package com.xforceplus.delivery.cloud.security.customizer;

import com.xforceplus.delivery.cloud.common.api.ResultCode;
import com.xforceplus.delivery.cloud.common.api.ViewResult;
import com.xforceplus.delivery.cloud.common.util.JsonUtils;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.common.exceptions.InvalidTokenException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;

/* loaded from: input_file:com/xforceplus/delivery/cloud/security/customizer/ExceptionHandlingCustomizer.class */
public class ExceptionHandlingCustomizer implements Customizer<HttpSecurity>, AuthenticationEntryPoint, AccessDeniedHandler {
    private static final Logger log = LoggerFactory.getLogger(ExceptionHandlingCustomizer.class);

    public void customize(HttpSecurity httpSecurity) {
        httpSecurity.exceptionHandling(this::customize);
    }

    protected void customize(ExceptionHandlingConfigurer<HttpSecurity> exceptionHandlingConfigurer) {
        exceptionHandlingConfigurer.authenticationEntryPoint(this).accessDeniedHandler(this);
    }

    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
        Throwable cause = authenticationException.getCause();
        if (cause instanceof InvalidTokenException) {
            log.error("ExceptionHandlingInvalidTokenException : {}", cause.getMessage());
            output(httpServletRequest, httpServletResponse, authenticationException, ViewResult.of(ResultCode.JWT_TOKEN_EXPIRED));
        } else {
            log.debug("ExceptionHandlingAuthenticationException : NoAuthentication");
            output(httpServletRequest, httpServletResponse, authenticationException, ViewResult.unauthorized());
        }
    }

    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        output(httpServletRequest, httpServletResponse, accessDeniedException, ViewResult.forbidden());
    }

    protected void output(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Exception exc, ViewResult<String> viewResult) throws IOException {
        httpServletResponse.setCharacterEncoding(StandardCharsets.UTF_8.name());
        httpServletResponse.setContentType("application/json");
        viewResult.setData(exc.getLocalizedMessage());
        httpServletResponse.getWriter().println(JsonUtils.toJson(viewResult));
        httpServletResponse.getWriter().flush();
    }
}
