package com.itmuch.lightsecurity.jwt;

import com.itmuch.lightsecurity.constants.ConstantsSecurity;
import com.itmuch.lightsecurity.exception.LightSecurityException;
import io.jsonwebtoken.Claims;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:com/itmuch/lightsecurity/jwt/UserOperator.class */
public class UserOperator {
    private static final Logger log = LoggerFactory.getLogger(UserOperator.class);
    private static final String LIGHT_SECURITY_REQ_ATTR_USER = "light-security-user";
    private static final int SEVEN = 7;
    private final JwtOperator jwtOperator;

    public User getUser() {
        try {
            HttpServletRequest request = getRequest();
            String tokenFromRequest = getTokenFromRequest(request);
            if (!this.jwtOperator.validateToken(tokenFromRequest).booleanValue()) {
                return null;
            }
            Object attribute = request.getAttribute(LIGHT_SECURITY_REQ_ATTR_USER);
            if (attribute != null) {
                return (User) attribute;
            }
            User userFromToken = getUserFromToken(tokenFromRequest);
            request.setAttribute(LIGHT_SECURITY_REQ_ATTR_USER, userFromToken);
            return userFromToken;
        } catch (Exception e) {
            log.info("发生异常", e);
            throw new LightSecurityException(e);
        }
    }

    private User getUserFromToken(String str) {
        Claims claimsFromToken = this.jwtOperator.getClaimsFromToken(str);
        Object obj = claimsFromToken.get(JwtOperator.ROLES);
        return User.builder().id((Integer) claimsFromToken.get(JwtOperator.USER_ID)).username((String) claimsFromToken.get(JwtOperator.USERNAME)).roles((List) obj).build();
    }

    private String getTokenFromRequest(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(ConstantsSecurity.AUTHORIZATION_HEADER);
        if (StringUtils.isEmpty(header)) {
            throw new LightSecurityException("没有找到名为Authorization的header");
        }
        if (!header.startsWith(ConstantsSecurity.BEARER)) {
            throw new LightSecurityException("token必须以'Bearer '开头");
        }
        if (header.length() <= SEVEN) {
            throw new LightSecurityException("token非法，长度 <= 7");
        }
        return header.substring(SEVEN);
    }

    private static HttpServletRequest getRequest() {
        ServletRequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        if (requestAttributes == null) {
            throw new LightSecurityException("requestAttributes为null");
        }
        return requestAttributes.getRequest();
    }

    public UserOperator(JwtOperator jwtOperator) {
        this.jwtOperator = jwtOperator;
    }
}
