package com.qianwen.core.secure.utils; import io.jsonwebtoken.Claims; import java.util.Map; import java.util.Objects; import javax.servlet.http.HttpServletRequest; import com.qianwen.core.jwt.JwtUtil; import com.qianwen.core.jwt.props.JwtProperties; import com.qianwen.core.secure.BladeUser; import com.qianwen.core.tool.support.Kv; import com.qianwen.core.tool.utils.Func; import com.qianwen.core.tool.utils.ObjectUtil; import com.qianwen.core.tool.utils.SpringUtil; import com.qianwen.core.tool.utils.StringUtil; import com.qianwen.core.tool.utils.WebUtil; /* loaded from: blade-starter-auth-9.3.0.0-SNAPSHOT.jar:org/springblade/core/secure/utils/AuthUtil.class */ public class AuthUtil { private static final String BLADE_USER_REQUEST_ATTR = "_BLADE_USER_REQUEST_ATTR_"; private static final String HEADER = "Blade-Auth"; private static final String ACCOUNT = "account"; private static final String USER_NAME = "user_name"; private static final String NICK_NAME = "nick_name"; private static final String USER_ID = "user_id"; private static final String DEPT_ID = "dept_id"; private static final String POST_ID = "post_id"; private static final String ROLE_ID = "role_id"; private static final String ROLE_NAME = "role_name"; private static final String TENANT_ID = "tenant_id"; private static final String OAUTH_ID = "oauth_id"; private static final String CLIENT_ID = "client_id"; private static final String DETAIL = "detail"; private static JwtProperties jwtProperties; private static JwtProperties getJwtProperties() { if (jwtProperties == null) { jwtProperties = (JwtProperties) SpringUtil.getBean(JwtProperties.class); } return jwtProperties; } public static BladeUser getUser() { HttpServletRequest request = WebUtil.getRequest(); if (request == null) { return null; } Object bladeUser = request.getAttribute(BLADE_USER_REQUEST_ATTR); if (bladeUser == null) { bladeUser = getUser(request); if (bladeUser != null) { request.setAttribute(BLADE_USER_REQUEST_ATTR, bladeUser); } } return (BladeUser) bladeUser; } public static BladeUser getUser(HttpServletRequest request) { Claims claims = getClaims(request); if (claims == null) { return null; } String clientId = Func.toStr(claims.get(CLIENT_ID)); Long userId = Long.valueOf(Func.toLong(claims.get(USER_ID))); String tenantId = Func.toStr(claims.get(TENANT_ID)); String oauthId = Func.toStr(claims.get(OAUTH_ID)); String deptId = Func.toStrWithEmpty(claims.get(DEPT_ID), "-1"); String postId = Func.toStrWithEmpty(claims.get(POST_ID), "-1"); String roleId = Func.toStrWithEmpty(claims.get(ROLE_ID), "-1"); String account = Func.toStr(claims.get(ACCOUNT)); String roleName = Func.toStr(claims.get(ROLE_NAME)); String userName = Func.toStr(claims.get(USER_NAME)); String nickName = Func.toStr(claims.get(NICK_NAME)); Kv detail = Kv.create().setAll((Map) claims.get(DETAIL)); BladeUser bladeUser = new BladeUser(); bladeUser.setClientId(clientId); bladeUser.setUserId(userId); bladeUser.setTenantId(tenantId); bladeUser.setOauthId(oauthId); bladeUser.setAccount(account); bladeUser.setDeptId(deptId); bladeUser.setPostId(postId); bladeUser.setRoleId(roleId); bladeUser.setRoleName(roleName); bladeUser.setUserName(userName); bladeUser.setNickName(nickName); bladeUser.setDetail(detail); return bladeUser; } public static boolean isAdministrator() { return StringUtil.containsAny(getUserRole(), new CharSequence[]{"administrator"}); } public static boolean isAdmin() { return StringUtil.containsAny(getUserRole(), new CharSequence[]{"admin"}); } public static Long getUserId() { BladeUser user = getUser(); return Long.valueOf(null == user ? -1L : user.getUserId().longValue()); } public static Long getUserId(HttpServletRequest request) { BladeUser user = getUser(request); return Long.valueOf(null == user ? -1L : user.getUserId().longValue()); } public static String getUserAccount() { BladeUser user = getUser(); return null == user ? "" : user.getAccount(); } public static String getUserAccount(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getAccount(); } public static String getUserName() { BladeUser user = getUser(); return null == user ? "" : user.getUserName(); } public static String getUserName(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getUserName(); } public static String getNickName() { BladeUser user = getUser(); return null == user ? "" : user.getNickName(); } public static String getNickName(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getNickName(); } public static String getDeptId() { BladeUser user = getUser(); return null == user ? "" : user.getDeptId(); } public static String getDeptId(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getDeptId(); } public static String getPostId() { BladeUser user = getUser(); return null == user ? "" : user.getPostId(); } public static String getPostId(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getPostId(); } public static String getUserRole() { BladeUser user = getUser(); return null == user ? "" : user.getRoleName(); } public static String getUserRole(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getRoleName(); } public static String getTenantId() { BladeUser user = getUser(); return null == user ? "" : user.getTenantId(); } public static String getTenantId(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getTenantId(); } public static String getOauthId() { BladeUser user = getUser(); return null == user ? "" : user.getOauthId(); } public static String getOauthId(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getOauthId(); } public static String getClientId() { BladeUser user = getUser(); return null == user ? "" : user.getClientId(); } public static String getClientId(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? "" : user.getClientId(); } public static Kv getDetail() { BladeUser user = getUser(); return null == user ? Kv.create() : user.getDetail(); } public static Kv getDetail(HttpServletRequest request) { BladeUser user = getUser(request); return null == user ? Kv.create() : user.getDetail(); } public static Claims getClaims(HttpServletRequest request) { String token; String auth = request.getHeader(HEADER); Claims claims = null; if (StringUtil.isNotBlank(auth)) { token = JwtUtil.getToken(auth); } else { String parameter = request.getParameter(HEADER); token = JwtUtil.getToken(parameter); } if (StringUtil.isNotBlank(token)) { claims = parseJWT(token); } if (ObjectUtil.isNotEmpty(claims) && getJwtProperties().getState().booleanValue()) { String tenantId = Func.toStr(claims.get(TENANT_ID)); String userId = Func.toStr(claims.get(USER_ID)); String accessToken = JwtUtil.getAccessToken(tenantId, userId, token); if (!token.equalsIgnoreCase(accessToken)) { return null; } } return claims; } public static String getHeader() { return getHeader((HttpServletRequest) Objects.requireNonNull(WebUtil.getRequest())); } public static String getHeader(HttpServletRequest request) { return request.getHeader(HEADER); } public static Claims parseJWT(String jsonWebToken) { return JwtUtil.parseJWT(jsonWebToken); } }