package cool.linco.common.shiroweb.webconfig;

import cool.linco.common.shiroweb.entity_define.SysAuth;
import cool.linco.common.shiroweb.entity_define.SysRole;
import cool.linco.common.shiroweb.entity_define.SysUser;
import cool.linco.common.shiroweb.service.IShiroUserService;
import cool.linco.common.shiroweb.utils.CommonConst;
import java.util.Iterator;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:cool/linco/common/shiroweb/webconfig/ShiroRealm.class */
public class ShiroRealm extends AuthorizingRealm {
    Logger logger = LoggerFactory.getLogger(ShiroRealm.class);

    @Autowired
    private IShiroUserService iShiroUserService;

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        this.logger.info("----------------permission cache----------------");
        Session session = SecurityUtils.getSubject().getSession();
        AuthorizationInfo authorizationInfo = (AuthorizationInfo) session.getAttribute(CommonConst.AUTHORIZATIONINFO);
        if (authorizationInfo != null) {
            return authorizationInfo;
        }
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        try {
            SysUser sysUser = (SysUser) principalCollection.getPrimaryPrincipal();
            Iterator<SysRole> it = this.iShiroUserService.queryRoleByUser(sysUser).iterator();
            while (it.hasNext()) {
                simpleAuthorizationInfo.addRole(it.next().getSysRoleName());
            }
            Iterator<SysAuth> it2 = this.iShiroUserService.queryAuthByUser(sysUser).iterator();
            while (it2.hasNext()) {
                simpleAuthorizationInfo.addStringPermission(it2.next().getSysAuthPermission());
            }
        } catch (Exception e) {
            this.logger.error("error in config permission", e);
        }
        session.setAttribute(CommonConst.AUTHORIZATIONINFO, simpleAuthorizationInfo);
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        if (authenticationToken.getPrincipal() == null || !(authenticationToken instanceof UsernamePasswordToken)) {
            return null;
        }
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
        String username = usernamePasswordToken.getUsername();
        String str = new String(usernamePasswordToken.getPassword());
        SysUser queryUserByUser = this.iShiroUserService.queryUserByUser(new SysUser(username, str));
        if (queryUserByUser == null) {
            throw new UnknownAccountException();
        }
        if (!str.equals(queryUserByUser.getPassword())) {
            throw new IncorrectCredentialsException();
        }
        queryUserByUser.setPassword("");
        usernamePasswordToken.setPassword(queryUserByUser.getPassword().toCharArray());
        if (0 == queryUserByUser.getUserState().byteValue()) {
            throw new LockedAccountException();
        }
        if (queryUserByUser.getUserState().byteValue() < 0) {
            throw new DisabledAccountException();
        }
        return new SimpleAuthenticationInfo(queryUserByUser, queryUserByUser.getPassword(), getName());
    }
}
