package ai.yue.library.base.crypto.annotation.key.exchange;

import ai.yue.library.base.crypto.dao.key.exchange.KeyExchangeStorage;
import ai.yue.library.base.crypto.util.EncryptParamUtils;
import ai.yue.library.base.exception.ParamException;
import ai.yue.library.base.util.SpringUtils;
import ai.yue.library.base.view.Result;
import ai.yue.library.web.util.servlet.ServletUtils;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.symmetric.SymmetricCrypto;
import javax.servlet.http.HttpServletRequest;
import org.springframework.boot.autoconfigure.condition.ConditionalOnClass;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;

@ControllerAdvice
@ConditionalOnClass({HttpServletRequest.class})
/* loaded from: input_file:ai/yue/library/base/crypto/annotation/key/exchange/ResponseEncryptHandler.class */
public class ResponseEncryptHandler<T> implements ResponseBodyAdvice<T> {
    public boolean supports(MethodParameter methodParameter, Class<? extends HttpMessageConverter<?>> cls) {
        return methodParameter.hasMethodAnnotation(ResponseEncrypt.class) && methodParameter.getMethod().getReturnType() == Result.class;
    }

    public T beforeBodyWrite(T t, MethodParameter methodParameter, MediaType mediaType, Class<? extends HttpMessageConverter<?>> cls, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
        SymmetricCrypto symmetricCrypto;
        String header;
        if (t == null) {
            return t;
        }
        Result result = (Result) t;
        if (!result.isFlag()) {
            return t;
        }
        ResponseEncrypt responseEncrypt = (ResponseEncrypt) methodParameter.getMethodAnnotation(ResponseEncrypt.class);
        if (responseEncrypt.enableExchangeKeyEncrypt()) {
            HttpServletRequest servletRequest = ((ServletServerHttpRequest) serverHttpRequest).getServletRequest();
            if (responseEncrypt.useAuthTokenGetExchangeKey()) {
                header = ServletUtils.getAuthToken(servletRequest);
            } else {
                String headerNameGetExchangeKey = responseEncrypt.headerNameGetExchangeKey();
                String paramNameGetExchangeKey = responseEncrypt.paramNameGetExchangeKey();
                header = servletRequest.getHeader(headerNameGetExchangeKey);
                if (StrUtil.isBlank(header)) {
                    header = servletRequest.getParameter(paramNameGetExchangeKey);
                }
            }
            if (StrUtil.isBlank(header)) {
                throw new ParamException("未能获取到交换密钥：1. 请确认是否已进行过密钥交换，2. 请确认是否传入keyExchangeStorageKey（如：token别名、UUID等）并指定了对应的Get方式。");
            }
            symmetricCrypto = responseEncrypt.exchangeKeyType().getSymmetricCrypto(((KeyExchangeStorage) SpringUtils.getBean(KeyExchangeStorage.class)).getExchangeKey(header).getBytes());
        } else {
            symmetricCrypto = responseEncrypt.exchangeKeyType().getSymmetricCrypto(responseEncrypt.key().getBytes());
        }
        result.setData(symmetricCrypto.encryptBase64(EncryptParamUtils.toEncryptByte(result.getData())));
        return t;
    }
}
