package com.aizuda.snailjob.server.web.interceptor;

import cn.hutool.core.lang.Assert;
import cn.hutool.core.util.StrUtil;
import com.aizuda.snailjob.common.core.exception.SnailJobAuthenticationException;
import com.aizuda.snailjob.common.core.util.JsonUtil;
import com.aizuda.snailjob.common.core.util.StreamUtils;
import com.aizuda.snailjob.server.web.annotation.LoginRequired;
import com.aizuda.snailjob.server.web.annotation.RoleEnum;
import com.aizuda.snailjob.server.web.model.request.UserSessionVO;
import com.aizuda.snailjob.template.datasource.persistence.mapper.NamespaceMapper;
import com.aizuda.snailjob.template.datasource.persistence.mapper.SystemUserMapper;
import com.aizuda.snailjob.template.datasource.persistence.mapper.SystemUserPermissionMapper;
import com.aizuda.snailjob.template.datasource.persistence.po.SystemUser;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.baomidou.mybatisplus.core.conditions.Wrapper;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.support.SFunction;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.lang.invoke.SerializedLambda;
import java.lang.reflect.Method;
import java.util.List;
import java.util.Objects;
import lombok.Generated;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

@Configuration
/* loaded from: input_file:com/aizuda/snailjob/server/web/interceptor/AuthenticationInterceptor.class */
public class AuthenticationInterceptor implements HandlerInterceptor {
    public static final String AUTHENTICATION = "SNAIL-JOB-AUTH";
    public static final String NAMESPACE_ID = "SNAIL-JOB-NAMESPACE-ID";
    private final SystemUserMapper systemUserMapper;
    private final NamespaceMapper namespaceMapper;
    private final SystemUserPermissionMapper systemUserPermissionMapper;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        String header = httpServletRequest.getHeader(AUTHENTICATION);
        String header2 = httpServletRequest.getHeader(NAMESPACE_ID);
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        Method method = ((HandlerMethod) obj).getMethod();
        if (!method.isAnnotationPresent(LoginRequired.class)) {
            return true;
        }
        LoginRequired loginRequired = (LoginRequired) method.getAnnotation(LoginRequired.class);
        if (!loginRequired.required()) {
            return true;
        }
        if (header == null) {
            throw new SnailJobAuthenticationException("登陆过期，请重新登陆");
        }
        if (StrUtil.isBlank(header2)) {
            throw new SnailJobAuthenticationException("{} 命名空间不存在", header2);
        }
        try {
            SystemUser systemUser = (SystemUser) this.systemUserMapper.selectById(((SystemUser) JsonUtil.parseObject((String) JWT.decode(header).getAudience().get(0), SystemUser.class)).getId());
            if (Objects.isNull(systemUser)) {
                throw new SnailJobAuthenticationException("用户不存在");
            }
            Assert.isTrue(this.namespaceMapper.selectCount((Wrapper) new LambdaQueryWrapper().eq((v0) -> {
                return v0.getUniqueId();
            }, header2)).longValue() > 0, () -> {
                return new SnailJobAuthenticationException("[{}] 命名空间不存在", header2);
            });
            UserSessionVO userSessionVO = new UserSessionVO();
            userSessionVO.setId(systemUser.getId());
            userSessionVO.setUsername(systemUser.getUsername());
            userSessionVO.setRole(systemUser.getRole());
            userSessionVO.setNamespaceId(header2);
            if (userSessionVO.isUser()) {
                List<String> list = StreamUtils.toList(this.systemUserPermissionMapper.selectList((Wrapper) ((LambdaQueryWrapper) new LambdaQueryWrapper().select(new SFunction[]{(v0) -> {
                    return v0.getGroupName();
                }}).eq((v0) -> {
                    return v0.getSystemUserId();
                }, systemUser.getId())).eq((v0) -> {
                    return v0.getNamespaceId();
                }, header2)), (v0) -> {
                    return v0.getGroupName();
                });
                Assert.notEmpty(list, () -> {
                    return new SnailJobAuthenticationException("用户组权限为空");
                });
                userSessionVO.setGroupNames(list);
            }
            httpServletRequest.setAttribute("currentUser", userSessionVO);
            try {
                JWT.require(Algorithm.HMAC256(systemUser.getPassword())).build().verify(header);
                RoleEnum role = loginRequired.role();
                if (role == RoleEnum.USER || role != RoleEnum.ADMIN || role == RoleEnum.getEnumTypeMap().get(systemUser.getRole())) {
                    return true;
                }
                throw new SnailJobAuthenticationException("不具备访问权限");
            } catch (JWTVerificationException e) {
                throw new SnailJobAuthenticationException("登陆过期，请重新登陆");
            }
        } catch (JWTDecodeException e2) {
            throw new SnailJobAuthenticationException("登陆过期，请重新登陆");
        }
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }

    @Generated
    public AuthenticationInterceptor(SystemUserMapper systemUserMapper, NamespaceMapper namespaceMapper, SystemUserPermissionMapper systemUserPermissionMapper) {
        this.systemUserMapper = systemUserMapper;
        this.namespaceMapper = namespaceMapper;
        this.systemUserPermissionMapper = systemUserPermissionMapper;
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1492779276:
                if (implMethodName.equals("getGroupName")) {
                    z = false;
                    break;
                }
                break;
            case 150583968:
                if (implMethodName.equals("getNamespaceId")) {
                    z = true;
                    break;
                }
                break;
            case 994475979:
                if (implMethodName.equals("getSystemUserId")) {
                    z = 2;
                    break;
                }
                break;
            case 1783439938:
                if (implMethodName.equals("getUniqueId")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/baomidou/mybatisplus/core/toolkit/support/SFunction") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/aizuda/snailjob/template/datasource/persistence/po/SystemUserPermission") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                    return (v0) -> {
                        return v0.getGroupName();
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/baomidou/mybatisplus/core/toolkit/support/SFunction") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/aizuda/snailjob/template/datasource/persistence/po/SystemUserPermission") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                    return (v0) -> {
                        return v0.getNamespaceId();
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/baomidou/mybatisplus/core/toolkit/support/SFunction") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/aizuda/snailjob/template/datasource/persistence/po/SystemUserPermission") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/Long;")) {
                    return (v0) -> {
                        return v0.getSystemUserId();
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 5 && serializedLambda.getFunctionalInterfaceClass().equals("com/baomidou/mybatisplus/core/toolkit/support/SFunction") && serializedLambda.getFunctionalInterfaceMethodName().equals("apply") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("com/aizuda/snailjob/template/datasource/persistence/po/Namespace") && serializedLambda.getImplMethodSignature().equals("()Ljava/lang/String;")) {
                    return (v0) -> {
                        return v0.getUniqueId();
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
