package org.vectortile.manager.auth.mvc.action;

import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.vectortile.manager.base.response.BaseResponse;
import org.vectortile.manager.base.response.PostAndGetMapping;
import org.vectortile.manager.base.response.ResponseCode;
import org.vectortile.manager.migrate.mvc.service.impl.MigrateServiceImpl;

@RequestMapping
@RestController
/* loaded from: input_file:BOOT-INF/classes/org/vectortile/manager/auth/mvc/action/CustomolAction.class */
public class CustomolAction {
    Logger log = LoggerFactory.getLogger(getClass());
    static final String VISITOR_USER_NAME = "__visitor__";

    @Autowired
    PasswordEncoder passwordEncoder;

    @PostAndGetMapping({"/customol/app/login/checkLogin.do", "/app/login/checkLogin.do"})
    void checkLogin(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (httpServletRequest.getHeader("Referer").contains("/customol/index.html") && StringUtils.isBlank(httpServletRequest.getRemoteUser())) {
            SecurityContext context = SecurityContextHolder.getContext();
            User user = new User(VISITOR_USER_NAME, this.passwordEncoder.encode(""), AuthorityUtils.commaSeparatedStringToAuthorityList("ROLE_USER"));
            context.setAuthentication(new UsernamePasswordAuthenticationToken(user, user.getPassword(), user.getAuthorities()));
            httpServletRequest.getSession().setAttribute("SPRING_SECURITY_CONTEXT", context);
            return;
        }
        if (httpServletRequest.getUserPrincipal() == null) {
            httpServletResponse.setCharacterEncoding(MigrateServiceImpl.UTF_8);
            httpServletResponse.setContentType("application/json;charset=utf-8");
            httpServletResponse.setStatus(ResponseCode.SC_FORBIDDEN);
            httpServletResponse.getWriter().print(JSONObject.toJSONString(BaseResponse.failure("NO PERMISSION")));
        }
    }
}
