package cn.ac.iscas.newframe.base.biz.aop.auth;

import cn.ac.iscas.newframe.base.biz.config.Constants;
import cn.ac.iscas.newframe.base.biz.config.StaticInfo;
import cn.ac.iscas.newframe.base.biz.service.AbstractAuthService;
import cn.ac.iscas.newframe.base.biz.util.SpringUtils;
import cn.ac.iscas.newframe.common.web.tools.cookie.CookieUtils;
import cn.ac.iscas.newframe.templet.exception.AuthorizationException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.collections4.CollectionUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnBean;
import org.springframework.stereotype.Component;

@Aspect
@ConditionalOnBean({AbstractAuthService.class})
@Component
/* loaded from: input_file:cn/ac/iscas/newframe/base/biz/aop/auth/RequiredRoleAspect.class */
public class RequiredRoleAspect implements Constants {
    private static final Logger log = LoggerFactory.getLogger(RequiredRoleAspect.class);

    @Autowired
    private AbstractAuthService authService;

    @Around("@annotation(requiredRole)")
    public Object before(ProceedingJoinPoint proceedingJoinPoint, RequiredRole requiredRole) throws Throwable {
        Cookie cookieByName;
        if (!StaticInfo.ENABLE_AUTH) {
            return proceedingJoinPoint.proceed();
        }
        HttpServletRequest request = SpringUtils.getRequest();
        SpringUtils.getResponse();
        this.authService.getAuth();
        String header = request.getHeader(Constants.TOKEN_KEY);
        if (header == null && (cookieByName = CookieUtils.getCookieByName(request, Constants.TOKEN_KEY)) != null) {
            header = cookieByName.getValue();
        }
        if (header == null) {
            log.error(request.getRemoteAddr() + "访问" + request.getRequestURI() + " :header中未携带 Authorization 或未携带cookie或cookie中无Authorization");
            throw new AuthorizationException("未携带身份认证信息", "header中未携带 Authorization 或未携带cookie或cookie中无Authorization");
        }
        if (!CollectionUtils.isNotEmpty(this.authService.getRoles(this.authService.verifyToken(header)))) {
            return proceedingJoinPoint.proceed();
        }
        log.error(request.getRemoteAddr() + "访问" + request.getRequestURI() + " :token中携带的用户或其角色信息不存在");
        throw new AuthorizationException("获取角色信息出错", "token中携带的用户或其角色信息不存在");
    }
}
