package com.jeesuite.springweb.interceptor;

import com.jeesuite.common.ThreadLocalContext;
import com.jeesuite.common.util.PathMatcher;
import com.jeesuite.common.util.ResourceUtils;
import com.jeesuite.common.util.TokenGenerator;
import com.jeesuite.springweb.CurrentRuntimeContext;
import com.jeesuite.springweb.WebConstants;
import com.jeesuite.springweb.annotation.ApiMetadata;
import com.jeesuite.springweb.exception.ForbiddenAccessException;
import com.jeesuite.springweb.utils.IpUtils;
import com.jeesuite.springweb.utils.WebUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

/* loaded from: input_file:com/jeesuite/springweb/interceptor/GlobalDefaultInterceptor.class */
public class GlobalDefaultInterceptor implements HandlerInterceptor {
    private static Logger log = LoggerFactory.getLogger("com.jeesuite.springweb");
    private static final String INTERNAL_LIMIT_EXECLUDE_IPS_PROP_NAME = "internalLimit.exclude-ips";
    private String env = ResourceUtils.getProperty("jeesuite.configcenter.profile", "dev");
    private boolean isDevEnv = "dev|local".contains(this.env);
    private boolean authTokenCheckDisabled = ResourceUtils.getBoolean("authtoken.check.disabled", this.isDevEnv);
    private PathMatcher authtokenCheckIgnoreUriMather = new PathMatcher("", ResourceUtils.getProperty("authtoken.check.ignore.uris"));

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        ApiMetadata apiMetadata;
        CurrentRuntimeContext.init(httpServletRequest, httpServletResponse);
        if (!this.authTokenCheckDisabled) {
            if (!this.authtokenCheckIgnoreUriMather.match(httpServletRequest.getRequestURI())) {
                TokenGenerator.validate(httpServletRequest.getHeader(WebConstants.HEADER_AUTH_TOKEN), true);
            }
        }
        if (!(obj instanceof HandlerMethod) || (apiMetadata = (ApiMetadata) ((HandlerMethod) obj).getMethod().getAnnotation(ApiMetadata.class)) == null) {
            return true;
        }
        if (!this.isDevEnv && apiMetadata.IntranetAccessOnly() && !WebUtils.isInternalRequest(httpServletRequest) && !ResourceUtils.getProperty(INTERNAL_LIMIT_EXECLUDE_IPS_PROP_NAME, "").contains(IpUtils.getinvokerIpAddr(httpServletRequest))) {
            httpServletResponse.setStatus(403);
            throw new ForbiddenAccessException();
        }
        if (!apiMetadata.responseKeep()) {
            return true;
        }
        httpServletResponse.addHeader(WebConstants.HEADER_RESP_KEEP, Boolean.TRUE.toString());
        return true;
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        ThreadLocalContext.unset();
    }
}
