package org.apache.shenyu.admin.shiro.config;

import java.util.Set;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shenyu.admin.model.custom.UserInfo;
import org.apache.shenyu.admin.model.vo.DashboardUserVO;
import org.apache.shenyu.admin.service.DashboardUserService;
import org.apache.shenyu.admin.service.PermissionService;
import org.apache.shenyu.admin.shiro.bean.StatelessToken;
import org.apache.shenyu.admin.utils.JwtUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.stereotype.Service;

@Service("shiroRealm")
/* loaded from: input_file:org/apache/shenyu/admin/shiro/config/ShiroRealm.class */
public class ShiroRealm extends AuthorizingRealm {
    private final PermissionService permissionService;
    private final DashboardUserService dashboardUserService;

    public ShiroRealm(PermissionService permissionService, DashboardUserService dashboardUserService) {
        this.permissionService = permissionService;
        this.dashboardUserService = dashboardUserService;
    }

    public boolean supports(AuthenticationToken authenticationToken) {
        return authenticationToken instanceof StatelessToken;
    }

    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Set<String> authPermByUserName = this.permissionService.getAuthPermByUserName(((UserInfo) principalCollection.getPrimaryPrincipal()).getUserName());
        if (CollectionUtils.isEmpty(authPermByUserName)) {
            return null;
        }
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setStringPermissions(authPermByUserName);
        return simpleAuthorizationInfo;
    }

    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) {
        String str = (String) authenticationToken.getCredentials();
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        String issuer = JwtUtils.getIssuer(str);
        if (StringUtils.isEmpty(issuer)) {
            throw new AuthenticationException("userName is null");
        }
        DashboardUserVO findByUserName = this.dashboardUserService.findByUserName(issuer);
        if (findByUserName == null) {
            throw new AuthenticationException(String.format("userName(%s) can not be found.", issuer));
        }
        if (JwtUtils.verifyToken(str, findByUserName.getPassword())) {
            return new SimpleAuthenticationInfo(UserInfo.builder().userName(issuer).userId(findByUserName.getId()).build(), str, getName());
        }
        throw new AuthenticationException("token is error.");
    }
}
