package com.nms.swspkmas_standalone.shiro.realm;

import com.nms.swspkmas_standalone.entity.User;
import com.nms.swspkmas_standalone.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.HashSet;
import java.util.Set;

/**
 * @Author ling.quan
 * @Date 2022/2/17 16:45
 * @Desciption 同时开启身份验证和权限验证，需要继承 AuthorizingRealm
 *  * 并实现其  doGetAuthenticationInfo()和 doGetAuthorizationInfo 两个方法
 */
public class ShiroRealm extends AuthorizingRealm {

    @Autowired
    private UserService userService;

    /**
     * 限定这个 Realm 只处理 UsernamePasswordToken
     */
    @Override
    public boolean supports(AuthenticationToken token) {
        return token instanceof UsernamePasswordToken;
    }

    /**
     * 查询数据库，将获取到的用户安全数据封装返回
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // 从 AuthenticationToken 中获取当前用户
        String username = (String) token.getPrincipal();
        // 查询数据库获取用户信息
        User user = userService.getByUserName(username);

        // 用户不存在
        if (user == null) {
            throw new UnknownAccountException("用户不存在！");
        }

        // 使用用户id作为盐值
        ByteSource credentialsSalt = ByteSource.Util.bytes("nms");

        /**
         * 将获取到的用户数据封装成 AuthenticationInfo 对象返回，此处封装为 SimpleAuthenticationInfo 对象。
         *  参数1. 认证的实体信息，可以是从数据库中获取到的用户实体类对象或者用户名
         *  参数2. 查询获取到的登录密码
         *  参数3. 盐值
         *  参数4. 当前 Realm 对象的名称，直接调用父类的 getName() 方法即可
         */
//        return new SimpleAuthenticationInfo(user, user.getPassword(), credentialsSalt,
//                getName());

        return new SimpleAuthenticationInfo(user, user.getPassword(),
                getName());
    }

    /**
     * 查询数据库，将获取到的用户的角色及权限信息返回
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        // 获取当前用户
        User currentUser = (User) SecurityUtils.getSubject().getPrincipal();
        // UserEntity currentUser = (UserEntity) principals.getPrimaryPrincipal();
        /*if (o == null) {
            UserRole userRole = userRoleService.getByUserId(currentUser.getId());
            RoleEnum roleEnum = RoleEnum.getByCode(userRole.getRoleId());
            UserVO userVO = new UserVO();
            BeanUtils.copyProperties(currentUser, userVO);
            if (roleEnum != null) {
                userVO.setRoleName(roleEnum.getName());
                info.setRoles(Sets.newHashSet(roleEnum.getName()));
                //info.setStringPermissions(perms);
            }
            redisUtils.set(redisKey, userVO, 60 * 60 * 24);
        } else {
            UserVO userVO = (UserVO) o;
            info.setRoles(Sets.newHashSet(userVO.getRoleName()));
            //info.setStringPermissions(perms);
        }*/
        Set roleSet=new HashSet();
        roleSet.add("1");
        info.setRoles(roleSet);
        //info.setStringPermissions(perms);
        return info;
    }

}