package com.hk.ec.fw.web.permission;

import com.hk.ec.fw.utils.WildcardUtils;
import java.util.Iterator;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:com/hk/ec/fw/web/permission/SecurityInterceptor.class */
public class SecurityInterceptor extends HandlerInterceptorAdapter {
    private static final Logger LOG = LoggerFactory.getLogger(SecurityInterceptor.class);
    private List<String> excludedUrls;
    private boolean debug = false;
    private String loginUrl = "login.html";
    private boolean redirectLoginMode = true;
    private String sessionUserKey = "loginUser";
    private Authenticator authentication = new SimpleAuthentication();
    private String noAccessUrl = "/noAccess.html";

    public void setRedirectLoginMode(boolean z) {
        this.redirectLoginMode = z;
    }

    public void setLoginUrl(String str) {
        this.loginUrl = str;
    }

    public void setSessionUserKey(String str) {
        this.sessionUserKey = str;
    }

    public void setExcludedUrls(List<String> list) {
        this.excludedUrls = list;
    }

    public void setDebug(boolean z) {
        this.debug = z;
    }

    public void setNoAccessUrl(String str) {
        this.noAccessUrl = str;
    }

    public void setAuthentication(Authenticator authenticator) {
        this.authentication = authenticator;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        HttpSession session = httpServletRequest.getSession();
        if (this.debug) {
            return super.preHandle(httpServletRequest, httpServletResponse, obj);
        }
        String requestURI = httpServletRequest.getRequestURI();
        String substring = requestURI.substring(httpServletRequest.getContextPath().length());
        if (this.excludedUrls != null) {
            Iterator<String> it = this.excludedUrls.iterator();
            while (it.hasNext()) {
                if (WildcardUtils.match(substring, it.next())) {
                    return super.preHandle(httpServletRequest, httpServletResponse, obj);
                }
            }
        }
        if (session == null || session.getAttribute(this.sessionUserKey) == null) {
            LOG.debug("用户未成功登录系统");
            if (this.redirectLoginMode) {
                httpServletResponse.getWriter().write("<script language=javascript>top.location.href='" + httpServletRequest.getContextPath() + this.loginUrl + "';</script>");
                return false;
            }
            httpServletResponse.getWriter().write("{\"errCode\":201,\"message\":\"Not logged in\"}");
            return false;
        }
        if (requestURI.contains(this.noAccessUrl)) {
            return super.preHandle(httpServletRequest, httpServletResponse, obj);
        }
        WebUser webUser = (WebUser) session.getAttribute(this.sessionUserKey);
        if (this.authentication == null || this.authentication.isPermitted(substring, webUser)) {
            LOG.debug("成功登录，并有权访问请求页面");
            return super.preHandle(httpServletRequest, httpServletResponse, obj);
        }
        LOG.debug("重定向到不可访问的提示页面");
        if (this.redirectLoginMode) {
            httpServletRequest.getRequestDispatcher(this.noAccessUrl).forward(httpServletRequest, httpServletResponse);
            return false;
        }
        httpServletResponse.getWriter().write("{\"errCode\":202,\"message\":\"No permissions\"}");
        return false;
    }
}
