package com.jxdinfo.hussar.cloud.common.security.component;

import com.jxdinfo.hussar.cloud.common.security.exception.ForbiddenException;
import com.jxdinfo.hussar.cloud.common.security.exception.HussarAuth2Exception;
import com.jxdinfo.hussar.cloud.common.security.exception.InvalidException;
import com.jxdinfo.hussar.cloud.common.security.exception.MethodNotAllowedException;
import com.jxdinfo.hussar.cloud.common.security.exception.ServerErrorException;
import com.jxdinfo.hussar.cloud.common.security.exception.UnauthorizedException;
import com.jxdinfo.hussar.cloud.common.security.util.HussarSecurityMessageSourceUtil;
import java.util.Locale;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.DefaultThrowableAnalyzer;
import org.springframework.security.oauth2.common.exceptions.ClientAuthenticationException;
import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator;
import org.springframework.security.web.server.header.CacheControlServerHttpHeadersWriter;
import org.springframework.security.web.util.ThrowableAnalyzer;
import org.springframework.util.MultiValueMap;
import org.springframework.web.HttpRequestMethodNotSupportedException;

/* loaded from: input_file:BOOT-INF/lib/hussar-common-security-0.0.1.jar:com/jxdinfo/hussar/cloud/common/security/component/HussarWebResponseExceptionTranslator.class */
public class HussarWebResponseExceptionTranslator implements WebResponseExceptionTranslator {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) HussarWebResponseExceptionTranslator.class);
    private ThrowableAnalyzer throwableAnalyzer = new DefaultThrowableAnalyzer();

    @Override // org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator
    public ResponseEntity<OAuth2Exception> translate(Exception exc) {
        Throwable[] determineCauseChain = this.throwableAnalyzer.determineCauseChain(exc);
        if (((AuthenticationException) this.throwableAnalyzer.getFirstThrowableOfType(AuthenticationException.class, determineCauseChain)) != null) {
            return handleOAuth2Exception(new UnauthorizedException(exc.getMessage(), exc));
        }
        AccessDeniedException accessDeniedException = (AccessDeniedException) this.throwableAnalyzer.getFirstThrowableOfType(AccessDeniedException.class, determineCauseChain);
        if (accessDeniedException != null) {
            return handleOAuth2Exception(new ForbiddenException(accessDeniedException.getMessage(), accessDeniedException));
        }
        InvalidGrantException invalidGrantException = (InvalidGrantException) this.throwableAnalyzer.getFirstThrowableOfType(InvalidGrantException.class, determineCauseChain);
        if (invalidGrantException != null) {
            return handleOAuth2Exception(new InvalidException(HussarSecurityMessageSourceUtil.getAccessor().getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", invalidGrantException.getMessage(), Locale.CHINA), invalidGrantException));
        }
        HttpRequestMethodNotSupportedException httpRequestMethodNotSupportedException = (HttpRequestMethodNotSupportedException) this.throwableAnalyzer.getFirstThrowableOfType(HttpRequestMethodNotSupportedException.class, determineCauseChain);
        if (httpRequestMethodNotSupportedException != null) {
            return handleOAuth2Exception(new MethodNotAllowedException(httpRequestMethodNotSupportedException.getMessage(), httpRequestMethodNotSupportedException));
        }
        OAuth2Exception oAuth2Exception = (OAuth2Exception) this.throwableAnalyzer.getFirstThrowableOfType(OAuth2Exception.class, determineCauseChain);
        return oAuth2Exception != null ? handleOAuth2Exception(oAuth2Exception) : handleOAuth2Exception(new ServerErrorException(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase(), exc));
    }

    private ResponseEntity<OAuth2Exception> handleOAuth2Exception(OAuth2Exception oAuth2Exception) {
        int httpErrorCode = oAuth2Exception.getHttpErrorCode();
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.set("Cache-Control", "no-store");
        httpHeaders.set("Pragma", CacheControlServerHttpHeadersWriter.PRAGMA_VALUE);
        if (httpErrorCode == HttpStatus.UNAUTHORIZED.value() || (oAuth2Exception instanceof InsufficientScopeException)) {
            httpHeaders.set("WWW-Authenticate", String.format("%s %s", "Bearer", oAuth2Exception.getSummary()));
        }
        return oAuth2Exception instanceof ClientAuthenticationException ? new ResponseEntity<>(oAuth2Exception, (MultiValueMap<String, String>) httpHeaders, HttpStatus.valueOf(httpErrorCode)) : new ResponseEntity<>(new HussarAuth2Exception(oAuth2Exception.getMessage(), oAuth2Exception.getOAuth2ErrorCode()), (MultiValueMap<String, String>) httpHeaders, HttpStatus.valueOf(httpErrorCode));
    }
}
