package com.jzt.jk.hujing.erp.common.annotation;

import cn.hutool.core.util.StrUtil;
import com.jzt.jk.hujing.erp.common.response.ApiBasicResult;
import com.jzt.jk.hujing.erp.services.AuthorizationService;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

@Component
/* loaded from: input_file:com/jzt/jk/hujing/erp/common/annotation/AuthInterceptor.class */
public class AuthInterceptor implements HandlerInterceptor {

    @Autowired
    private AuthorizationService authorizationService;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        AuthRequired authRequired = (AuthRequired) handlerMethod.getMethod().getAnnotation(AuthRequired.class);
        if (authRequired == null) {
            authRequired = (AuthRequired) handlerMethod.getBeanType().getAnnotation(AuthRequired.class);
        }
        if (authRequired == null || !authRequired.required()) {
            return true;
        }
        String header = httpServletRequest.getHeader("appKey");
        String header2 = httpServletRequest.getHeader("accessToken");
        if (StrUtil.isBlank(header) || StrUtil.isBlank(header2)) {
            httpServletResponse.setStatus(ApiBasicResult.CODE_LOGOUT);
            httpServletResponse.setContentType("application/json;charset=UTF-8");
            httpServletResponse.getWriter().write("{\"code\":401,\"message\":\"未提供访问令牌\"}");
            return false;
        }
        if (this.authorizationService.validateToken(header, header2)) {
            return true;
        }
        httpServletResponse.setStatus(ApiBasicResult.CODE_LOGOUT);
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.getWriter().write("{\"code\":4000,\"message\":\"无效或过期的访问令牌\"}");
        return false;
    }
}
