package org.hswebframework.web.authorization.basic.aop;

import java.lang.reflect.Method;
import java.util.List;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import org.aopalliance.intercept.MethodInterceptor;
import org.aopalliance.intercept.MethodInvocation;
import org.hswebframework.web.aop.MethodInterceptorContext;
import org.hswebframework.web.aop.MethodInterceptorHolder;
import org.hswebframework.web.authorization.Authentication;
import org.hswebframework.web.authorization.annotation.Authorize;
import org.hswebframework.web.authorization.basic.handler.AuthorizingHandler;
import org.hswebframework.web.authorization.define.AuthorizeDefinition;
import org.hswebframework.web.authorization.define.AuthorizeDefinitionInitializedEvent;
import org.hswebframework.web.authorization.define.AuthorizingContext;
import org.hswebframework.web.authorization.define.Phased;
import org.hswebframework.web.authorization.exception.UnAuthorizedException;
import org.hswebframework.web.utils.AnnotationUtils;
import org.reactivestreams.Publisher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.support.StaticMethodMatcherPointcutAdvisor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.CommandLineRunner;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/hswebframework/web/authorization/basic/aop/AopAuthorizingController.class */
public class AopAuthorizingController extends StaticMethodMatcherPointcutAdvisor implements CommandLineRunner, MethodInterceptor {
    private static final Logger log = LoggerFactory.getLogger(AopAuthorizingController.class);
    private static final long serialVersionUID = 1154190623020670672L;

    @Autowired
    private ApplicationEventPublisher eventPublisher;

    @Autowired
    private AuthorizingHandler authorizingHandler;

    @Autowired
    private AopMethodAuthorizeDefinitionParser aopMethodAuthorizeDefinitionParser;
    private boolean autoParse = false;

    public void setAutoParse(boolean z) {
        this.autoParse = z;
    }

    protected Publisher<?> handleReactive0(AuthorizeDefinition authorizeDefinition, MethodInterceptorHolder methodInterceptorHolder, AuthorizingContext authorizingContext, Supplier<? extends Publisher<?>> supplier) {
        MethodInterceptorContext createParamContext = methodInterceptorHolder.createParamContext(supplier.get());
        authorizingContext.setParamContext(createParamContext);
        return invokeReactive(Authentication.currentReactive().switchIfEmpty(Mono.error(UnAuthorizedException.NoStackTrace::new)).flatMap(authentication -> {
            authorizingContext.setAuthentication(authentication);
            return this.authorizingHandler.handRBACAsync(authorizingContext);
        }), (Publisher) createParamContext.getInvokeResult());
    }

    private Publisher<?> invokeReactive(Mono<?> mono, Publisher<?> publisher) {
        return publisher instanceof Mono ? mono.then((Mono) publisher) : mono.thenMany(publisher);
    }

    private <T> T invokeReactive(MethodInvocation methodInvocation) {
        return Mono.class.isAssignableFrom(methodInvocation.getMethod().getReturnType()) ? (T) Mono.defer(() -> {
            return (Mono) doProceed(methodInvocation);
        }) : Flux.class.isAssignableFrom(methodInvocation.getMethod().getReturnType()) ? (T) Flux.defer(() -> {
            return (Publisher) doProceed(methodInvocation);
        }) : (T) doProceed(methodInvocation);
    }

    private <T> T doProceed(MethodInvocation methodInvocation) {
        return (T) methodInvocation.proceed();
    }

    public Object invoke(MethodInvocation methodInvocation) throws Throwable {
        MethodInterceptorHolder create = MethodInterceptorHolder.create(methodInvocation);
        MethodInterceptorContext createParamContext = create.createParamContext();
        AuthorizeDefinition parse = this.aopMethodAuthorizeDefinitionParser.parse(methodInvocation.getThis().getClass(), methodInvocation.getMethod(), createParamContext);
        Object obj = null;
        boolean z = false;
        if (null != parse && !parse.isEmpty()) {
            AuthorizingContext authorizingContext = new AuthorizingContext();
            authorizingContext.setDefinition(parse);
            authorizingContext.setParamContext(createParamContext);
            if (Publisher.class.isAssignableFrom(methodInvocation.getMethod().getReturnType())) {
                return handleReactive0(parse, create, authorizingContext, () -> {
                    return (Publisher) invokeReactive(methodInvocation);
                });
            }
            authorizingContext.setAuthentication((Authentication) Authentication.current().orElseThrow(UnAuthorizedException.NoStackTrace::new));
            z = true;
            Phased phased = parse.getResources().getPhased();
            if (parse.getPhased() == Phased.before) {
                this.authorizingHandler.handRBAC(authorizingContext);
                if (phased == Phased.before) {
                    this.authorizingHandler.handleDataAccess(authorizingContext);
                }
                obj = methodInvocation.proceed();
                if (phased == Phased.after) {
                    authorizingContext.setParamContext(create.createParamContext(obj));
                    this.authorizingHandler.handleDataAccess(authorizingContext);
                }
            } else {
                if (phased == Phased.before) {
                    this.authorizingHandler.handleDataAccess(authorizingContext);
                }
                obj = methodInvocation.proceed();
                authorizingContext.setParamContext(create.createParamContext(obj));
                this.authorizingHandler.handRBAC(authorizingContext);
                if (phased == Phased.after) {
                    this.authorizingHandler.handleDataAccess(authorizingContext);
                }
            }
        }
        if (!z) {
            obj = methodInvocation.proceed();
        }
        return obj;
    }

    public AopAuthorizingController(AuthorizingHandler authorizingHandler, AopMethodAuthorizeDefinitionParser aopMethodAuthorizeDefinitionParser) {
        this.authorizingHandler = authorizingHandler;
        this.aopMethodAuthorizeDefinitionParser = aopMethodAuthorizeDefinitionParser;
        setAdvice(this);
    }

    public boolean matches(Method method, Class<?> cls) {
        Authorize findAnnotation;
        boolean z = (AnnotationUtils.findAnnotation(cls, Controller.class) == null && AnnotationUtils.findAnnotation(cls, RestController.class) == null && AnnotationUtils.findAnnotation(cls, RequestMapping.class) == null && ((findAnnotation = AnnotationUtils.findAnnotation(cls, method, Authorize.class)) == null || findAnnotation.ignore())) ? false : true;
        if (z && this.autoParse) {
            this.aopMethodAuthorizeDefinitionParser.parse(cls, method);
        }
        return z;
    }

    public void run(String... strArr) throws Exception {
        if (this.autoParse) {
            List list = (List) this.aopMethodAuthorizeDefinitionParser.getAllParsed().stream().filter(authorizeDefinition -> {
                return !authorizeDefinition.isEmpty();
            }).collect(Collectors.toList());
            log.info("publish AuthorizeDefinitionInitializedEvent,definition size:{}", Integer.valueOf(list.size()));
            this.eventPublisher.publishEvent(new AuthorizeDefinitionInitializedEvent(list));
        }
    }
}
