package com.eworkcloud.web.util;

import com.eworkcloud.web.enums.HttpMethod;
import com.eworkcloud.web.exception.BusinessException;
import com.eworkcloud.web.model.HttpMessage;
import com.eworkcloud.webkit.WxworkConfiguration;
import com.eworkcloud.webkit.model.ByteArray;
import com.eworkcloud.webkit.util.PKCS7Padding;
import com.eworkcloud.webkit.wxwork.WxworkMessage;
import com.eworkcloud.webkit.wxwork.WxworkSendStatus;
import com.eworkcloud.webkit.wxwork.WxworkTokenInfo;
import java.io.StringReader;
import java.util.Arrays;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.DocumentBuilderFactory;
import org.xml.sax.InputSource;

/* loaded from: input_file:com/eworkcloud/web/util/WxworkUtils.class */
public abstract class WxworkUtils {
    private static final String TOKEN = "https://qyapi.weixin.qq.com/cgi-bin/gettoken";
    private static final String SEND = "https://qyapi.weixin.qq.com/cgi-bin/message/send";

    private static String encrypt(String str) {
        if (WxworkConfiguration.getAesKey().length() != 43) {
            throw new BusinessException("AesKey非法");
        }
        byte[] decodeToBytes = Base64Utils.decodeToBytes(WxworkConfiguration.getAesKey() + "=");
        byte[] bytes = str.getBytes(Constants.CHARSET);
        ByteArray byteArray = new ByteArray();
        byteArray.addValue(WebUtils.randomString(16));
        byteArray.addValue(CryptoUtils.intToBytes(bytes.length));
        byteArray.addValue(bytes);
        byteArray.addValue(WxworkConfiguration.getCorpid());
        byteArray.addValue(PKCS7Padding.encode(byteArray.size()));
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(1, new SecretKeySpec(decodeToBytes, "AES"), new IvParameterSpec(decodeToBytes, 0, 16));
            return Base64Utils.encodeToString(cipher.doFinal(byteArray.toBytes()));
        } catch (Exception e) {
            throw new BusinessException("AES加密失败", e);
        }
    }

    private static String decrypt(String str) {
        if (WxworkConfiguration.getAesKey().length() != 43) {
            throw new BusinessException("AesKey非法");
        }
        byte[] decodeToBytes = Base64Utils.decodeToBytes(WxworkConfiguration.getAesKey() + "=");
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, new SecretKeySpec(decodeToBytes, "AES"), new IvParameterSpec(decodeToBytes, 0, 16));
            try {
                byte[] decode = PKCS7Padding.decode(cipher.doFinal(Base64Utils.decodeToBytes(str)));
                int bytesToInt = CryptoUtils.bytesToInt(Arrays.copyOfRange(decode, 16, 20));
                String str2 = new String(Arrays.copyOfRange(decode, 20, 20 + bytesToInt), Constants.CHARSET);
                if (new String(Arrays.copyOfRange(decode, 20 + bytesToInt, decode.length), Constants.CHARSET).equals(WxworkConfiguration.getCorpid())) {
                    return str2;
                }
                throw new BusinessException("CorpID非法");
            } catch (Exception e) {
                throw new BusinessException("解密数据异常", e);
            }
        } catch (Exception e2) {
            throw new BusinessException("AES解密失败", e2);
        }
    }

    private static String extract(String str) {
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
            newInstance.setFeature("http://xml.org/sax/features/external-general-entities", false);
            newInstance.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
            newInstance.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
            newInstance.setXIncludeAware(false);
            newInstance.setExpandEntityReferences(false);
            return newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str))).getDocumentElement().getElementsByTagName("Encrypt").item(0).getTextContent();
        } catch (Exception e) {
            throw new BusinessException("XML解析失败", e);
        }
    }

    private static String generate(String str, String str2, String str3, String str4) {
        return String.format("<xml>\n<Encrypt><![CDATA[%1$s]]></Encrypt>\n<MsgSignature><![CDATA[%2$s]]></MsgSignature>\n<TimeStamp>%3$s</TimeStamp>\n<Nonce><![CDATA[%4$s]]></Nonce>\n</xml>", str, str2, str3, str4);
    }

    private static String signature(String str, String str2, String str3) {
        try {
            String[] strArr = {WxworkConfiguration.getToken(), str, str2, str3};
            Arrays.sort(strArr);
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < 4; i++) {
                sb.append(strArr[i]);
            }
            return CryptoUtils.shaDigest(sb.toString());
        } catch (Exception e) {
            throw new BusinessException("SHA签名失败", e);
        }
    }

    public static WxworkTokenInfo getToken(String str) {
        return (WxworkTokenInfo) OkHttpUtils.execute(HttpMessage.builder().url(TOKEN).build().addQuery("corpid", WxworkConfiguration.getCorpid()).addQuery("corpsecret", str), WxworkTokenInfo.class);
    }

    public static WxworkTokenInfo getToken() {
        return getToken(WxworkConfiguration.getSecret());
    }

    public static WxworkSendStatus send(String str, Map<String, Object> map) {
        if (!map.containsKey("agentid") || Assert.isEmpty(map.get("agentid"))) {
            map.put("agentid", WxworkConfiguration.getAgentid());
        }
        return (WxworkSendStatus) OkHttpUtils.execute(HttpMessage.builder().url(SEND).method(HttpMethod.POST).formData(map).build().addQuery("access_token", str), WxworkSendStatus.class);
    }

    public static WxworkSendStatus send(String str, WxworkMessage wxworkMessage) {
        return send(str, (Map<String, Object>) OrikaUtils.beanToMap(wxworkMessage));
    }

    public static String encrypt(String str, String str2, String str3) {
        String encrypt = encrypt(str);
        return generate(encrypt, signature(str2, str3, encrypt), str2, str3);
    }

    public static String decrypt(String str, String str2, String str3, String str4) {
        String extract = extract(str4);
        if (signature(str2, str3, extract).equals(str)) {
            return decrypt(extract);
        }
        throw new BusinessException("签名验证错误");
    }

    public static String verify(String str, String str2, String str3, String str4) {
        if (signature(str2, str3, str4).equals(str)) {
            return decrypt(str4);
        }
        throw new BusinessException("签名验证错误");
    }
}
