using Furion;
using Furion.Authorization;
using Furion.DataEncryption;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Http;
using System.Security.Claims;
using System.Threading.Tasks;

namespace BPA.SAAS.Manage.Web.Core
{
    public class JwtHandler : AppAuthorizeHandler
    {
        /// <summary>
        /// 重写 Handler 添加自动刷新
        /// </summary>
        /// <param name="context"></param>
        /// <returns></returns>

        public override async Task HandleAsync(AuthorizationHandlerContext context)
        {
            // 自动刷新Token
            if (JWTEncryption.AutoRefreshToken(context, context.GetCurrentHttpContext(),
                App.GetOptions<JWTSettingsOptions>().ExpiredTime))
            {
                await AuthorizeHandleAsync(context);
            }
            else
            {
                context.Fail(); // 授权失败
                DefaultHttpContext currentHttpContext = context.GetCurrentHttpContext();
                if (currentHttpContext == null)
                    return;
                currentHttpContext.SignoutToSwagger();
            }
        }

        /// <summary>
        /// 授权判断逻辑，授权通过返回 true，否则返回 false
        /// </summary>
        /// <param name="context"></param>
        /// <param name="httpContext"></param>
        /// <returns></returns>
        public override async Task<bool> PipelineAsync(AuthorizationHandlerContext context, DefaultHttpContext httpContext)
        {
            // 此处已经自动验证 Jwt Token的有效性了，无需手动验证
            return await CheckAuthorzieAsync(httpContext);
        }
        /// <summary>
        /// 检查权限
        /// </summary>
        /// <param name="httpContext"></param>
        /// <returns></returns>
        private static async Task<bool> CheckAuthorzieAsync(DefaultHttpContext httpContext)
        {
            // 获取权限特性  FromHeader教研数据 
            //var securityDefineAttribute = httpContext.GetMetadata<SecurityDefineAttribute>();
            //if (securityDefineAttribute == null) return true;

            var userId = App.User?.FindFirstValue("UserId");
            // 解析服务
            // var userManager = httpContext.RequestServices.GetService<IUserService>();

            // var loginType = App.User?.FindFirstValue("LoginType");
            //登录认证服务
            return true;
            //if ("0".Equals(loginType)) { 
            //    var securities = await userManager.CheckUser(userId);
            //    // 检查授权
            //    return securities;
            //}
            //if ("1".Equals(loginType)) {
            //    var securities = await userManager.CheckUser(userId);
            //    // 检查授权
            //    return securities; 
            //}
            //return false;
        }
    }
}