package com.alibaba.csp.sentinel.dashboard.auth;

import com.alibaba.csp.sentinel.dashboard.auth.AuthService;
import com.alibaba.csp.sentinel.dashboard.domain.Result;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.method.HandlerMethod;

/* loaded from: input_file:BOOT-INF/classes/com/alibaba/csp/sentinel/dashboard/auth/DefaultAuthorizationInterceptor.class */
public class DefaultAuthorizationInterceptor implements AuthorizationInterceptor {
    private final AuthService<HttpServletRequest> authService;

    public DefaultAuthorizationInterceptor(AuthService<HttpServletRequest> authService) {
        this.authService = authService;
    }

    @Override // org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        AuthAction authAction;
        if (!obj.getClass().isAssignableFrom(HandlerMethod.class) || (authAction = (AuthAction) ((HandlerMethod) obj).getMethod().getAnnotation(AuthAction.class)) == null) {
            return true;
        }
        AuthService.AuthUser authUser = this.authService.getAuthUser(httpServletRequest);
        if (authUser == null) {
            responseNoPrivilegeMsg(httpServletResponse, authAction.message());
            return false;
        }
        if (authUser.authTarget(httpServletRequest.getParameter(authAction.targetName()), authAction.value())) {
            return true;
        }
        responseNoPrivilegeMsg(httpServletResponse, authAction.message());
        return false;
    }

    private void responseNoPrivilegeMsg(HttpServletResponse httpServletResponse, String str) throws IOException {
        Result ofFail = Result.ofFail(-1, str);
        httpServletResponse.addHeader("Content-Type", "application/json;charset=UTF-8");
        httpServletResponse.getOutputStream().write(JSON.toJSONBytes(ofFail, new SerializerFeature[0]));
    }
}
