package com.walmart.aloha.auth.processor;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.TypeReference;
import com.alibaba.fastjson.parser.Feature;
import com.walmart.aloha.auth.config.AuthCheckConfig;
import com.walmart.aloha.auth.config.AuthHeadConfig;
import com.walmart.aloha.auth.feginclient.AuthServerGrayFeginClient;
import com.walmart.aloha.auth.feginclient.UserCenterFeginClient;
import com.walmart.aloha.auth.vo.AuthInfo;
import com.walmart.aloha.auth.whitelist.IWhiteList;
import com.walmart.aloha.canary.config.RuleInfo;
import com.walmart.aloha.canary.request.StrategyRequest;
import com.walmart.aloha.canary.request.StrategyRequestContext;
import com.walmart.aloha.canary.rule.AlohaCanary;
import com.walmart.aloha.common.constant.GlobalErrorInfoEnum;
import com.walmart.aloha.common.entity.ErrorCode;
import com.walmart.aloha.common.exception.ErrorInfoInterface;
import com.walmart.aloha.common.exception.GlobalErrorInfoException;
import com.walmart.aloha.common.http.ReqBody;
import com.walmart.aloha.common.http.RespBody;
import com.walmart.aloha.common.utils.JsonUtils;
import feign.RetryableException;
import java.util.HashMap;
import javax.annotation.Resource;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.MDC;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.util.Base64Utils;
import org.springframework.util.MultiValueMap;

/* loaded from: input_file:com/walmart/aloha/auth/processor/AuthProcessorImpl.class */
public class AuthProcessorImpl implements IAuthProcessor<ServerHttpRequest> {
    private static final String AUTHORIZATION = "Authorization";

    @Resource(name = "whiteList4File")
    private IWhiteList iWhiteList;
    private static final String X_FORWARDED_FOR = "X-Forwarded-For";

    @Autowired
    private UserCenterFeginClient userCenterFeginClient;

    @Autowired
    private AuthServerGrayFeginClient authServerGrayFeginClient;
    private static final Logger LOG = LoggerFactory.getLogger(AuthProcessorImpl.class);

    @Autowired
    private AuthHeadConfig authHeadConfig;

    @Autowired
    private AuthCheckConfig authCheckConfig;

    @Autowired
    private AlohaCanary alohaCanary;

    @Override // com.walmart.aloha.auth.processor.IAuthProcessor
    public void auth(ServerHttpRequest serverHttpRequest, String str) {
        if (this.iWhiteList.white(serverHttpRequest)) {
            return;
        }
        String rawPath = serverHttpRequest.getURI().getRawPath();
        ReqBody<AuthInfo> reqBody = new ReqBody<>();
        AuthInfo authInfo = new AuthInfo();
        authInfo.setMethod(serverHttpRequest.getMethodValue());
        authInfo.setUrl(rawPath);
        String first = serverHttpRequest.getHeaders().getFirst(AUTHORIZATION);
        authInfo.setToken(first != null ? JsonUtils.xpath(first, "token") : "");
        authInfo.setAccessToken(serverHttpRequest.getHeaders().getFirst("accessToken"));
        authInfo.setRefreshToken(serverHttpRequest.getHeaders().getFirst("refreshToken"));
        authInfo.setNameSpace(this.authCheckConfig.getNamespace());
        MultiValueMap headers = this.authHeadConfig.getHeaders();
        if (CollectionUtils.isNotEmpty(headers)) {
            HashMap hashMap = new HashMap();
            for (String str2 : headers) {
                if (StringUtils.isNotBlank(serverHttpRequest.getHeaders().getFirst(str2))) {
                    hashMap.put(str2, serverHttpRequest.getHeaders().getFirst(str2));
                }
            }
            authInfo.setExtMap(hashMap);
        }
        String appName = setAppName(serverHttpRequest, reqBody, str, authInfo);
        reqBody.setParam(authInfo);
        try {
            boolean z = true;
            if (!this.authCheckConfig.isSkipAuthCanary() && MapUtils.isNotEmpty(this.authCheckConfig.getRuleMap()) && this.authCheckConfig.getRuleMap().get(appName) != null) {
                RuleInfo ruleInfo = this.authCheckConfig.getRuleMap().get(appName);
                StrategyRequest.Builder headers2 = StrategyRequest.builder().consumerVersion("").consumerServiceId(ruleInfo.getAppName()).providerServiceId(ruleInfo.getAppName()).headers(headers);
                JSONObject parseObject = CollectionUtils.isNotEmpty(serverHttpRequest.getHeaders().get("clientInfo")) ? JSON.parseObject(new String(Base64Utils.decodeFromString((String) serverHttpRequest.getHeaders().get("clientInfo").get(0)))) : new HashMap();
                headers2.body(str);
                headers2.clientInfo(JSON.toJSONString(parseObject));
                headers2.path(serverHttpRequest.getURI().getRawPath());
                StrategyRequestContext.initHystrixRequestContext(headers2.build());
                if (this.alohaCanary.ruleInfo(parseObject, ruleInfo) != null) {
                    z = false;
                }
            }
            RespBody<Object> checkAuth = z ? this.userCenterFeginClient.checkAuth(MDC.get("traceId"), MDC.get("spanId"), reqBody) : this.authServerGrayFeginClient.checkAuth(MDC.get("traceId"), MDC.get("spanId"), reqBody);
            if (!checkAuth.getCode().equals("0")) {
                LOG.warn("Auth failed,user-center:{}.{},from ip {}", new Object[]{JSON.toJSON(reqBody), checkAuth, serverHttpRequest.getHeaders().getFirst(X_FORWARDED_FOR)});
                if ("-617".equals(checkAuth.getCode()) || "-914".equals(checkAuth.getCode())) {
                    throw new GlobalErrorInfoException(GlobalErrorInfoEnum.AUTH_USER_UNAUTH);
                }
                if (!"-909".equals(checkAuth.getCode()) || !this.authCheckConfig.isSkipFlag()) {
                    final RespBody<Object> respBody = checkAuth;
                    throw new GlobalErrorInfoException(new ErrorInfoInterface() { // from class: com.walmart.aloha.auth.processor.AuthProcessorImpl.1
                        public String getMessage() {
                            return respBody.getMessage();
                        }

                        public String getCode() {
                            return respBody.getCode();
                        }

                        public String getReturnCode() {
                            return respBody.getReturnCode();
                        }
                    });
                }
            }
        } catch (RetryableException e) {
            LOG.error("authProcessorImpl check auth  time out, {}", JsonUtils.object2Str(new ErrorCode("-26", "Read Timeout", "99990202")), e);
        }
    }

    private String setAppName(ServerHttpRequest serverHttpRequest, ReqBody<AuthInfo> reqBody, String str, AuthInfo authInfo) {
        Object obj;
        String first = serverHttpRequest.getHeaders().getFirst("clientInfo");
        String str2 = null;
        if ((MediaType.APPLICATION_JSON.equals(serverHttpRequest.getHeaders().getContentType()) || MediaType.APPLICATION_JSON_UTF8.equals(serverHttpRequest.getHeaders().getContentType())) && JSONObject.isValidObject(str) && !JSONObject.isValidArray(str)) {
            ReqBody reqBody2 = (ReqBody) JSONObject.parseObject(str, new TypeReference<ReqBody<Object>>() { // from class: com.walmart.aloha.auth.processor.AuthProcessorImpl.2
            }, new Feature[0]);
            BeanUtils.copyProperties(reqBody2, reqBody);
            str2 = reqBody2.getAppName() == null ? null : reqBody2.getAppName();
            str = JSON.toJSONString(reqBody2.getParam());
        }
        if (StringUtils.isBlank(str2) && StringUtils.isNotBlank(first) && (obj = JSON.parseObject(new String(Base64Utils.decodeFromString(first))).get("clientType")) != null) {
            str2 = String.valueOf(obj);
        }
        if (StringUtils.isBlank(str2) && StringUtils.isNotBlank(serverHttpRequest.getHeaders().getFirst("alohaAppName"))) {
            str2 = serverHttpRequest.getHeaders().getFirst("alohaAppName");
        }
        if (StringUtils.isBlank(str2)) {
            str2 = "noAppName";
        }
        reqBody.setAppName(str2);
        authInfo.setParam(str);
        return str2;
    }
}
