package com.centit.dde.controller;

import com.centit.dde.routemeta.RouteMetadataService;
import com.centit.framework.common.WebOptUtils;
import com.centit.framework.security.CentitSecurityMetadata;
import com.centit.support.common.ObjectException;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import java.io.IOException;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.tuple.Pair;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@Api(value = "api网关", tags = {"api网关 - gateway"})
@RequestMapping({"gateway"})
@RestController
/* loaded from: input_file:com/centit/dde/controller/ApiRouteController.class */
public class ApiRouteController extends DoApiController {

    @Autowired
    private RouteMetadataService routeMetadataService;

    private void judgePower(String str, HttpServletRequest httpServletRequest) {
        List<ConfigAttribute> apiRoleList = CentitSecurityMetadata.getApiRoleList(str);
        if (apiRoleList == null || apiRoleList.isEmpty()) {
            return;
        }
        Collection authorities = WebOptUtils.assertUserDetails(httpServletRequest).getAuthorities();
        if (authorities != null) {
            Iterator it = authorities.iterator();
            Iterator it2 = apiRoleList.iterator();
            String attribute = ((ConfigAttribute) it2.next()).getAttribute();
            String authority = ((GrantedAuthority) it.next()).getAuthority();
            while (true) {
                int compareTo = attribute.compareTo(authority);
                if (compareTo == 0) {
                    return;
                }
                if (compareTo < 0) {
                    if (!it2.hasNext()) {
                        break;
                    } else {
                        attribute = ((ConfigAttribute) it2.next()).getAttribute();
                    }
                } else if (!it.hasNext()) {
                    break;
                } else {
                    authority = ((GrantedAuthority) it.next()).getAuthority();
                }
            }
        }
        StringBuilder append = new StringBuilder("no auth: ").append(str).append("; need role: ");
        boolean z = true;
        for (ConfigAttribute configAttribute : apiRoleList) {
            if (z) {
                z = false;
            } else {
                append.append(", ");
            }
            append.append(configAttribute.getAttribute().substring(2));
        }
        append.append(".");
        throw new ObjectException(403, append.toString());
    }

    @GetMapping({"/**"})
    @ApiOperation("执行get方法")
    public void doGetApi(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Pair<String, List<String>> mapUrlToPacketId = this.routeMetadataService.mapUrlToPacketId(httpServletRequest.getRequestURI(), "GET");
        if (mapUrlToPacketId == null) {
            throw new ObjectException(404, "未找到对应的api接口, GET:" + httpServletRequest.getRequestURI());
        }
        judgePower((String) mapUrlToPacketId.getLeft(), httpServletRequest);
        returnObject((String) mapUrlToPacketId.getLeft(), "N", "1", httpServletRequest, httpServletResponse);
    }

    @PostMapping({"/**"})
    @ApiOperation("发布：立即执行任务POST")
    public void runPostTaskExchange(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Pair<String, List<String>> mapUrlToPacketId = this.routeMetadataService.mapUrlToPacketId(httpServletRequest.getRequestURI(), "POST");
        if (mapUrlToPacketId == null) {
            throw new ObjectException(404, "未找到对应的api接口, POST:" + httpServletRequest.getRequestURI());
        }
        judgePower((String) mapUrlToPacketId.getLeft(), httpServletRequest);
        returnObject((String) mapUrlToPacketId.getLeft(), "N", "3", httpServletRequest, httpServletResponse);
    }

    @PutMapping({"/**"})
    @ApiOperation("发布：立即执行任务PUT")
    public void runPutTaskExchange(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Pair<String, List<String>> mapUrlToPacketId = this.routeMetadataService.mapUrlToPacketId(httpServletRequest.getRequestURI(), "PUT");
        if (mapUrlToPacketId == null) {
            throw new ObjectException(404, "未找到对应的api接口, PUT:" + httpServletRequest.getRequestURI());
        }
        judgePower((String) mapUrlToPacketId.getLeft(), httpServletRequest);
        returnObject((String) mapUrlToPacketId.getLeft(), "N", "5", httpServletRequest, httpServletResponse);
    }

    @DeleteMapping({"/**"})
    @ApiOperation("发布：立即执行任务DELETE")
    public void runDelTaskExchange(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Pair<String, List<String>> mapUrlToPacketId = this.routeMetadataService.mapUrlToPacketId(httpServletRequest.getRequestURI(), "DELETE");
        if (mapUrlToPacketId == null) {
            throw new ObjectException(404, "未找到对应的api接口, DELETE:" + httpServletRequest.getRequestURI());
        }
        judgePower((String) mapUrlToPacketId.getLeft(), httpServletRequest);
        returnObject((String) mapUrlToPacketId.getLeft(), "N", "6", httpServletRequest, httpServletResponse);
    }
}
