package org.zodiac.security.http.servlet.interceptor;

import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.NonNull;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import org.zodiac.commons.util.serialize.JsonUtil;
import org.zodiac.commons.util.web.ServletRequests;
import org.zodiac.sdk.toolkit.http.SimpleHttpMethod;
import org.zodiac.security.constants.SecurityConstants;
import org.zodiac.security.http.BasicSecure;
import org.zodiac.security.http.servlet.ServletResponseProvider;
import org.zodiac.security.util.SecurityServletAuthUtil;

/* loaded from: input_file:org/zodiac/security/http/servlet/interceptor/BasicInterceptor.class */
public class BasicInterceptor extends HandlerInterceptorAdapter {
    private static final Logger LOG = LoggerFactory.getLogger(BasicInterceptor.class);
    private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher();
    private final List<BasicSecure> basicSecures;

    public BasicInterceptor(List<BasicSecure> list) {
        this.basicSecures = list;
    }

    public boolean preHandle(@NonNull HttpServletRequest httpServletRequest, @NonNull HttpServletResponse httpServletResponse, @NonNull Object obj) {
        if (((Boolean) this.basicSecures.stream().filter(basicSecure -> {
            return checkAuth(httpServletRequest, basicSecure);
        }).findFirst().map(basicSecure2 -> {
            return Boolean.valueOf(checkBasic(basicSecure2.getUsername(), basicSecure2.getPassword()));
        }).orElse(true)).booleanValue()) {
            return true;
        }
        LOG.warn("授权认证失败，请求接口：{}，请求IP：{}，请求参数：{}", new Object[]{httpServletRequest.getRequestURI(), ServletRequests.getRequestIpAddress(httpServletRequest), JsonUtil.objectToJson(httpServletRequest.getParameterMap())});
        httpServletResponse.setHeader("WWW-Authenticate", SecurityConstants.BASIC_REALM_HEADER_VALUE);
        ServletResponseProvider.write(httpServletResponse);
        return false;
    }

    private boolean checkAuth(HttpServletRequest httpServletRequest, BasicSecure basicSecure) {
        return checkMethod(httpServletRequest, basicSecure.getMethod()) && checkPath(httpServletRequest, basicSecure.getPattern());
    }

    private boolean checkMethod(HttpServletRequest httpServletRequest, SimpleHttpMethod simpleHttpMethod) {
        return simpleHttpMethod == SimpleHttpMethod.ALL || (simpleHttpMethod != null && simpleHttpMethod == SimpleHttpMethod.of(httpServletRequest.getMethod()));
    }

    private boolean checkPath(HttpServletRequest httpServletRequest, String str) {
        String servletPath = httpServletRequest.getServletPath();
        String pathInfo = httpServletRequest.getPathInfo();
        if (pathInfo != null && pathInfo.length() > 0) {
            servletPath = servletPath + pathInfo;
        }
        return ANT_PATH_MATCHER.match(str, servletPath);
    }

    private boolean checkBasic(String str, String str2) {
        try {
            String[] extractAndDecodeHeader = SecurityServletAuthUtil.extractAndDecodeHeader();
            if (str.equals(extractAndDecodeHeader[0])) {
                if (str2.equals(extractAndDecodeHeader[1])) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            LOG.warn("授权认证失败，错误信息：{}", e.getMessage());
            return false;
        }
    }
}
