package com.biz.eisp.mdm.interceptors;

import com.biz.eisp.base.common.constant.Globals;
import com.biz.eisp.base.common.util.ContextHolderUtils;
import com.biz.eisp.base.common.util.JsonUtil;
import com.biz.eisp.base.common.util.ResourceUtil;
import com.biz.eisp.base.common.util.StringUtil;
import com.biz.eisp.base.common.util.TokenUtil;
import com.biz.eisp.base.common.util.json.Head;
import com.biz.eisp.base.common.util.json.ResponseBean;
import com.biz.eisp.base.core.redis.cache.impl.RedisService;
import com.biz.eisp.mdm.function.service.MenuPermissionService;
import com.biz.eisp.mdm.position.service.TmPositionService;
import com.biz.eisp.mdm.user.entity.TmUserEntity;
import com.biz.eisp.mdm.user.service.TmUserService;
import com.biz.eisp.mdm.web.Oauth2Vo;
import com.biz.eisp.mdm.web.pojo.Client;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:com/biz/eisp/mdm/interceptors/AuthInterceptor.class */
public class AuthInterceptor implements HandlerInterceptor {
    private List<String> excludeUrls;

    @Autowired
    private MenuPermissionService menuPermissionService;

    @Autowired
    private TmUserService tmUserService;

    @Autowired(required = false)
    private RedisService redisService;

    @Autowired
    private TmPositionService tmPositionService;

    public List<String> getExcludeUrls() {
        return this.excludeUrls;
    }

    public void setExcludeUrls(List<String> list) {
        this.excludeUrls = list;
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
        String parameter = httpServletRequest.getParameter("clickFunctionId");
        if (StringUtil.isEmpty(parameter)) {
            parameter = httpServletRequest.getParameter(Globals.AccessEntry);
        }
        httpServletRequest.setAttribute(Globals.AccessEntry, parameter);
        httpServletRequest.setAttribute("pubVersion", ResourceUtil.getSysConfigProperty("pub_version"));
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        String requestPath = ResourceUtil.getRequestPath(httpServletRequest);
        String parameter = httpServletRequest.getParameter("phoneSend");
        String parameter2 = httpServletRequest.getParameter("posId");
        String parameter3 = httpServletRequest.getParameter(Globals.AuthUserId);
        String parameter4 = httpServletRequest.getParameter("subFlag");
        String parameter5 = httpServletRequest.getParameter("isLogin");
        String parameter6 = httpServletRequest.getParameter(TokenUtil.TOKEN_STRING_NAME);
        String parameter7 = httpServletRequest.getParameter("wx");
        String parameter8 = httpServletRequest.getParameter("wxopenid");
        HttpSession session = ContextHolderUtils.getSession();
        Client client = ResourceUtil.getClient();
        if (client == null) {
            client = ResourceUtil.getClient();
        }
        if (StringUtil.isNotEmpty(parameter) && parameter.equals(Globals.YES_EXPORT)) {
            String sysConfigProperty = ResourceUtil.getSysConfigProperty("need_token");
            if (StringUtils.isBlank(sysConfigProperty) || Globals.NO_EXPORT.equals(sysConfigProperty)) {
                if (!StringUtil.isNotEmpty(parameter3) || !StringUtil.isNotEmpty(parameter2) || Globals.OffLine.equalsIgnoreCase(parameter4) || Globals.phoneNoIntecepter.containsKey(requestPath) || this.tmPositionService.isMainPosition(parameter2) != 0) {
                    return true;
                }
                this.tmPositionService.updatePositionIsMain(parameter3, parameter2);
                return true;
            }
            session.setAttribute(TokenUtil.TOKEN_STRING_NAME, parameter6);
            if (Globals.OffLine.equalsIgnoreCase(parameter4)) {
                return true;
            }
            if (StringUtil.isNotEmpty(parameter5) && parameter5.equals(Globals.YES_EXPORT)) {
                return true;
            }
            if (StringUtils.isBlank(parameter6)) {
                valid(httpServletResponse);
                return false;
            }
            if (TokenUtil.isTokenStringValid(this.redisService, parameter6)) {
                return true;
            }
            valid(httpServletResponse);
            return false;
        }
        if (!StringUtils.isNotBlank(parameter7) || !parameter7.equals(Globals.YES_EXPORT)) {
            if (this.excludeUrls.contains(requestPath)) {
                return true;
            }
            if (client == null) {
                forward(httpServletRequest, httpServletResponse);
                return false;
            }
            if (client.getUser() == null) {
                forward(httpServletRequest, httpServletResponse);
                return false;
            }
            this.menuPermissionService.getDataRuleByRequest(httpServletRequest, this.menuPermissionService.getOperationsByRequest(httpServletRequest, client.getUser()));
            return true;
        }
        if (client == null) {
            httpServletResponse.sendRedirect("memberController.do?gologin&_requestPath=" + requestPath + "&code=" + httpServletRequest.getParameter("code") + "&wxopenid=" + parameter8);
            return false;
        }
        Oauth2Vo oau = client.getOau();
        if (oau == null) {
            httpServletResponse.sendRedirect("memberController.do?gologin&_requestPath=" + requestPath + "&code=" + httpServletRequest.getParameter("code") + "&wxopenid=" + parameter8);
            return false;
        }
        if (oau != null && StringUtils.isNotBlank(oau.getSapid()) && !checksap(oau.getSapid())) {
            httpServletResponse.sendRedirect("memberController.do?gologin&_requestPath=" + requestPath + "&opbind=1&bindid=" + oau.getSapid() + "&wxopenid=" + parameter8);
            return false;
        }
        if (oau == null || !StringUtils.isBlank(oau.getSapid())) {
            return true;
        }
        httpServletResponse.sendRedirect("memberController.do?gologin&_requestPath=" + requestPath + "&code=" + httpServletRequest.getParameter("code") + "&wxopenid=" + parameter8);
        return false;
    }

    private void valid(HttpServletResponse httpServletResponse) throws Exception {
        ResponseBean responseBean = new ResponseBean();
        Head head = new Head();
        head.setCode(106);
        head.setMessage("token失效!");
        responseBean.setHead(head);
        httpServletResponse.setContentType("application/json");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.print(JsonUtil.bean2json(responseBean));
        writer.flush();
    }

    public void noPermisson(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.sendRedirect("loginController.do?noPermisson");
    }

    @RequestMapping(params = {"forword"})
    public ModelAndView forword(HttpServletRequest httpServletRequest) {
        return new ModelAndView("redirect:/loginController.do?login");
    }

    private void forward(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletRequest.getRequestDispatcher("pages/login/timeout.jsp").forward(httpServletRequest, httpServletResponse);
    }

    public boolean checksap(String str) {
        boolean z = false;
        TmUserEntity tmUserEntity = (TmUserEntity) this.tmUserService.findUniqueByProperty(TmUserEntity.class, "userName", str);
        if (tmUserEntity != null && tmUserEntity.getEnableStatus() != null && Globals.ZERO.equals(tmUserEntity.getEnableStatus())) {
            z = true;
        }
        return z;
    }
}
