package biz.devstack.springframework.boot.config.security;

import biz.devstack.springframework.boot.exception.RestException;
import jakarta.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;

/* loaded from: input_file:biz/devstack/springframework/boot/config/security/AuthorizationService.class */
public abstract class AuthorizationService extends TokenService {

    @Value("${app.apiKeyHeader:x-api-key}")
    protected String apiKeyHeader;

    @Value("${app.apiKey:2eafd6c5-0087-4def-bdf1-df09014abc7d}")
    protected String apiKey;

    @Autowired
    private PasswordEncoder passwordEncoder;

    public void hasApiKey(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.apiKeyHeader);
        if (StringUtils.isEmpty(header)) {
            throw RestException.unauthorized("Require an API key");
        }
        if (!header.equals(this.apiKey)) {
            throw RestException.forbidden("API key is invalid");
        }
    }

    public void hasAuthority(String str) {
        if (!getCurrentAuthorities().contains(str)) {
            throw RestException.forbidden("You don't have permission to access this resource");
        }
    }

    public String authenticate(String str, String str2) {
        UserDetails loadUserByLoginId = loadUserByLoginId(str);
        if (!loadUserByLoginId.isEnabled()) {
            throw RestException.badRequest("Your account is not activated yet");
        }
        if (this.passwordEncoder.matches(str2, loadUserByLoginId.getPassword())) {
            return generateJwtToken(loadUserByLoginId.getLoginId(), loadUserByLoginId.getRole());
        }
        throw RestException.badRequest("Username or password doesn't match");
    }

    public Map<String, Object> getCurrentUserProfile() {
        String authenticationPrincipal = getAuthenticationPrincipal(true);
        List<String> currentAuthorities = getCurrentAuthorities();
        HashMap hashMap = new HashMap();
        hashMap.put("loginId", authenticationPrincipal);
        hashMap.put("authorities", currentAuthorities);
        return hashMap;
    }

    private List<String> getCurrentAuthorities() {
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (authentication instanceof UsernamePasswordAuthenticationToken) {
            return (List) authentication.getAuthorities().stream().map((v0) -> {
                return v0.getAuthority();
            }).collect(Collectors.toList());
        }
        throw RestException.unauthorized();
    }

    protected abstract UserDetails loadUserByLoginId(String str);
}
