package org.jeecg.modules.jmreport.config.firewall.interceptor;

import com.alibaba.fastjson.JSON;
import java.io.IOException;
import java.io.PrintWriter;
import java.lang.reflect.Method;
import java.util.Arrays;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jeecg.modules.jmreport.common.annotation.JimuNoLoginRequired;
import org.jeecg.modules.jmreport.common.annotation.b;
import org.jeecg.modules.jmreport.common.constant.a;
import org.jeecg.modules.jmreport.common.constant.d;
import org.jeecg.modules.jmreport.common.util.c;
import org.jeecg.modules.jmreport.common.util.j;
import org.jeecg.modules.jmreport.common.util.n;
import org.jeecg.modules.jmreport.common.vo.Result;
import org.jeecg.modules.jmreport.config.JmReportBaseConfig;
import org.jeecg.modules.jmreport.config.client.JmReportTokenClient;
import org.jeecg.modules.jmreport.desreport.service.IJimuReportShareService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

/* loaded from: input_file:org/jeecg/modules/jmreport/config/firewall/interceptor/JimuReportTokenInterceptor.class */
public class JimuReportTokenInterceptor implements HandlerInterceptor {

    @Autowired
    private JmReportTokenClient jimuTokenClient;

    @Autowired
    private JmReportBaseConfig jmBaseConfig;

    @Autowired
    private IJimuReportShareService jimuReportShareService;
    private static final Logger log = LoggerFactory.getLogger(JimuReportTokenInterceptor.class);
    private static String NO_PERMISSION_PROMPT_MSG = "权限不足，此功能需要分配角色！";
    private static final Integer GEN_TEST_DATA_CODE = 402;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        String i = c.i(httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length()));
        log.debug("JimuReportInterceptor check requestPath = " + i);
        int i2 = 500;
        if (n.a(i)) {
            log.error("请注意，请求地址有xss攻击风险！" + i);
            backError(httpServletResponse, "请求地址有xss攻击风险!", Integer.valueOf(d.fw));
            return false;
        }
        String customPrePath = this.jmBaseConfig.getCustomPrePath();
        log.debug("customPrePath: {}", customPrePath);
        if (j.d((Object) customPrePath) && !customPrePath.startsWith("/")) {
            customPrePath = "/" + customPrePath;
        }
        httpServletRequest.setAttribute("customPrePath", customPrePath);
        Method method = ((HandlerMethod) obj).getMethod();
        if (i.contains(a.M) || j.d((JimuNoLoginRequired) method.getAnnotation(JimuNoLoginRequired.class))) {
            return true;
        }
        boolean z = false;
        try {
            z = verifyToken(httpServletRequest);
        } catch (Exception e) {
        }
        if (!z) {
            if (this.jimuReportShareService.isSharingEffective(i, httpServletRequest)) {
                return true;
            }
            if (!j.d((Object) httpServletRequest.getParameter("previousPage"))) {
                log.error("Token校验失败！请求无权限(" + httpServletRequest.getMethod() + ")：" + i);
                backError(httpServletResponse, "Token校验失败，无权限访问！", Integer.valueOf(d.fw));
                return false;
            }
            if (this.jimuReportShareService.isShareingToken(i, httpServletRequest)) {
                return true;
            }
            log.error("分享链接失效或分享token不匹配(" + httpServletRequest.getMethod() + ")：" + i);
            backError(httpServletResponse, "分享链接失效或分享token不匹配，禁止钻取!", Integer.valueOf(d.fw));
            return false;
        }
        b bVar = (b) method.getAnnotation(b.class);
        if (bVar == null) {
            return true;
        }
        String[] a = bVar.a();
        String[] roles = this.jimuTokenClient.getRoles(httpServletRequest);
        if (roles == null || roles.length == 0) {
            log.error("此接口需要角色权限，请联系管理员！请求无权限(" + httpServletRequest.getMethod() + ")：" + i);
            if ("/jmreport/loadTableData".equals(i)) {
                i2 = GEN_TEST_DATA_CODE.intValue();
            }
            backError(httpServletResponse, NO_PERMISSION_PROMPT_MSG, Integer.valueOf(i2));
            return false;
        }
        if (Arrays.stream(roles).anyMatch(str -> {
            return j.a(str, a);
        })) {
            return true;
        }
        log.error("此接口需要角色权限，请联系管理员！请求无权限(" + httpServletRequest.getMethod() + ")：" + i);
        if ("/jmreport/loadTableData".equals(i)) {
            i2 = GEN_TEST_DATA_CODE.intValue();
        }
        backError(httpServletResponse, NO_PERMISSION_PROMPT_MSG, Integer.valueOf(i2));
        return false;
    }

    private boolean verifyToken(HttpServletRequest httpServletRequest) {
        return this.jimuTokenClient.verifyToken(httpServletRequest).booleanValue();
    }

    private void backError(HttpServletResponse httpServletResponse, String str, Integer num) {
        PrintWriter printWriter = null;
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json; charset=utf-8");
        httpServletResponse.setHeader("auth", "fail");
        try {
            try {
                printWriter = httpServletResponse.getWriter();
                printWriter.print(JSON.toJSON(Result.error(num.intValue(), str)));
                if (printWriter != null) {
                    printWriter.close();
                }
            } catch (IOException e) {
                log.error(e.getMessage());
                if (printWriter != null) {
                    printWriter.close();
                }
            }
        } catch (Throwable th) {
            if (printWriter != null) {
                printWriter.close();
            }
            throw th;
        }
    }
}
