package io.buildrun.security.access;

import io.choerodon.core.annotation.Permission;
import io.choerodon.core.helper.ApplicationContextHelper;
import io.choerodon.core.oauth.CustomUserDetails;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeansException;
import org.springframework.core.annotation.AnnotatedElementUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;

/* loaded from: input_file:io/buildrun/security/access/AccessChecker.class */
public class AccessChecker {
    public static final String HEADER_BEARER = "Bearer";
    private static final Logger LOGGER = LoggerFactory.getLogger(AccessChecker.class);
    private final Set<RequestMappingInfo> requestMappingInfos = new HashSet();
    private RequestMappingHandlerMapping handlerMapping;

    public AccessChecker(RequestMappingHandlerMapping requestMappingHandlerMapping) {
        this.handlerMapping = requestMappingHandlerMapping;
    }

    public boolean check(HttpServletRequest httpServletRequest) {
        Iterator<RequestMappingInfo> it = this.requestMappingInfos.iterator();
        while (it.hasNext()) {
            if (it.next().getMatchingCondition(httpServletRequest) != null) {
                return true;
            }
        }
        String header = httpServletRequest.getHeader("Authorization");
        if (header == null) {
            LOGGER.error("No Jwt token in request:{}", httpServletRequest.getRequestURI());
            LOGGER.debug("Clearing security context.");
            SecurityContextHolder.clearContext();
            return false;
        }
        CustomUserDetails jwtToUser = ApplicationContextHelper.getInstance().getUserDetailJWTHelper().jwtToUser(header.substring(HEADER_BEARER.length()).trim());
        if (jwtToUser != null) {
            ApplicationContextHelper.getInstance().login(jwtToUser);
            return true;
        }
        SecurityContextHolder.clearContext();
        LOGGER.error("Authentication request failed");
        return false;
    }

    @PostConstruct
    public void initPublicPermission() throws BeansException {
        for (Map.Entry entry : this.handlerMapping.getHandlerMethods().entrySet()) {
            HandlerMethod handlerMethod = (HandlerMethod) entry.getValue();
            RequestMappingInfo requestMappingInfo = (RequestMappingInfo) entry.getKey();
            Method method = handlerMethod.getMethod();
            if (method.isAnnotationPresent(Permission.class) && AnnotatedElementUtils.findMergedAnnotation(method, Permission.class).permissionPublic()) {
                this.requestMappingInfos.add(requestMappingInfo);
            }
        }
    }
}
