package com.bjy.intercepter;

import com.kuaike.common.errorcode.CommonErrorCode;
import com.kuaike.common.utils.ApiResult;
import com.kuaike.common.utils.ApiResultUtils;
import com.kuaike.common.utils.ErrorCodeUtil;
import com.kuaike.common.utils.JacksonUtil;
import com.kuaike.common.utils.WebCommonUtil;
import com.kuaike.scrm.common.dto.CurrentUserInfo;
import com.kuaike.scrm.common.perm.dto.AccessUserInfo;
import com.kuaike.scrm.common.perm.service.AccessPermitService;
import com.kuaike.scrm.common.perm.utils.PermUtils;
import com.kuaike.scrm.common.utils.LoginUtils;
import com.kuaike.scrm.common.utils.ServletUtil;
import java.util.Collections;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.math.NumberUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.HashOperations;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

@Component
/* loaded from: input_file:com/bjy/intercepter/ExternalAccessInterceptor.class */
public class ExternalAccessInterceptor extends HandlerInterceptorAdapter {
    private static final String TOKEN_KEY = "token";

    @Autowired
    @Qualifier("redisTemplate5")
    private RedisTemplate<String, Object> redisTemplate;

    @Value("${spring.redis.key.prefix}")
    private String redisKeyPrefix;
    private String prefix = "xq";

    @Autowired
    private AccessPermitService accessPermitService;
    private static final Logger log = LoggerFactory.getLogger(ExternalAccessInterceptor.class);
    private static final ThreadLocal<HttpSession> SESSION = new InheritableThreadLocal();

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        log.info("access filter: {}", httpServletRequest.getRequestURI());
        LoginUtils.clear();
        LoginUtils.setSession(httpServletRequest.getSession());
        if (!(obj instanceof HandlerMethod) || LoginUtils.hasLoginNeedless(obj)) {
            return true;
        }
        String str = (String) StringUtils.defaultIfBlank(httpServletRequest.getHeader(TOKEN_KEY), httpServletRequest.getParameter(TOKEN_KEY));
        log.info("request token: {}", str);
        if (StringUtils.isBlank(str)) {
            log.warn("token为空");
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
            return false;
        }
        String format = String.format("%s:external:token:%s", this.redisKeyPrefix, str);
        if (Boolean.FALSE.equals(this.redisTemplate.hasKey(format))) {
            log.info("invalidate token: {}", str);
            log.warn("token redis key 不存在:{}", format);
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
            return false;
        }
        HashOperations opsForHash = this.redisTemplate.opsForHash();
        String str2 = (String) opsForHash.get(format, "sessionId");
        Long valueOf = Long.valueOf(Long.parseLong(opsForHash.get(format, "userId").toString()));
        if (Objects.isNull(str2)) {
            log.warn("当前操作用户sessionId为空:{}", format);
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
            return false;
        }
        if (Objects.isNull(valueOf)) {
            log.warn("当前操作用户userId为空:{}", format);
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
            return false;
        }
        initRpcCurrentUser(str2, valueOf);
        String requestURI = httpServletRequest.getRequestURI();
        log.debug("requestUri:{}", PermUtils.getPathWithPrefix(this.prefix, requestURI));
        if (StringUtils.isNotBlank(requestURI) && requestURI.endsWith("np")) {
            return true;
        }
        CurrentUserInfo currentUser = LoginUtils.getCurrentUser();
        log.debug("currentUserInfo:{}", currentUser);
        if (null == currentUser) {
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
            return false;
        }
        if (Objects.isNull(currentUser.getId())) {
            log.warn("当前操作用户userId为空");
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
            return false;
        }
        AccessUserInfo accessUser = this.accessPermitService.getAccessUser();
        if (Objects.isNull(accessUser)) {
            log.warn("根据userId:{}未查询到用户信息", valueOf);
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
        }
        if (accessUser != null && NumberUtils.INTEGER_ZERO.equals(accessUser.getEnabled())) {
            log.warn("用户:{}已被禁用", accessUser.getId());
            returnAjaxNotLoginResponse(httpServletRequest, httpServletResponse);
            return false;
        }
        if (accessUser != null && StringUtils.isNotBlank(accessUser.getWeworkUserId()) && NumberUtils.INTEGER_ZERO.equals(accessUser.getIsAgentAuth())) {
            log.warn("weworkUser:{}", accessUser.getWeworkUserId());
            returnAjaxBusinessCustomerForbid(httpServletResponse, "当前用户未授权,暂不能登录");
            return false;
        }
        if (!Objects.isNull(this.accessPermitService.getAccessBiz())) {
            return super.preHandle(httpServletRequest, httpServletResponse, obj);
        }
        returnAjaxBusinessCustomerForbid(httpServletResponse, "商户不存在");
        return false;
    }

    private void initRpcCurrentUser(String str, Long l) {
        Object obj = this.redisTemplate.opsForValue().get(getUserInfoKey(this.redisKeyPrefix, str, l));
        if (obj != null) {
            if (obj instanceof CurrentUserInfo) {
                setCurrentUser((CurrentUserInfo) obj);
            } else {
                log.error("The user is not front system.");
            }
        }
    }

    private void setCurrentUser(CurrentUserInfo currentUserInfo) {
        LoginUtils.setCurrentUser(currentUserInfo);
    }

    private static String getUserInfoKey(String str, String str2, Long l) {
        return str + str2 + String.format("SCRM_LOGIN_KEY_%s", l);
    }

    private String getSessionId() {
        HttpSession session = getSession();
        if (session != null) {
            return session.getId();
        }
        return null;
    }

    private HttpSession getSession() {
        ServletRequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        return requestAttributes == null ? SESSION.get() : requestAttributes.getRequest().getSession();
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        LoginUtils.clear();
    }

    private void returnAjaxNotLoginResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        long universeErrorCode = ErrorCodeUtil.getUniverseErrorCode(CommonErrorCode.NO_LOGIN);
        Map singletonMap = Collections.singletonMap("redirectUrl", ServletUtil.getBasePath(httpServletRequest) + "/login?service=");
        httpServletResponse.setStatus(401);
        WebCommonUtil.returnMessage(httpServletResponse, JacksonUtil.obj2Str(new ApiResult(universeErrorCode, "用户未登录", singletonMap)));
    }

    private void returnNoPermissionResponse(HttpServletResponse httpServletResponse) {
        httpServletResponse.setStatus(403);
        WebCommonUtil.returnMessage(httpServletResponse, JacksonUtil.obj2Str(ApiResultUtils.error(CommonErrorCode.PERMISSION_DENY)));
    }

    private void returnAjaxBusinessCustomerForbid(HttpServletResponse httpServletResponse, String str) {
        httpServletResponse.setStatus(403);
        WebCommonUtil.returnMessage(httpServletResponse, JacksonUtil.obj2Str(ApiResultUtils.error(CommonErrorCode.PERMISSION_DENY, str)));
    }
}
