package com.bokesoft.dee.integration.webservice;

import com.bokesoft.dee.web.data.access.IDeployDataAccess;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
import org.apache.cxf.phase.AbstractPhaseInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;

@Component
/* loaded from: input_file:com/bokesoft/dee/integration/webservice/CXFAuthorizationInterceptor.class */
public class CXFAuthorizationInterceptor extends AbstractPhaseInterceptor<Message> {

    @Autowired
    private IDeployDataAccess deployDataAccess;

    public CXFAuthorizationInterceptor() {
        super("pre-invoke");
    }

    public void handleMessage(Message message) throws Fault {
        List list = (List) this.deployDataAccess.getCacheConfig().get("webServiceMappingConfig");
        Assert.notNull(list, "系统初始化尚未完成");
        List list2 = (List) message.getContent(List.class);
        if (list2 == null || list2.size() != 2) {
            throw new RuntimeException("获取请求参数失败");
        }
        boolean z = true;
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            Map map = (Map) it.next();
            if (list2.get(0).equals(map.get("key"))) {
                z = false;
                if (map.get("isauth").equals(1)) {
                    AuthorizationPolicy authorizationPolicy = (AuthorizationPolicy) message.get(AuthorizationPolicy.class);
                    Assert.notNull(authorizationPolicy, "没有传 Authorization 认证信息");
                    String userName = authorizationPolicy.getUserName();
                    String password = authorizationPolicy.getPassword();
                    Assert.notNull(userName, "认证信息的用户名不能为空");
                    Assert.notNull(password, "认证信息的密码不能为空");
                    if (!userName.equals(map.get("username")) || !password.equals(map.get("password"))) {
                        throw new RuntimeException("401 Unauthorized");
                    }
                }
            }
        }
        if (z) {
            throw new RuntimeException("不存在的action[" + list2.get(0) + "]");
        }
    }
}
