package org.wf.jwtp;

import io.jsonwebtoken.ExpiredJwtException;
import java.lang.reflect.Method;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import org.wf.jwtp.exception.ErrorTokenException;
import org.wf.jwtp.exception.ExpiredTokenException;
import org.wf.jwtp.exception.UnauthorizedException;
import org.wf.jwtp.perm.UrlPerm;
import org.wf.jwtp.provider.Token;
import org.wf.jwtp.provider.TokenStore;
import org.wf.jwtp.util.CheckPermissionUtil;
import org.wf.jwtp.util.SubjectUtil;
import org.wf.jwtp.util.TokenUtil;

/* loaded from: input_file:org/wf/jwtp/TokenInterceptor.class */
public class TokenInterceptor extends HandlerInterceptorAdapter {
    protected final Log logger = LogFactory.getLog(getClass());
    private TokenStore tokenStore;
    private UrlPerm urlPerm;

    public TokenInterceptor() {
    }

    public TokenInterceptor(TokenStore tokenStore) {
        setTokenStore(tokenStore);
    }

    public TokenInterceptor(TokenStore tokenStore, UrlPerm urlPerm) {
        setTokenStore(tokenStore);
        setUrlPerm(urlPerm);
    }

    public TokenStore getTokenStore() {
        return this.tokenStore;
    }

    public void setTokenStore(TokenStore tokenStore) {
        this.tokenStore = tokenStore;
    }

    public void setUrlPerm(UrlPerm urlPerm) {
        this.urlPerm = urlPerm;
    }

    public UrlPerm getUrlPerm() {
        return this.urlPerm;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (httpServletRequest.getMethod().toUpperCase().equals("OPTIONS")) {
            CheckPermissionUtil.passOptions(httpServletResponse);
            return false;
        }
        Method method = null;
        if (obj instanceof HandlerMethod) {
            method = ((HandlerMethod) obj).getMethod();
        }
        if (method == null || CheckPermissionUtil.checkIgnore(method)) {
            return super.preHandle(httpServletRequest, httpServletResponse, obj);
        }
        String takeToken = CheckPermissionUtil.takeToken(httpServletRequest);
        if (takeToken == null || takeToken.trim().isEmpty()) {
            throw new ErrorTokenException("Token不能为空");
        }
        try {
            String tokenKey = this.tokenStore.getTokenKey();
            this.logger.debug("ACCESS_TOKEN: " + takeToken + "   TOKEN_KEY: " + tokenKey);
            String parseToken = TokenUtil.parseToken(takeToken, tokenKey);
            Token findToken = this.tokenStore.findToken(parseToken, takeToken);
            if (findToken == null) {
                this.logger.debug("ERROR: Token Not Found");
                throw new ErrorTokenException();
            }
            findToken.setRoles(this.tokenStore.findRolesByUserId(parseToken, findToken));
            findToken.setPermissions(this.tokenStore.findPermissionsByUserId(parseToken, findToken));
            if (CheckPermissionUtil.isNoPermission(findToken, httpServletRequest, httpServletResponse, obj, this.urlPerm)) {
                throw new UnauthorizedException();
            }
            httpServletRequest.setAttribute(SubjectUtil.REQUEST_TOKEN_NAME, findToken);
            return super.preHandle(httpServletRequest, httpServletResponse, obj);
        } catch (ExpiredJwtException e) {
            this.logger.debug("ERROR: ExpiredJwtException");
            throw new ExpiredTokenException();
        } catch (Exception e2) {
            throw new ErrorTokenException();
        }
    }
}
