package com.jxdinfo.hussar.eai.datapacket.business.server.filter;

import com.jxdinfo.hussar.eai.datapacket.business.api.dto.PacketDataQueryDto;
import com.jxdinfo.hussar.eai.datapacket.business.server.controller.EaiDataPacketApiController;
import com.jxdinfo.hussar.eai.datapacket.business.server.exception.EaiClientAuthRequestBodyException;
import com.jxdinfo.hussar.eai.datapacket.business.server.util.EaiDataPacketUtil;
import com.jxdinfo.hussar.platform.core.utils.HussarUtils;
import com.jxdinfo.hussar.support.security.plugin.oauth2.SecurityOAuth2Manager;
import com.jxdinfo.hussar.support.security.plugin.oauth2.logic.SecurityOAuth2Constants;
import com.jxdinfo.hussar.support.security.plugin.oauth2.logic.SecurityOAuth2Util;
import com.jxdinfo.hussar.support.security.plugin.oauth2.model.ClientTokenModel;
import java.io.IOException;
import java.lang.reflect.Method;
import java.lang.reflect.Type;
import java.util.Objects;
import org.jetbrains.annotations.NotNull;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.lang.NonNull;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;

@ControllerAdvice(assignableTypes = {EaiDataPacketApiController.class})
/* loaded from: input_file:com/jxdinfo/hussar/eai/datapacket/business/server/filter/ClientAuthRequestBodyAdvice.class */
public class ClientAuthRequestBodyAdvice implements RequestBodyAdvice {
    public boolean supports(@NonNull MethodParameter methodParameter, @NonNull Type type, @NonNull Class<? extends HttpMessageConverter<?>> cls) {
        return "queryPacketData".equals(((Method) Objects.requireNonNull(methodParameter.getMethod())).getName());
    }

    @NotNull
    public HttpInputMessage beforeBodyRead(@NonNull HttpInputMessage httpInputMessage, @NonNull MethodParameter methodParameter, @NonNull Type type, Class<? extends HttpMessageConverter<?>> cls) throws IOException {
        return httpInputMessage;
    }

    @NotNull
    public Object afterBodyRead(@NonNull Object obj, @NonNull HttpInputMessage httpInputMessage, @NonNull MethodParameter methodParameter, @NonNull Type type, Class<? extends HttpMessageConverter<?>> cls) {
        if (getTokenModelFromReq(httpInputMessage).permissions.contains(getPacketCodeFromReq(obj))) {
            return obj;
        }
        throw new EaiClientAuthRequestBodyException("客户端没有访问当前数据包的权限");
    }

    public Object handleEmptyBody(Object obj, @NonNull HttpInputMessage httpInputMessage, @NonNull MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> cls) {
        return obj;
    }

    private ClientTokenModel getTokenModelFromReq(HttpInputMessage httpInputMessage) {
        String first = httpInputMessage.getHeaders().getFirst(SecurityOAuth2Manager.getConfig().getHeaderTokenKey());
        if (HussarUtils.isEmpty(first)) {
            throw new EaiClientAuthRequestBodyException("没有在请求头信息中获取到accessToken信息");
        }
        String first2 = httpInputMessage.getHeaders().getFirst(SecurityOAuth2Constants.Param.tenant_code);
        String first3 = httpInputMessage.getHeaders().getFirst(SecurityOAuth2Constants.Param.client_id);
        ClientTokenModel tokenModelByAcessToken = SecurityOAuth2Util.getTokenModelByAcessToken(first, first2);
        if (HussarUtils.equals(tokenModelByAcessToken.getValidClientId(), first3)) {
            return tokenModelByAcessToken;
        }
        throw new EaiClientAuthRequestBodyException("token对应的clientId与请求中的clientId不一致");
    }

    private String getPacketCodeFromReq(Object obj) {
        PacketDataQueryDto packetDataQueryDto = (PacketDataQueryDto) obj;
        if (HussarUtils.isEmpty(packetDataQueryDto.getPacketCode())) {
            throw new EaiClientAuthRequestBodyException("数据包标识不能为空");
        }
        return EaiDataPacketUtil.getDataPacketResourceUrlNames(packetDataQueryDto.getPacketCode());
    }
}
