package com.lc.ibps.auth.controller;

import com.lc.ibps.auth.service.AuthApiGrantQueryService;
import com.lc.ibps.auth.service.OAuthService;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.oltu.oauth2.common.message.types.ParameterStyle;
import org.apache.oltu.oauth2.common.utils.OAuthUtils;
import org.apache.oltu.oauth2.rs.request.OAuthAccessResourceRequest;
import org.apache.oltu.oauth2.rs.response.OAuthRSResponse;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@RequestMapping({"/auth2/"})
@Controller
/* loaded from: input_file:com/lc/ibps/auth/controller/PermissionController.class */
public class PermissionController {

    @Resource
    private OAuthService oAuthService;

    @Resource
    private AuthApiGrantQueryService authApiGrantQueryService;

    @RequestMapping(value = {"permission"}, method = {RequestMethod.GET})
    @ResponseBody
    public Object permission(HttpServletRequest httpServletRequest) throws OAuthSystemException, OAuthProblemException {
        try {
            String accessToken = new OAuthAccessResourceRequest(httpServletRequest, new ParameterStyle[]{ParameterStyle.QUERY}).getAccessToken();
            if (this.oAuthService.checkAccessToken(accessToken)) {
                return new ResponseEntity("{'result':" + Boolean.valueOf(this.authApiGrantQueryService.isPermitted(this.oAuthService.getClientIdByAccessToken(accessToken), httpServletRequest.getParameter("appKey"), httpServletRequest.getParameter("apiUri"))).booleanValue() + "}", HttpStatus.OK);
            }
            OAuthResponse buildJSONMessage = OAuthRSResponse.errorResponse(401).setError("invalid_token").setErrorDescription("访问令牌不存在或已过期，请重新验证").buildJSONMessage();
            HttpHeaders httpHeaders = new HttpHeaders();
            httpHeaders.add("WWW-Authenticate", buildJSONMessage.getHeader("WWW-Authenticate"));
            return new ResponseEntity(httpHeaders, HttpStatus.UNAUTHORIZED);
        } catch (OAuthProblemException e) {
            if (!OAuthUtils.isEmpty(e.getError())) {
                new HttpHeaders().add("WWW-Authenticate", OAuthRSResponse.errorResponse(401).setError(e.getError()).setErrorDescription(e.getDescription()).setErrorUri(e.getUri()).buildHeaderMessage().getHeader("WWW-Authenticate"));
                return new ResponseEntity(HttpStatus.BAD_REQUEST);
            }
            OAuthResponse buildHeaderMessage = OAuthRSResponse.errorResponse(401).buildHeaderMessage();
            HttpHeaders httpHeaders2 = new HttpHeaders();
            httpHeaders2.add("WWW-Authenticate", buildHeaderMessage.getHeader("WWW-Authenticate"));
            return new ResponseEntity(httpHeaders2, HttpStatus.UNAUTHORIZED);
        }
    }
}
