package com.imcode.security.interceptors;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.PropertyNamingStrategy;
import com.imcode.entities.User;
import com.imcode.exceptions.factories.ErrorBuilder;
import com.imcode.services.PermissionService;
import com.imcode.utils.StaticUtls;
import java.io.IOException;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:com/imcode/security/interceptors/AccessApiInterceptor.class */
public class AccessApiInterceptor extends HandlerInterceptorAdapter {
    private final PermissionService permissionService;

    @Autowired
    public AccessApiInterceptor(PermissionService permissionService) {
        this.permissionService = permissionService;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        OAuth2Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        if (!(authentication instanceof OAuth2Authentication)) {
            httpServletResponse.setStatus(401);
            setErrorInResponse("Authorization without OAuth2 protocol.", httpServletResponse);
            return false;
        }
        OAuth2Authentication oAuth2Authentication = authentication;
        String clientId = oAuth2Authentication.getOAuth2Request().getClientId();
        Long l = (Long) ((User) oAuth2Authentication.getUserAuthentication().getPrincipal()).getId();
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        Boolean isPermitted = this.permissionService.isPermitted(clientId, l, Integer.valueOf(StaticUtls.getHashFrom(handlerMethod).intValue() + httpServletRequest.getRequestURI().replaceAll("/\\d+", "/{id}").replace("/json/", "/{format}/").replace("/xml/", "/{format}/").hashCode()));
        if (!Objects.isNull(isPermitted)) {
            return isPermitted.booleanValue();
        }
        httpServletResponse.setStatus(403);
        setErrorInResponse("Client and/or user haven't permission to access " + handlerMethod.getBeanType().getSimpleName().replace("RestControllerImpl", "") + "[" + handlerMethod.getMethod().getName() + "] method.", httpServletResponse);
        return false;
    }

    private void setErrorInResponse(String str, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.getOutputStream().print(new ObjectMapper().setPropertyNamingStrategy(PropertyNamingStrategy.CAMEL_CASE_TO_LOWER_CASE_WITH_UNDERSCORES).writeValueAsString(ErrorBuilder.buildSecurityException(str)));
    }
}
