package com.beiming.nonlitigation.businessgateway.handler;

import com.alibaba.fastjson.JSONObject;
import com.beiming.framework.domain.APIResult;
import com.beiming.framework.enums.APIResultCodeEnums;
import java.lang.reflect.Method;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Objects;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.web.server.ServerHttpBasicAuthenticationConverter;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;

@ControllerAdvice
/* loaded from: input_file:WEB-INF/classes/com/beiming/nonlitigation/businessgateway/handler/ResponseBodyWrapper.class */
public class ResponseBodyWrapper implements ResponseBodyAdvice<Object> {

    @Value("${spring.security.user.name}")
    private String userName;

    @Value("${spring.security.user.password}")
    private String password;
    static final /* synthetic */ boolean $assertionsDisabled;

    @Override // org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice
    public boolean supports(MethodParameter methodParameter, Class<? extends HttpMessageConverter<?>> cls) {
        return true;
    }

    @Override // org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice
    public Object beforeBodyWrite(Object obj, MethodParameter methodParameter, MediaType mediaType, Class<? extends HttpMessageConverter<?>> cls, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
        if (serverHttpRequest.getURI().getPath().indexOf("swagger") > -1 || serverHttpRequest.getURI().getPath().indexOf("v2/api-docs") > -1) {
            return obj;
        }
        if (!serverHttpRequest.getURI().getPath().startsWith("/monitor")) {
            if (obj instanceof APIResult) {
                return obj;
            }
            Object success = APIResult.success(obj);
            if (((Method) Objects.requireNonNull(methodParameter.getMethod())).getReturnType() == String.class || (obj instanceof String)) {
                success = JSONObject.toJSONString(success);
            }
            return success;
        }
        String first = serverHttpRequest.getHeaders().getFirst("Authorization");
        APIResult failed = APIResult.failed(APIResultCodeEnums.USER_NOT_LOGIN);
        if (first == null || !first.startsWith(ServerHttpBasicAuthenticationConverter.BASIC)) {
            return JSONObject.toJSONString(failed);
        }
        String[] extractAndDecodeHeader = extractAndDecodeHeader(first);
        if ($assertionsDisabled || extractAndDecodeHeader.length == 2) {
            return (extractAndDecodeHeader[0].equals(this.userName) && this.password.equals(extractAndDecodeHeader[1])) ? obj : JSONObject.toJSONString(failed);
        }
        throw new AssertionError();
    }

    private String[] extractAndDecodeHeader(String str) {
        try {
            String str2 = new String(Base64.getDecoder().decode(str.substring(6).getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
            int indexOf = str2.indexOf(":");
            if (indexOf == -1) {
                throw new BadCredentialsException("Invalid basic authentication token");
            }
            return new String[]{str2.substring(0, indexOf), str2.substring(indexOf + 1)};
        } catch (IllegalArgumentException e) {
            throw new BadCredentialsException("Failed to decode basic authentication token");
        }
    }

    static {
        $assertionsDisabled = !ResponseBodyWrapper.class.desiredAssertionStatus();
    }
}
