package com.sinosoft.bff.interceptor;

import cn.hutool.core.util.StrUtil;
import cn.hutool.http.HttpUtil;
import com.alibaba.fastjson.JSONObject;
import com.sinosoft.bff.util.CookieUtil;
import com.sinosoft.config.AppConfig;
import com.sinosoft.core.service.AuthService;
import java.io.IOException;
import java.nio.charset.Charset;
import java.util.HashMap;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.tomcat.util.http.fileupload.FileUploadBase;
import org.aspectj.weaver.model.AsmRelationshipUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:BOOT-INF/classes/com/sinosoft/bff/interceptor/AuthInterceptor.class */
public class AuthInterceptor extends HandlerInterceptorAdapter {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) AuthInterceptor.class);

    @Value("${configs.COOKIE_KEY_CODE}")
    private String cookieKeyCode;

    @Value("${sso.ssoService:}")
    private String ssoService;

    @Value("${sso.cookieName}")
    private String cookieName;

    @Autowired
    private AuthService authService;

    @Autowired
    private AppConfig appConfig;

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!this.appConfig.isEnableAuthInterceptor()) {
            return true;
        }
        log.info("拦截器【AuthInterceptor】,拦截到了");
        String cookie = CookieUtil.getCookie(httpServletRequest, this.cookieName);
        if (StrUtil.isEmpty(cookie)) {
            writeResponse(httpServletResponse, "登录信息失效");
            return false;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("ticket", cookie);
        JSONObject parseObject = JSONObject.parseObject(HttpUtil.post(this.ssoService + "/ticket/authTicket", hashMap));
        if (parseObject.getBoolean(AsmRelationshipUtils.DECLARE_ERROR).booleanValue()) {
            writeResponse(httpServletResponse, "获取用户信息失败");
            return false;
        }
        if (StrUtil.isEmpty((String) httpServletRequest.getSession().getAttribute(this.cookieKeyCode))) {
            String cookie2 = CookieUtil.getCookie(httpServletRequest, "KOAL_CERT_CN");
            if (StrUtil.isNotEmpty(cookie2)) {
                httpServletRequest.getSession().setAttribute(this.cookieKeyCode, cookie2);
            }
        }
        String string = parseObject.getJSONObject("user").getString("userid");
        String cookie3 = CookieUtil.getCookie(httpServletRequest, "userid");
        if (StrUtil.isEmpty(string) || StrUtil.isEmpty(cookie3) || !string.equals(cookie3)) {
            writeResponse(httpServletResponse, "cookie中的信息和当前登录信息无法匹配");
            return false;
        }
        if (checkKey(httpServletRequest, httpServletResponse).booleanValue()) {
            return true;
        }
        writeResponse(httpServletResponse, "证书校验失败");
        return false;
    }

    private void writeResponse(HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setStatus(401);
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        httpServletResponse.setHeader(FileUploadBase.CONTENT_TYPE, "text/html,charset=UTF8");
        outputStream.write(str.getBytes(Charset.forName("UTF8")));
    }

    private Boolean checkKey(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        log.debug("验证cookie与session中key是否一致====");
        String cookie = CookieUtil.getCookie(httpServletRequest, "KOAL_CERT_CN");
        log.debug("cookie中的证书： {}", cookie);
        if (StrUtil.isEmpty(cookie)) {
            writeResponse(httpServletResponse, "cookie中未找到【K***_CERT_C*】属性值");
            return false;
        }
        String str = (String) httpServletRequest.getSession().getAttribute(this.cookieKeyCode);
        log.debug("session中的证书： {}", str);
        boolean equals = StrUtil.isBlank(cookie) ? true : StrUtil.isNotBlank(str) ? cookie.equals(str) : true;
        log.debug("证书验证： {}", equals ? "通过" : "未通过");
        return Boolean.valueOf(equals);
    }
}
