package com.central.oauth.filter;

import com.central.common.constant.SecurityConstants;
import com.central.common.context.TenantContextHolder;
import com.central.common.model.Result;
import java.security.Principal;
import java.util.Map;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
import org.springframework.stereotype.Component;

@Aspect
@Component
/* loaded from: input_file:BOOT-INF/classes/com/central/oauth/filter/OauthTokenAspect.class */
public class OauthTokenAspect {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) OauthTokenAspect.class);

    @Around("execution(* org.springframework.security.oauth2.provider.endpoint.TokenEndpoint.postAccessToken(..))")
    public Object handleControllerMethod(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        try {
            try {
                Object[] args = proceedingJoinPoint.getArgs();
                Principal principal = (Principal) args[0];
                if (!(principal instanceof Authentication)) {
                    throw new InsufficientAuthenticationException("There is no client authentication. Try adding an appropriate authentication filter.");
                }
                String clientId = getClientId(principal);
                String str = (String) ((Map) args[1]).get("grant_type");
                TenantContextHolder.setTenant(clientId);
                Object proceed = proceedingJoinPoint.proceed();
                if (SecurityConstants.AUTHORIZATION_CODE.equals(str)) {
                    TenantContextHolder.clear();
                    return proceed;
                }
                ResponseEntity body = ResponseEntity.status(HttpStatus.OK).body(Result.succeed((OAuth2AccessToken) ((ResponseEntity) proceed).getBody()));
                TenantContextHolder.clear();
                return body;
            } catch (Exception e) {
                log.error("授权错误", (Throwable) e);
                ResponseEntity body2 = ResponseEntity.status(HttpStatus.BAD_REQUEST).body(Result.failed(e.getMessage()));
                TenantContextHolder.clear();
                return body2;
            }
        } catch (Throwable th) {
            TenantContextHolder.clear();
            throw th;
        }
    }

    private String getClientId(Principal principal) {
        Authentication authentication = (Authentication) principal;
        if (!authentication.isAuthenticated()) {
            throw new InsufficientAuthenticationException("The client is not authenticated.");
        }
        String name = authentication.getName();
        if (authentication instanceof OAuth2Authentication) {
            name = ((OAuth2Authentication) authentication).getOAuth2Request().getClientId();
        }
        return name;
    }
}
