package org.wf.jwtp.util;

import java.lang.reflect.Method;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.method.HandlerMethod;
import org.wf.jwtp.annotation.Ignore;
import org.wf.jwtp.annotation.Logical;
import org.wf.jwtp.annotation.RequiresPermissions;
import org.wf.jwtp.annotation.RequiresRoles;
import org.wf.jwtp.perm.UrlPerm;
import org.wf.jwtp.perm.UrlPermResult;
import org.wf.jwtp.provider.Token;

/* loaded from: input_file:org/wf/jwtp/util/CheckPermissionUtil.class */
public class CheckPermissionUtil {
    public static boolean checkIgnore(Method method) {
        return (((Ignore) method.getAnnotation(Ignore.class)) == null && ((Ignore) method.getDeclaringClass().getAnnotation(Ignore.class)) == null) ? false : true;
    }

    public static boolean checkPermission(Token token, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, UrlPerm urlPerm) {
        String[] values;
        Logical logical;
        Method method = ((HandlerMethod) obj).getMethod();
        RequiresPermissions requiresPermissions = (RequiresPermissions) method.getAnnotation(RequiresPermissions.class);
        if (requiresPermissions == null) {
            requiresPermissions = (RequiresPermissions) method.getDeclaringClass().getAnnotation(RequiresPermissions.class);
        }
        if (requiresPermissions != null) {
            values = requiresPermissions.value();
            logical = requiresPermissions.logical();
        } else {
            if (urlPerm == null) {
                return true;
            }
            UrlPermResult permission = urlPerm.getPermission(httpServletRequest, httpServletResponse, (HandlerMethod) obj);
            values = permission.getValues();
            logical = permission.getLogical();
        }
        return SubjectUtil.hasPermission(token, values, logical);
    }

    public static boolean checkRole(Token token, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, UrlPerm urlPerm) {
        String[] values;
        Logical logical;
        Method method = ((HandlerMethod) obj).getMethod();
        RequiresRoles requiresRoles = (RequiresRoles) method.getAnnotation(RequiresRoles.class);
        if (requiresRoles == null) {
            requiresRoles = (RequiresRoles) method.getDeclaringClass().getAnnotation(RequiresRoles.class);
        }
        if (requiresRoles != null) {
            values = requiresRoles.value();
            logical = requiresRoles.logical();
        } else {
            if (urlPerm == null) {
                return true;
            }
            UrlPermResult roles = urlPerm.getRoles(httpServletRequest, httpServletResponse, (HandlerMethod) obj);
            values = roles.getValues();
            logical = roles.getLogical();
        }
        return SubjectUtil.hasRole(token, values, logical);
    }

    public static boolean isNoPermission(Token token, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, UrlPerm urlPerm) {
        return (checkPermission(token, httpServletRequest, httpServletResponse, obj, urlPerm) && checkRole(token, httpServletRequest, httpServletResponse, obj, urlPerm)) ? false : true;
    }

    public static void passOptions(HttpServletResponse httpServletResponse) {
        httpServletResponse.setStatus(200);
        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
        httpServletResponse.setHeader("Access-Control-Max-Age", "3600");
        httpServletResponse.setHeader("Access-Control-Allow-Headers", "Content-Type, x-requested-with, X-Custom-Header, Authorization");
    }

    public static String takeToken(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("access_token");
        if (parameter == null || parameter.trim().isEmpty()) {
            parameter = httpServletRequest.getHeader("Authorization");
            if (parameter != null && parameter.length() >= 7) {
                parameter = parameter.substring(7);
            }
        }
        return parameter;
    }
}
