package com.gold.ms.gateway.security.filter;

import com.gold.ms.gateway.AuthServerConstants;
import com.gold.ms.gateway.security.authentication.impl.MenuPermissions;
import com.gold.ms.gateway.security.client.BasicFeignClient;
import com.gold.ms.gateway.security.client.RoleAuthFeignClient;
import com.gold.ms.gateway.security.client.service.Dict;
import com.gold.ms.gateway.utils.SpringBeanUtils;
import java.io.IOException;
import java.util.List;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;

@WebFilter(filterName = "urlfilter", urlPatterns = {"/*"})
/* loaded from: input_file:com/gold/ms/gateway/security/filter/UrlFilter.class */
public class UrlFilter implements Filter {
    private Log logger = LogFactory.getLog(getClass());

    @Autowired
    private RoleAuthFeignClient roleAuthFeignClient;

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String requestURI = httpServletRequest.getRequestURI();
        try {
            if (requestURI.contains("workbench") && !requestURI.contains("dicttype/findDictList")) {
                this.roleAuthFeignClient.addMenu(requestURI, httpServletRequest.getMethod());
                List<MenuPermissions> data = this.roleAuthFeignClient.listAllMenuPermissions().getData();
                if (data != null && !data.isEmpty()) {
                    String obj = httpServletRequest.getSession().getAttribute("authService.USERID").toString();
                    String str = (String) httpServletRequest.getSession().getAttribute(AuthServerConstants.SESSION_KEY_SYSTEM_CODE);
                    String str2 = (String) httpServletRequest.getSession().getAttribute(AuthServerConstants.SESSION_KEY_SYSTEM_TOKEN);
                    String str3 = (String) httpServletRequest.getSession().getAttribute(AuthServerConstants.SESSION_KEY_USER_CODE);
                    String str4 = (String) httpServletRequest.getSession().getAttribute(AuthServerConstants.SESSION_KEY_USER_SCOPE);
                    String str5 = (String) httpServletRequest.getSession().getAttribute(AuthServerConstants.SESSION_KEY_LOGINID);
                    String method = httpServletRequest.getMethod();
                    if (StringUtils.hasText(obj)) {
                        boolean z = false;
                        BasicFeignClient basicFeignClient = (BasicFeignClient) SpringBeanUtils.getBean(BasicFeignClient.class);
                        List<Dict> data2 = basicFeignClient.findDict(new String[]{"AUTHORIZATION_DATA"}).getData();
                        if (data2 != null && data2.size() > 0 && "false".equals(data2.stream().filter(dict -> {
                            return "SSO_LOGIN".equals(dict.getDictCode());
                        }).findFirst().orElseGet(() -> {
                            return new Dict();
                        }).getDictName())) {
                            z = true;
                        }
                        List<String> data3 = basicFeignClient.listRoleByUserName(str5).getData();
                        List<MenuPermissions> data4 = (data3 == null || data3.size() <= 0) ? z ? this.roleAuthFeignClient.listMenuPermissions(obj).getData() : this.roleAuthFeignClient.listMenuPermissionsDj(str, str3, str4, str2).getData() : this.roleAuthFeignClient.listMenuPermissions("-1").getData();
                        if (Pattern.matches("[A-Za-z0-9_]+", method)) {
                            this.logger.info("requestUrl: " + requestURI + ", method: " + method);
                        } else {
                            this.logger.info("unauthorized > requestUrl: " + requestURI + ", method: " + method);
                        }
                        List<MenuPermissions> list = data4;
                        data.stream().forEach(menuPermissions -> {
                            if (requestURI.equals(menuPermissions.getRequestUrl()) && ((MenuPermissions) list.stream().filter(menuPermissions -> {
                                return menuPermissions.getRequestUrl().equals(menuPermissions.getRequestUrl()) && (StringUtils.isEmpty(menuPermissions.getOperationType()) || (StringUtils.hasText(menuPermissions.getOperationType()) && menuPermissions.getOperationType().equalsIgnoreCase(method)));
                            }).findFirst().orElse(null)) == null) {
                                this.logger.info("无访问权限，userId: " + obj + ", url: " + requestURI + ", method: " + method);
                                try {
                                    ((HttpServletResponse) servletResponse).sendError(400, "无访问权限!");
                                } catch (IOException e) {
                                    e.printStackTrace();
                                }
                            }
                        });
                    }
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }
}
