package com.gccloud.starter.core.shiro;

import com.gccloud.starter.common.entity.SysRoleEntity;
import com.gccloud.starter.common.exception.GlobalException;
import com.gccloud.starter.common.vo.CurrentUserBase;
import com.gccloud.starter.core.service.ISysRoleService;
import com.gccloud.starter.core.service.ISysSignatureService;
import com.gccloud.starter.core.service.ISysTokenService;
import com.gccloud.starter.core.service.ISysUserService;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;

@ConditionalOnProperty(prefix = "gc.starter.component", name = {"ShiroAuthRealm"}, havingValue = "ShiroAuthRealm", matchIfMissing = true)
@Component
/* loaded from: input_file:com/gccloud/starter/core/shiro/ShiroAuthRealm.class */
public class ShiroAuthRealm extends AuthorizingRealm {
    private static final Logger log = LoggerFactory.getLogger(ShiroAuthRealm.class);

    @Resource
    private ISysUserService userService;

    @Resource
    private ISysRoleService roleService;

    @Resource
    private ISysTokenService tokenService;

    @Resource
    private ISysSignatureService signatureService;

    @PostConstruct
    public void initTip() {
        log.info("----------------------------------------");
        log.info("初始化框架默认的Shiro认证逻辑");
        log.info("----------------------------------------");
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof ShiroAuthToken;
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        CurrentUserBase currentUserBase = (CurrentUserBase) principalCollection.getPrimaryPrincipal();
        Set<String> permission = this.userService.getPermission(currentUserBase.getId());
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setStringPermissions(permission);
        Set set = null;
        List<SysRoleEntity> roleList = this.roleService.getRoleList(currentUserBase.getId());
        if (roleList != null) {
            set = (Set) roleList.stream().map(sysRoleEntity -> {
                return sysRoleEntity.getCode();
            }).collect(Collectors.toSet());
        }
        simpleAuthorizationInfo.setRoles(set);
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (authenticationToken.getClass().equals(SignatureAuthToken.class)) {
            HttpServletRequest request = ((SignatureAuthToken) authenticationToken).getRequest();
            this.signatureService.validateSignature(request);
            return new SimpleAuthenticationInfo(this.signatureService.createCurrentUser(request), "sign", getName());
        }
        String str = (String) authenticationToken.getPrincipal();
        CurrentUserBase userFromToken = this.tokenService.getUserFromToken(str);
        if (userFromToken == null) {
            throw new GlobalException("token异常，请重新获取.");
        }
        return new SimpleAuthenticationInfo(userFromToken, str, getName());
    }
}
