package com.ites.sso.interceptor;

import com.fasterxml.jackson.databind.json.JsonMapper;
import com.ites.sso.annotation.ExculdeAnnotationUtil;
import com.ites.sso.properties.SsoProperties;
import com.joneying.common.redis.RedisManager;
import com.joneying.common.session.Session;
import com.joneying.common.web.response.RespBulider;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.servlet.HandlerInterceptor;

@Component
/* loaded from: input_file:com/ites/sso/interceptor/TestInterceptor.class */
public class TestInterceptor implements HandlerInterceptor {

    @Resource
    private RedisManager redisManager;
    private JsonMapper jsonMapper = new JsonMapper();

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if ("OPTIONS".equals(httpServletRequest.getMethod()) || ExculdeAnnotationUtil.hasExculdeLoginAnnotation(obj)) {
            return true;
        }
        String header = httpServletRequest.getHeader("Access-Token");
        if (header == null) {
            header = httpServletRequest.getParameter("Access-Token");
            if (header == null) {
                return false;
            }
        }
        Session session = (Session) this.redisManager.get(header);
        if (session == null) {
            return SsoProperties.USER.equals(httpServletRequest.getRequestURI().replaceFirst(httpServletRequest.getContextPath(), ""));
        }
        if (com.joneying.common.annotation.ExculdeAnnotationUtil.hasExculdeSecurityAnnotation(obj)) {
            return true;
        }
        String requestURI = httpServletRequest.getRequestURI();
        for (String str : session.getAuths()) {
            if (!StringUtils.isEmpty(str) && str.indexOf(requestURI) > -1) {
                return true;
            }
        }
        httpServletResponse.getOutputStream().write(this.jsonMapper.writeValueAsString(RespBulider.failure("700", "当前用户没有操作权限.")).getBytes("utf-8"));
        return false;
    }
}
