package matrix.boot.based.config;

import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import java.lang.reflect.Field;
import java.lang.reflect.Parameter;
import java.nio.charset.StandardCharsets;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import lombok.NonNull;
import matrix.boot.based.annoation.SignApi;
import matrix.boot.based.properties.SignApiProperties;
import matrix.boot.based.utils.SignApiUtil;
import matrix.boot.based.utils.WebUtil;
import matrix.boot.common.encrypt.Base64;
import matrix.boot.common.exception.BusinessException;
import matrix.boot.common.utils.AssertUtil;
import matrix.boot.common.utils.StringUtil;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.util.ContentCachingRequestWrapper;

@EnableConfigurationProperties({SignApiProperties.class})
@ConditionalOnProperty({"matrix.sign-api.enabled"})
@Aspect
/* loaded from: input_file:matrix/boot/based/config/SignApiAutoConfiguration.class */
public class SignApiAutoConfiguration {
    private static final Logger log = LoggerFactory.getLogger(SignApiAutoConfiguration.class);

    @Autowired
    private SignApiProperties signApiProperties;

    @Pointcut("@annotation(signApi)")
    public void pointcut(SignApi signApi) {
    }

    @Around(value = "pointcut(signApi)", argNames = "joinPoint,signApi")
    public Object around(ProceedingJoinPoint proceedingJoinPoint, SignApi signApi) throws Throwable {
        if (signApi.feign()) {
            return proceedingJoinPoint.proceed();
        }
        String value = signApi.value();
        if (StringUtil.isEmpty(value)) {
            value = this.signApiProperties.getKey();
        }
        AssertUtil.state(Boolean.valueOf(!StringUtil.isEmpty(value)), "sign key not exist");
        ContentCachingRequestWrapper request = WebUtil.getRequest();
        String header = request.getHeader(this.signApiProperties.getHeaderKey());
        AssertUtil.state(Boolean.valueOf(!StringUtil.isEmpty(header)), String.format("header %s not found", this.signApiProperties.getHeaderKey()));
        MethodSignature signature = proceedingJoinPoint.getSignature();
        String str = null;
        if (signature instanceof MethodSignature) {
            for (Parameter parameter : signature.getMethod().getParameters()) {
                if (parameter.getAnnotation(RequestBody.class) != null) {
                    if (request instanceof ContentCachingRequestWrapper) {
                        str = new String(request.getContentAsByteArray(), StandardCharsets.UTF_8);
                    } else {
                        Field declaredField = parameter.getClass().getDeclaredField("index");
                        declaredField.setAccessible(true);
                        Object obj = proceedingJoinPoint.getArgs()[((Integer) declaredField.get(parameter)).intValue()];
                        if (obj != null) {
                            str = JSONObject.toJSONString(obj);
                        }
                    }
                }
            }
        }
        try {
            JSONObject parseObject = JSONObject.parseObject(Base64.decryptForString(header));
            Long l = parseObject.getLong(SignApiUtil.TIMESTAMP_NAME);
            String string = parseObject.getString(SignApiUtil.SIGN_KEY_NAME);
            AssertUtil.state(Boolean.valueOf(l != null && l.longValue() + (signApi.timeout() * 1000) > System.currentTimeMillis()), "api invoke timeout");
            if (string != null && string.toUpperCase().equals(SignApiUtil.sign(request.getParameterMap(), str, value, l))) {
                return proceedingJoinPoint.proceed();
            }
            log.error("sign key verify failure，timestamp: {}, userSignKey: {}, request_parameter: {}, entity_json: {}", new Object[]{l, string, JSONObject.toJSON(request.getParameterMap()), str});
            throw new BusinessException("sign key verify failure");
        } catch (Exception e) {
            throw new BusinessException(String.format("header %s parse failure", this.signApiProperties.getHeaderKey()));
        }
    }

    @Bean
    public Filter contentCachingFilter() {
        return new OncePerRequestFilter() { // from class: matrix.boot.based.config.SignApiAutoConfiguration.1
            protected void doFilterInternal(@NonNull HttpServletRequest httpServletRequest, @NonNull HttpServletResponse httpServletResponse, @NonNull FilterChain filterChain) throws ServletException, IOException {
                if (httpServletRequest == null) {
                    throw new NullPointerException("request is marked non-null but is null");
                }
                if (httpServletResponse == null) {
                    throw new NullPointerException("response is marked non-null but is null");
                }
                if (filterChain == null) {
                    throw new NullPointerException("filterChain is marked non-null but is null");
                }
                HttpServletRequest httpServletRequest2 = httpServletRequest;
                if ((!isAsyncDispatch(httpServletRequest)) && !(httpServletRequest instanceof ContentCachingRequestWrapper)) {
                    httpServletRequest2 = new ContentCachingRequestWrapper(httpServletRequest);
                }
                filterChain.doFilter(httpServletRequest2, httpServletResponse);
            }
        };
    }
}
