if (!checkAuthoritysResource(str2, resourceParserResult, (Map<String, List<String>>) userAuthoritysResource)) {
                        return sendJsonStr(response, JSON.toJSONString(JsonResult.failed(CommonResultCodeEnum.NO_PRIVILEGES)));
                    }
                    ServerHttpRequest serverHttpRequest = (ServerHttpRequest) hashMap.get(MONO_DATA_KEY_NEW_REQUEST);
                    return serverHttpRequest == null ? webFilterChain.filter(serverWebExchange) : webFilterChain.filter(serverWebExchange.mutate().request(serverHttpRequest).build());
                });
            }
        }
        return webFilterChain.filter(serverWebExchange);
    }

    private boolean checkAuthoritysResource(String str, String[] strArr, Map<String, List<String>> map) {
        return checkAuthoritysResource(str, new ResourceParserResult(strArr), map);
    }

    private boolean checkAuthoritysResource(String str, ResourceParserResult resourceParserResult, Map<String, List<String>> map) {
        if (resourceParserResult.isMasterKey()) {
            return resourceParserResult.isMasterKey();
        }
        String[] parsedResources = resourceParserResult.getParsedResources();
        if (parsedResources.length <= 0) {
            return false;
        }
        if (map == null) {
            log.debug("需要验证资源权限,但是该角色没有任何资源权限!");
            return false;
        }
        int i = 0;
        List<String> list = map.get(str);
        if (list != null) {
            for (String str2 : parsedResources) {
                if (list.contains(str2)) {
                    i++;
                }
            }
        }
        if (i == parsedResources.length) {
            return Boolean.TRUE.booleanValue();
        }
        List<String> list2 = map.get("USER_PUBLIC_AUTHORITYS_RESOURCE");
        if (list2 != null) {
            for (String str3 : parsedResources) {
                if (list2.contains(str3)) {
                    i++;
                }
            }
        }
        return i == parsedResources.length;
    }
}
