package com.focus.locode.plugin.ca.auth;

import com.alibaba.fastjson2.JSON;
import com.centit.framework.model.basedata.RolePower;
import com.centit.framework.model.security.CentitSecurityConfig;
import com.centit.framework.security.SecurityContextUtils;
import com.centit.framework.security.SystemSecurityMetadata;
import com.centit.support.common.CachedObject;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;

/* loaded from: input_file:com/focus/locode/plugin/ca/auth/FocusSecurityMetadataSource.class */
public class FocusSecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
    private static final Logger logger = LoggerFactory.getLogger(FilterInvocationSecurityMetadataSource.class);
    private static final String DDE_RUN = "/dde/run/";
    private static final int DDE_RUN_TAG_LENGTH = 9;
    private static final String DDE_RUN_DRAFT = "draft";
    private SystemSecurityMetadata systemSecurityMetadata = new SystemSecurityMetadata();
    private CachedObject<Map<String, List<ConfigAttribute>>> apiSecurityMetadata = new CachedObject<>(this::loadOptRoleMap, 900);
    private ObtainAuthData obtainAuthData;

    public FocusSecurityMetadataSource(ObtainAuthData obtainAuthData) {
        this.obtainAuthData = obtainAuthData;
    }

    public Map<String, List<ConfigAttribute>> loadOptRoleMap() {
        List<RolePower> roleResourceByAppSymbols = this.obtainAuthData.getRoleResourceByAppSymbols();
        if (roleResourceByAppSymbols == null) {
            return null;
        }
        HashMap hashMap = new HashMap();
        for (RolePower rolePower : roleResourceByAppSymbols) {
            List list = (List) hashMap.get(rolePower.getOptCode());
            if (list == null) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(dealRolePower(rolePower));
                hashMap.put(rolePower.getOptCode(), arrayList);
            } else {
                list.add(dealRolePower(rolePower));
            }
        }
        Iterator it = hashMap.entrySet().iterator();
        while (it.hasNext()) {
            Collections.sort((List) ((Map.Entry) it.next()).getValue(), Comparator.comparing((v0) -> {
                return v0.getAttribute();
            }));
        }
        return hashMap;
    }

    private CentitSecurityConfig dealRolePower(RolePower rolePower) {
        return SecurityContextUtils.PUBLIC_ROLE_CODE.equalsIgnoreCase(rolePower.getRoleCode()) ? new CentitSecurityConfig("R_" + StringUtils.trim(rolePower.getRoleCode()) + rolePower.getTopUnit()) : SecurityContextUtils.ANONYMOUS_ROLE_CODE.equalsIgnoreCase(rolePower.getRoleCode()) ? new CentitSecurityConfig(SecurityContextUtils.SPRING_ANONYMOUS_ROLE_CODE) : new CentitSecurityConfig("R_" + StringUtils.trim(rolePower.getRoleCode()));
    }

    public boolean supports(Class<?> cls) {
        return FilterInvocation.class.isAssignableFrom(cls);
    }

    public Collection<ConfigAttribute> getAllConfigAttributes() {
        return null;
    }

    public Collection<ConfigAttribute> getAttributes(Object obj) throws IllegalArgumentException {
        if (obj == null || !supports(obj.getClass())) {
            throw new IllegalArgumentException("对不起,目标对象不是类型");
        }
        FilterInvocation filterInvocation = (FilterInvocation) obj;
        HttpServletRequest httpRequest = filterInvocation.getHttpRequest();
        String requestUrl = filterInvocation.getRequestUrl();
        String parseUrlToApi = parseUrlToApi(requestUrl);
        if (StringUtils.isBlank(parseUrlToApi)) {
            return this.systemSecurityMetadata.matchUrlToRole(requestUrl, httpRequest);
        }
        Collection<ConfigAttribute> collection = (Collection) ((Map) this.apiSecurityMetadata.getCachedTarget()).get(parseUrlToApi);
        logger.warn("通过权限过滤器 请求url = " + requestUrl + " 请求类型 = " + httpRequest.getMethod() + " 需要的角色" + JSON.toJSONString(collection));
        return collection;
    }

    public static String parseUrlToApi(String str) {
        String str2 = "";
        int indexOf = str.indexOf(DDE_RUN);
        if (indexOf >= 0) {
            int i = indexOf + DDE_RUN_TAG_LENGTH;
            int indexOf2 = str.indexOf(47, i);
            if (indexOf2 <= 0) {
                indexOf2 = str.indexOf(63, i);
            }
            if (indexOf2 <= 0) {
                indexOf2 = str.length();
            }
            str2 = str.substring(i, indexOf2);
            if (DDE_RUN_DRAFT.equals(str2)) {
                return "";
            }
        }
        return str2;
    }
}
