package com.common.aspect;

import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.annotation.AfterReturning;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletResponse;

/**
 * @author 谢滨璜
 * @date 2022-08-04
 * @company deloitte
 */
@Slf4j
@Aspect
@Component
@Order(-1)
public class ResponseHeaderAspect {

    @AfterReturning(pointcut = "execution(* com..controller..*.*(..))" +
            "&& (@annotation(org.springframework.web.bind.annotation.RequestMapping)" +
            "|| @annotation(org.springframework.web.bind.annotation.GetMapping)" +
            "|| @annotation(org.springframework.web.bind.annotation.PostMapping)" +
            "|| @annotation(org.springframework.web.bind.annotation.DeleteMapping)" +
            "|| @annotation(org.springframework.web.bind.annotation.PatchMapping))", returning = "objectReturn")
    public void doAfterCalssReturning(Object objectReturn) throws Throwable {
        try {
            handleLog(objectReturn);
        } catch (Throwable e) {
            log.error("LogReturnAspect>>>>>>>>", e);
            throw e;
        }
    }

    protected void handleLog(Object objectReturn) {
        HttpServletResponse response = ((ServletRequestAttributes) (RequestContextHolder.currentRequestAttributes())).getResponse();
        response.addHeader("Content-Security-Policy","default-src 'self'");
        response.addHeader("Strict-Transport-Security","max-age=31536000; includeSubdomains");
        response.addHeader("Referrer-Policy","no-referrer-when-downgrade");
        response.addHeader("X-Permitted-Cross-Domain-Policies","all");
        response.addHeader("X-Download-Options","noopen");
    }
}