package cn.herodotus.engine.oauth2.core.exception;

import cn.herodotus.engine.assistant.core.exception.GlobalExceptionHandler;
import cn.herodotus.engine.assistant.definition.constants.ErrorCodes;
import cn.herodotus.engine.assistant.definition.domain.Feedback;
import cn.herodotus.engine.assistant.definition.domain.Result;
import cn.herodotus.engine.assistant.definition.exception.PlatformException;
import cn.herodotus.engine.assistant.definition.exception.PlatformRuntimeException;
import cn.herodotus.engine.oauth2.core.constants.OAuth2ErrorKeys;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.core.OAuth2Error;
import org.springframework.validation.BindException;
import org.springframework.validation.FieldError;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import org.springframework.web.client.HttpClientErrorException;
import org.springframework.web.client.HttpServerErrorException;

@RestControllerAdvice
/* loaded from: input_file:cn/herodotus/engine/oauth2/core/exception/SecurityGlobalExceptionHandler.class */
public class SecurityGlobalExceptionHandler {
    private static final Logger log = LoggerFactory.getLogger(SecurityGlobalExceptionHandler.class);
    private static final Map<String, Feedback> EXCEPTION_DICTIONARY = new HashMap();

    @ExceptionHandler({HttpClientErrorException.class, HttpServerErrorException.class})
    public static Result<String> restTemplateException(Exception exc, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Result<String> resolveException = resolveException(exc, httpServletRequest.getRequestURI());
        httpServletResponse.setStatus(resolveException.getStatus());
        return resolveException;
    }

    @ExceptionHandler({MethodArgumentNotValidException.class})
    public static Result<String> validationMethodArgumentException(MethodArgumentNotValidException methodArgumentNotValidException, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return validationBindException(methodArgumentNotValidException, httpServletRequest, httpServletResponse);
    }

    @ExceptionHandler({BindException.class})
    public static Result<String> validationBindException(BindException bindException, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Result<String> resolveException = resolveException(bindException, httpServletRequest.getRequestURI());
        FieldError fieldError = bindException.getBindingResult().getFieldError();
        if (ObjectUtils.isNotEmpty(fieldError)) {
            resolveException.validation(fieldError.getDefaultMessage(), fieldError.getCode(), fieldError.getField());
        }
        httpServletResponse.setStatus(resolveException.getStatus());
        return resolveException;
    }

    @ExceptionHandler({AuthenticationException.class, PlatformAuthenticationException.class})
    public static Result<String> authenticationException(Exception exc, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Result<String> resolveSecurityException = resolveSecurityException(exc, httpServletRequest.getRequestURI());
        httpServletResponse.setStatus(resolveSecurityException.getStatus());
        return resolveSecurityException;
    }

    @ExceptionHandler({OAuth2AuthenticationException.class})
    public static Result<String> oAuth2AuthenticationException(Exception exc, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Result<String> resolveSecurityException = resolveSecurityException(exc, httpServletRequest.getRequestURI());
        httpServletResponse.setStatus(resolveSecurityException.getStatus());
        return resolveSecurityException;
    }

    @ExceptionHandler({Exception.class, PlatformException.class, PlatformRuntimeException.class})
    public static Result<String> exception(Exception exc, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Result<String> resolveException = resolveException(exc, httpServletRequest.getRequestURI());
        httpServletResponse.setStatus(resolveException.getStatus());
        return resolveException;
    }

    public static Result<String> resolveException(Exception exc, String str) {
        return GlobalExceptionHandler.resolveException(exc, str);
    }

    public static Result<String> resolveSecurityException(Exception exc, String str) {
        Exception exc2 = new Exception();
        if (exc instanceof OAuth2AuthenticationException) {
            OAuth2Error error = ((OAuth2AuthenticationException) exc).getError();
            if (EXCEPTION_DICTIONARY.containsKey(error.getErrorCode())) {
                Result<String> failure = Result.failure(EXCEPTION_DICTIONARY.get(error.getErrorCode()), error.getErrorCode());
                failure.path(error.getUri());
                failure.stackTrace(exc.getStackTrace());
                failure.detail(exc.getMessage());
                return failure;
            }
        } else if (exc instanceof InsufficientAuthenticationException) {
            Throwable cause = exc.getCause();
            exc2 = ObjectUtils.isNotEmpty(cause) ? new Exception(cause) : exc;
            log.debug("[Herodotus] |- InsufficientAuthenticationException cause content is [{}]", exc2.getClass().getSimpleName());
        } else {
            String simpleName = exc.getClass().getSimpleName();
            if (StringUtils.isNotEmpty(simpleName) && EXCEPTION_DICTIONARY.containsKey(simpleName)) {
                return Result.failure(EXCEPTION_DICTIONARY.get(simpleName));
            }
            exc2 = exc;
        }
        return resolveException(exc2, str);
    }

    static {
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.ACCESS_DENIED, ErrorCodes.ACCESS_DENIED);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.INSUFFICIENT_SCOPE, ErrorCodes.INSUFFICIENT_SCOPE);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.INVALID_CLIENT, ErrorCodes.INVALID_CLIENT);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.INVALID_GRANT, ErrorCodes.INVALID_GRANT);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.INVALID_REDIRECT_URI, ErrorCodes.INVALID_REDIRECT_URI);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.INVALID_REQUEST, ErrorCodes.INVALID_REQUEST);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.INVALID_SCOPE, ErrorCodes.INVALID_SCOPE);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.INVALID_TOKEN, ErrorCodes.INVALID_TOKEN);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.SERVER_ERROR, ErrorCodes.SERVER_ERROR);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.TEMPORARILY_UNAVAILABLE, ErrorCodes.TEMPORARILY_UNAVAILABLE);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.UNAUTHORIZED_CLIENT, ErrorCodes.UNAUTHORIZED_CLIENT);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.UNSUPPORTED_GRANT_TYPE, ErrorCodes.UNSUPPORTED_GRANT_TYPE);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.UNSUPPORTED_RESPONSE_TYPE, ErrorCodes.UNSUPPORTED_RESPONSE_TYPE);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.UNSUPPORTED_TOKEN_TYPE, ErrorCodes.UNSUPPORTED_TOKEN_TYPE);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.ACCOUNT_EXPIRED, ErrorCodes.ACCOUNT_EXPIRED);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.BAD_CREDENTIALS, ErrorCodes.BAD_CREDENTIALS);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.CREDENTIALS_EXPIRED, ErrorCodes.CREDENTIALS_EXPIRED);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.ACCOUNT_DISABLED, ErrorCodes.ACCOUNT_DISABLED);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.ACCOUNT_LOCKED, ErrorCodes.ACCOUNT_LOCKED);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.ACCOUNT_ENDPOINT_LIMITED, ErrorCodes.ACCOUNT_ENDPOINT_LIMITED);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.USERNAME_NOT_FOUND, ErrorCodes.USERNAME_NOT_FOUND);
        EXCEPTION_DICTIONARY.put(OAuth2ErrorKeys.SESSION_EXPIRED, ErrorCodes.SESSION_EXPIRED);
    }
}
