package com.vortex.cloud.ccx.web.interceptor;

import com.vortex.cloud.ccx.dto.token.UserDTO;
import com.vortex.cloud.ccx.exception.CcxException;
import com.vortex.cloud.ccx.service.common.CcxApplication;
import com.vortex.cloud.ccx.service.common.InterceptorInitializer;
import com.vortex.cloud.ccx.service.user.IUserService;
import com.vortex.cloud.ccx.util.MsgConstants;
import com.vortex.cloud.ccx.util.StringUtil;
import com.vortex.cloud.ccx.util.TenantTokenUtil;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:com/vortex/cloud/ccx/web/interceptor/ApiInterceptor.class */
public class ApiInterceptor extends BaseInterceptor {

    @Value("${ccx.autoSyncToken:true}")
    private Boolean autoSyncToken;

    @Value("${ccx.forceAutoLogin:false}")
    private Boolean forceAutoLogin;

    @Resource
    private IUserService userService;

    @Override // com.vortex.cloud.ccx.web.interceptor.BaseInterceptor
    public boolean doPreHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        String token = TenantTokenUtil.getToken(httpServletRequest);
        if (this.log.isDebugEnabled()) {
            this.log.debug("Enter ApiInterceptor->preHandle, [token=" + token + ", uri=" + httpServletRequest.getRequestURI() + "]");
        }
        if (StringUtil.isEmpty(token)) {
            throw new CcxException(MsgConstants.EMPTY_TOKEN_CODE, MsgConstants.EMPTY_TOKEN_MSG);
        }
        UserDTO userByAccessToken = this.tokenService.getUserByAccessToken(token, CcxApplication.getClientNames());
        if (userByAccessToken == null) {
            String header = httpServletRequest.getHeader("tenantId");
            if (StringUtil.isBlank(header)) {
                header = httpServletRequest.getParameter("tenantId");
            }
            if (Boolean.TRUE.equals(this.forceAutoLogin) || StringUtil.isNotBlank(header)) {
                userByAccessToken = this.userService.systemCallAutoLogin(header, token);
            }
        }
        if (userByAccessToken == null && Boolean.TRUE.equals(this.autoSyncToken) && this.userService.autoLogin(token, CcxApplication.getClientName()) != null) {
            userByAccessToken = this.tokenService.getUserByAccessToken(token, CcxApplication.getClientName());
        }
        if (userByAccessToken == null) {
            throw new CcxException(MsgConstants.INVALID_TOKEN_CODE, MsgConstants.INVALID_TOKEN_MSG);
        }
        if (isRolePermit(httpServletRequest.getRequestURI(), userByAccessToken.getRole())) {
            return true;
        }
        throw new CcxException(MsgConstants.PERMISSION_DENIED_CODE, MsgConstants.PERMISSION_DENIED_MSG);
    }

    private boolean isRolePermit(String str, String str2) {
        return InterceptorInitializer.isRolePermit(str, str2);
    }
}
