package top.dcenter.ums.security.core.auth.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.support.GenericApplicationContext;
import org.springframework.http.HttpStatus;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;
import top.dcenter.ums.security.common.enums.ErrorCodeEnum;
import top.dcenter.ums.security.common.enums.LoginProcessType;
import top.dcenter.ums.security.common.utils.IpUtil;
import top.dcenter.ums.security.common.utils.ReflectionUtil;
import top.dcenter.ums.security.core.auth.properties.ClientProperties;
import top.dcenter.ums.security.core.exception.IllegalAccessUrlException;
import top.dcenter.ums.security.core.util.AuthenticationUtil;

@Api("session 失效后跳转处理")
@ResponseBody
/* loaded from: input_file:top/dcenter/ums/security/core/auth/controller/InvalidSessionController.class */
public class InvalidSessionController implements InitializingBean {
    private static final Logger log = LoggerFactory.getLogger(InvalidSessionController.class);
    private final LoginProcessType loginProcessType;
    private final String loginPage;
    private final String invalidSessionUrl;

    @Autowired
    private GenericApplicationContext applicationContext;
    private final RequestCache requestCache = new HttpSessionRequestCache();
    private final RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    public InvalidSessionController(ClientProperties clientProperties) {
        this.loginProcessType = clientProperties.getLoginProcessType();
        this.loginPage = clientProperties.getLoginPage();
        this.invalidSessionUrl = clientProperties.getSession().getInvalidSessionUrl();
    }

    @RequestMapping(value = {"/session/invalid"}, method = {RequestMethod.GET})
    @ApiOperation(value = "session 失效后跳转处理", notes = "获取原始请求 uri, 根据 LoginProcessType 进行跳转登录接口或返回相应 json 数据", httpMethod = "GET")
    @ResponseStatus(code = HttpStatus.UNAUTHORIZED)
    public void invalidSessionHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            AuthenticationUtil.redirectProcessingByLoginProcessType(httpServletRequest, httpServletResponse, this.loginProcessType, this.redirectStrategy, ErrorCodeEnum.INVALID_SESSION, AuthenticationUtil.getOriginalUrl(this.requestCache, httpServletRequest, httpServletResponse, this.loginPage));
        } catch (Exception e) {
            String requestURI = httpServletRequest.getRequestURI();
            String realIp = IpUtil.getRealIp(httpServletRequest);
            log.error(String.format("IllegalAccessUrlException: ip=%s, uri=%s, sid=%s, error=%s", realIp, requestURI, httpServletRequest.getSession(true).getId(), e.getMessage()), e);
            throw new IllegalAccessUrlException(ErrorCodeEnum.SERVER_ERROR, requestURI, realIp);
        }
    }

    public void afterPropertiesSet() throws Exception {
        ReflectionUtil.setRequestMappingUri("invalidSessionHandler", this.invalidSessionUrl, getClass(), new Class[]{HttpServletRequest.class, HttpServletResponse.class});
        ReflectionUtil.registerController("invalidSessionController", this.applicationContext, InvalidSessionController.class);
    }
}
