package biz.devstack.springframework.boot.annotation;

import biz.devstack.springframework.boot.exception.RestException;
import java.util.List;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;

@Aspect
@Component
/* loaded from: input_file:biz/devstack/springframework/boot/annotation/AnnotationProcessor.class */
public class AnnotationProcessor {

    @Value("${app.apiKeyHeader:x-api-key}")
    protected String apiKeyHeader;

    @Value("${app.apiKey:2eafd6c5-0087-4def-bdf1-df09014abc7d}")
    protected String apiKey;

    @Before("@annotation(biz.devstack.springframework.boot.annotation.RequiresApiKey)")
    public void requiresApiKey() throws Throwable {
        String header = RequestContextHolder.currentRequestAttributes().getRequest().getHeader(this.apiKeyHeader);
        if (StringUtils.isEmpty(header)) {
            throw RestException.unauthorized("Require an API key!");
        }
        if (!header.equals(this.apiKey)) {
            throw RestException.forbidden("API key is invalid!");
        }
    }

    @Before("@annotation(biz.devstack.springframework.boot.annotation.HasAuthority)")
    public void hasAuthority(JoinPoint joinPoint) throws Throwable {
        if (!getCurrentAuthorities().contains(((HasAuthority) joinPoint.getSignature().getMethod().getAnnotation(HasAuthority.class)).value())) {
            throw RestException.forbidden("You don't have permission to access this resource!");
        }
    }

    private List<String> getCurrentAuthorities() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            return (List) authentication.getAuthorities().stream().map((v0) -> {
                return v0.getAuthority();
            }).collect(Collectors.toList());
        }
        throw RestException.unauthorized();
    }
}
