package org.gtiles.components.securityworkbench.login.web;

import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.gtiles.components.gtauth.auth.bean.dto.AuthResourceDto;
import org.gtiles.components.securityworkbench.bean.SwbAuthUser;
import org.gtiles.components.securityworkbench.login.SwbLoginConfigurable;
import org.gtiles.components.securityworkbench.login.SwbSessionUtils;
import org.gtiles.core.module.config.ConfigHolder;
import org.gtiles.core.module.config.ConfigItem;
import org.gtiles.core.web.GTilesContext;
import org.gtiles.core.web.annotation.ModuleOperating;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerMapping;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:org/gtiles/components/securityworkbench/login/web/SwbSecurityInterceptor.class */
public class SwbSecurityInterceptor extends HandlerInterceptorAdapter {
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        HandlerMethod handlerMethod;
        ModuleOperating methodAnnotation;
        String str = (String) httpServletRequest.getAttribute(HandlerMapping.PATH_WITHIN_HANDLER_MAPPING_ATTRIBUTE);
        ConfigItem config = ConfigHolder.getConfig(SwbLoginConfigurable.SWB_LOGIN_CONFIG_CODE, "plugins_swblogin_loginUrl");
        for (String str2 : ((String) ConfigHolder.getConfigValue(SwbLoginConfigurable.SWB_LOGIN_CONFIG_CODE, "plugins_swblogin_no_directory")).split(",")) {
            if (str.indexOf(str2) > 0) {
                return true;
            }
        }
        if (SwbSessionUtils.getAuthUser(httpServletRequest) == null) {
            httpServletResponse.setStatus(403);
            return false;
        }
        long parseInt = Integer.parseInt(ConfigHolder.getConfig(SwbLoginConfigurable.SWB_LOGIN_CONFIG_CODE, "plugins_swblogin_timeout").getValue()) * 60 * 1000;
        long currentTimeMillis = System.currentTimeMillis();
        SwbAuthUser authUser = SwbSessionUtils.getAuthUser(httpServletRequest);
        if (currentTimeMillis - authUser.getAuthTimeStamp() > parseInt) {
            if (str.endsWith(".json")) {
                httpServletResponse.setStatus(403);
                return false;
            }
            httpServletResponse.sendRedirect(config.getValue());
            return false;
        }
        if (authUser == null || "admin".equals(authUser.getSwbUserId()) || (methodAnnotation = (handlerMethod = (HandlerMethod) obj).getMethodAnnotation(ModuleOperating.class)) == null || !methodAnnotation.needAuth()) {
            return true;
        }
        Map map = (Map) httpServletRequest.getSession().getAttribute(SwbSessionUtils.SWB_SESSION_USER_RES);
        if (map == null || map.get(methodAnnotation.code()) == null) {
            httpServletResponse.setStatus(405);
            return false;
        }
        Integer isAuditLog = ((AuthResourceDto) map.get(methodAnnotation.code())).getIsAuditLog();
        if (isAuditLog == null || isAuditLog.intValue() != 1) {
            return true;
        }
        GTilesContext.addRemoteOperatingAuditConfigs(handlerMethod);
        return true;
    }
}
