package com.baomidou.kisso.web.interceptor;

import com.baomidou.kisso.SSOConfig;
import com.baomidou.kisso.SSOHelper;
import com.baomidou.kisso.SSOToken;
import com.baomidou.kisso.annotation.Action;
import com.baomidou.kisso.annotation.Permission;
import com.baomidou.kisso.common.shiro.SSOAuthToken;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.web.method.HandlerMethod;

/* loaded from: input_file:com/baomidou/kisso/web/interceptor/SSOShiroInterceptor.class */
public class SSOShiroInterceptor extends SSOPermissionInterceptor {
    private static final Logger logger = Logger.getLogger("SSOShiroInterceptor");

    @Override // com.baomidou.kisso.web.interceptor.SSOPermissionInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        SSOToken sSOToken;
        String requestURI;
        if (!(obj instanceof HandlerMethod) || (sSOToken = (SSOToken) SSOHelper.attrToken(httpServletRequest)) == null) {
            return true;
        }
        Subject subject = SecurityUtils.getSubject();
        Session session = subject.getSession(false);
        if (session != null) {
            session.touch();
        }
        if (!subject.isAuthenticated()) {
            subject.login(new SSOAuthToken(sSOToken));
            logger.fine(" shiro login success. ");
        }
        if (SSOConfig.getInstance().isPermissionUri() && ((requestURI = httpServletRequest.getRequestURI()) == null || subject.isPermitted(requestURI))) {
            return true;
        }
        Permission permission = (Permission) ((HandlerMethod) obj).getMethod().getAnnotation(Permission.class);
        if (permission != null) {
            if (permission.action() == Action.Skip) {
                return true;
            }
            if (!"".equals(permission.value()) && subject.isPermitted(permission.value())) {
                return true;
            }
        }
        return unauthorizedAccess(httpServletRequest, httpServletResponse);
    }
}
