package cn.com.do1.common.framebase.struts;

import cn.com.do1.common.annotation.struts.ActionRoles;
import cn.com.do1.common.annotation.struts.JSONOut;
import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.ActionProxy;
import com.opensymphony.xwork2.interceptor.AbstractInterceptor;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import org.apache.log4j.Logger;
import org.apache.struts2.ServletActionContext;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;

/* loaded from: classes.dex */
public class SpringSecurityInterceptor extends AbstractInterceptor {
    static Logger logger = Logger.getLogger(SpringSecurityInterceptor.class);
    private static final long serialVersionUID = 1;
    private String accessDeniedPage;
    private String erroPage;
    private String loginPage;

    private String doErrorProc(BaseAction baseAction, String str, String str2, String str3) {
        HttpServletRequest request = ServletActionContext.getRequest();
        String header = request.getHeader("X-Requested-With");
        if (header == null || !header.contains("XMLHttpRequest")) {
            try {
                ServletActionContext.getResponse().sendRedirect(request.getContextPath() + str3);
            } catch (IOException e) {
                logger.error(e.getMessage(), e);
            }
        } else {
            baseAction.setActionResult(str, str2);
            baseAction.doJsonOut();
        }
        return null;
    }

    private BaseAction getAction(ActionInvocation actionInvocation) {
        return (BaseAction) actionInvocation.getAction();
    }

    private ActionRoles getActionRole(ActionInvocation actionInvocation) throws Exception {
        ActionProxy proxy = actionInvocation.getProxy();
        Object action = proxy.getAction();
        return (ActionRoles) action.getClass().getMethod(proxy.getMethod(), new Class[0]).getAnnotation(ActionRoles.class);
    }

    private String getPath() {
        return (String) ActionContext.getContext().getSession().get("SAVED_SERVLET_PATH");
    }

    private UserDetails getUserDetails() {
        try {
            return (UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        } catch (Exception e) {
            return null;
        }
    }

    private boolean isAccessable(Collection<? extends GrantedAuthority> collection, String[] strArr) {
        ArrayList arrayList = new ArrayList();
        Iterator<? extends GrantedAuthority> it = collection.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getAuthority());
        }
        for (String str : strArr) {
            if (!arrayList.contains(str)) {
                return false;
            }
        }
        return true;
    }

    private void putPath() {
        ActionContext.getContext().getSession().put("SAVED_SERVLET_PATH", ServletActionContext.getRequest().getServletPath());
    }

    private void removePath() {
        ActionContext.getContext().getSession().remove("SAVED_SERVLET_PATH");
    }

    public String intercept(ActionInvocation actionInvocation) throws Exception {
        String doErrorProc;
        ActionRoles actionRole = getActionRole(actionInvocation);
        UserDetails userDetails = getUserDetails();
        BaseAction action = getAction(actionInvocation);
        String path = getPath();
        try {
            if (path != null && userDetails != null) {
                removePath();
                doErrorProc = "!" + ((Object) path);
            } else if (actionRole == null) {
                doErrorProc = actionInvocation.invoke();
            } else if (userDetails == null) {
                putPath();
                doErrorProc = doErrorProc(action, "800000003", "登录超时", this.loginPage);
            } else {
                doErrorProc = !isAccessable(userDetails.getAuthorities(), actionRole.value()) ? doErrorProc(action, "800000001", "没有权限", this.accessDeniedPage) : actionInvocation.invoke();
            }
            return doErrorProc;
        } catch (Exception e) {
            if (((JSONOut) actionInvocation.getAction().getClass().getDeclaredMethod(actionInvocation.getProxy().getMethod(), new Class[0]).getAnnotation(JSONOut.class)) != null) {
                throw e;
            }
            logger.error(e.getMessage(), e);
            doErrorProc(new BaseAction(), "999999999", "请求处理过程中发生错误！", this.erroPage);
            return null;
        }
    }

    public void setAccessDeniedPage(String str) {
        this.accessDeniedPage = str;
    }

    public void setLoginPage(String str) {
        this.loginPage = str;
    }
}
