package com.ai.bss.iot.auth;

import com.ai.abc.core.session.SessionManager;
import com.ai.bss.iot.auth.constant.IotAuthConsts;
import com.ai.bss.iot.auth.exception.IllegalUserAccessException;
import com.ai.bss.iot.auth.osp.OspUspaStaffIdMappingManager;
import com.ai.bss.iot.auth.util.HttpServletRequestUtils;
import com.ai.bss.iot.auth.white.list.AuthWhiteListManager;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;

@ConditionalOnProperty(name = {"auth.north.http-servlet-request.handler.enable"}, havingValue = "true", matchIfMissing = true)
@Component
/* loaded from: input_file:com/ai/bss/iot/auth/NorthHttpServletRequestHandler.class */
public class NorthHttpServletRequestHandler extends HttpServletRequestHandler {
    private static final Logger log = LoggerFactory.getLogger(NorthHttpServletRequestHandler.class);

    @Autowired
    AuthWhiteListManager authWhiteListManager;

    @Autowired
    OspUspaStaffIdMappingManager ospUspaStaffIdMappingManager;

    @Autowired
    SsoRedisManager ssoRedisManager;

    @Override // com.ai.bss.iot.auth.HttpServletRequestHandler
    public void handleRequest(HttpServletRequest httpServletRequest) {
        List<String> authWhiteLists = this.authWhiteListManager.getAuthWhiteLists();
        if (CollectionUtils.isEmpty(authWhiteLists) || !authWhiteLists.contains(HttpServletRequestUtils.getIpAddress(httpServletRequest))) {
            if (getSuccessor() == null) {
                throw new IllegalUserAccessException(IotAuthConsts.EXCEPTION_CODE_ILLEGAL_ACCESS, "非法用户访问");
            }
            getSuccessor().handleRequest(httpServletRequest);
        } else {
            String resolveStaffId = resolveStaffId(httpServletRequest);
            if (StringUtils.isEmpty(resolveStaffId)) {
                throw new IllegalUserAccessException(IotAuthConsts.EXCEPTION_CODE_ILLEGAL_ACCESS, "非法用户访问");
            }
            SessionManager.getInstance().createSession(resolveStaffId);
        }
    }

    private String resolveStaffId(HttpServletRequest httpServletRequest) {
        String staffId = HttpServletRequestUtils.getStaffId(httpServletRequest);
        return StringUtils.isEmpty(staffId) ? this.ospUspaStaffIdMappingManager.getStaffId(HttpServletRequestUtils.getApplicationId(httpServletRequest)) : staffId;
    }
}
