package org.gtiles.components.login.authentication;

import java.util.Collection;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.web.FilterInvocation;

/* loaded from: input_file:org/gtiles/components/login/authentication/CustomAccessDecisionManager.class */
public class CustomAccessDecisionManager implements AccessDecisionManager {
    private Map<String, IAccessDecisionAction> accessDecisionActionMap;
    private Log logger = LogFactory.getLog(getClass());

    public void decide(Authentication authentication, Object obj, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
        FilterInvocation filterInvocation = (FilterInvocation) obj;
        HttpServletRequest httpRequest = filterInvocation.getHttpRequest();
        HttpServletResponse httpResponse = filterInvocation.getHttpResponse();
        new StringBuffer();
        for (ConfigAttribute configAttribute : collection) {
            if ("ROLE_ANONYMOUS".equals(configAttribute.getAttribute())) {
                return;
            }
            Iterator it = authentication.getAuthorities().iterator();
            while (it.hasNext()) {
                if (((GrantedAuthority) it.next()).getAuthority().equals(configAttribute.toString())) {
                    IAccessDecisionAction decisionActionByAccessType = getDecisionActionByAccessType(filterInvocation.getHttpRequest().getRequestURI());
                    String requestUrl = filterInvocation.getRequestUrl();
                    int indexOf = requestUrl.indexOf("?");
                    if (indexOf != -1) {
                        requestUrl = requestUrl.substring(0, indexOf);
                    }
                    if (decisionActionByAccessType.doAccessDecision(requestUrl, (AuthorizedDetails) authentication.getDetails(), httpRequest, httpResponse)) {
                        return;
                    }
                }
            }
        }
        throw new AccessDeniedException("访问拒绝：" + filterInvocation.getFullRequestUrl());
    }

    private IAccessDecisionAction getDecisionActionByAccessType(String str) {
        int lastIndexOf = str.lastIndexOf(".");
        String str2 = null;
        if (lastIndexOf > 0) {
            str2 = str.substring(lastIndexOf + 1).toLowerCase();
        }
        IAccessDecisionAction iAccessDecisionAction = this.accessDecisionActionMap.get(str2);
        if (iAccessDecisionAction == null) {
            iAccessDecisionAction = this.accessDecisionActionMap.get("*");
        }
        if (iAccessDecisionAction == null) {
            throw new NullPointerException("accessDecisionAction not be null for access type :" + str2);
        }
        return iAccessDecisionAction;
    }

    public boolean supports(ConfigAttribute configAttribute) {
        return true;
    }

    public boolean supports(Class<?> cls) {
        return true;
    }

    public Map<String, IAccessDecisionAction> getAccessDecisionActionMap() {
        return this.accessDecisionActionMap;
    }

    public void setAccessDecisionActionMap(Map<String, IAccessDecisionAction> map) {
        this.accessDecisionActionMap = map;
    }
}
