package com.eworkcloud.web.util;

import com.eworkcloud.web.configurer.WxworkConfiguration;
import com.eworkcloud.web.enums.HttpMethod;
import com.eworkcloud.web.exception.BusinessException;
import com.eworkcloud.web.model.ByteArray;
import com.eworkcloud.web.wxwork.WWMessage;
import com.eworkcloud.web.wxwork.WWRespond;
import com.eworkcloud.web.wxwork.WWSession;
import com.eworkcloud.web.wxwork.WWTokenInfo;
import com.eworkcloud.web.wxwork.WWUserInfo;
import java.io.StringReader;
import java.util.Arrays;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.DocumentBuilderFactory;
import org.xml.sax.InputSource;

/* loaded from: input_file:com/eworkcloud/web/util/WxworkUtils.class */
public abstract class WxworkUtils {
    private static final String ACCESS_TOKEN = "https://qyapi.weixin.qq.com/cgi-bin/gettoken";
    private static final String CODE2USERINFO = "https://qyapi.weixin.qq.com/cgi-bin/user/getuserinfo";
    private static final String CODE2SESSION = "https://qyapi.weixin.qq.com/cgi-bin/miniprogram/jscode2session";
    private static final String SEND_MESSAGE = "https://qyapi.weixin.qq.com/cgi-bin/message/send";

    private static String onEncrypt(String str, String str2, String str3) {
        if (null == str2 || str2.length() != 43) {
            throw new BusinessException("AesKey非法");
        }
        byte[] decodeToBytes = Base64Utils.decodeToBytes(str2 + "=");
        byte[] bytes = str3.getBytes(Constants.CHARSET);
        ByteArray byteArray = new ByteArray();
        byteArray.addValue(WebUtils.randomString(16));
        byteArray.addValue(CryptoUtils.intToBytes(bytes.length));
        byteArray.addValue(bytes);
        byteArray.addValue(str);
        byteArray.addValue(PKCS7Padding.encode(byteArray.size()));
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(1, new SecretKeySpec(decodeToBytes, "AES"), new IvParameterSpec(decodeToBytes, 0, 16));
            return Base64Utils.encodeToString(cipher.doFinal(byteArray.toBytes()));
        } catch (Exception e) {
            throw new BusinessException("AES加密失败", e);
        }
    }

    private static String onDecrypt(String str, String str2, String str3) {
        if (null == str2 || str2.length() != 43) {
            throw new BusinessException("AesKey非法");
        }
        byte[] decodeToBytes = Base64Utils.decodeToBytes(str2 + "=");
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, new SecretKeySpec(decodeToBytes, "AES"), new IvParameterSpec(decodeToBytes, 0, 16));
            try {
                byte[] decode = PKCS7Padding.decode(cipher.doFinal(Base64Utils.decodeToBytes(str3)));
                int bytesToInt = CryptoUtils.bytesToInt(Arrays.copyOfRange(decode, 16, 20));
                String str4 = new String(Arrays.copyOfRange(decode, 20, 20 + bytesToInt), Constants.CHARSET);
                if (new String(Arrays.copyOfRange(decode, 20 + bytesToInt, decode.length), Constants.CHARSET).equals(str)) {
                    return str4;
                }
                throw new BusinessException("CorpID非法");
            } catch (Exception e) {
                throw new BusinessException("解密数据异常", e);
            }
        } catch (Exception e2) {
            throw new BusinessException("AES解密失败", e2);
        }
    }

    private static String onExtract(String str) {
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
            newInstance.setFeature("http://xml.org/sax/features/external-general-entities", false);
            newInstance.setFeature("http://xml.org/sax/features/external-parameter-entities", false);
            newInstance.setFeature("http://apache.org/xml/features/nonvalidating/load-external-dtd", false);
            newInstance.setXIncludeAware(false);
            newInstance.setExpandEntityReferences(false);
            return newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str))).getDocumentElement().getElementsByTagName("Encrypt").item(0).getTextContent();
        } catch (Exception e) {
            throw new BusinessException("XML解析失败", e);
        }
    }

    private static String onGenerate(String str, String str2, String str3, String str4) {
        return String.format("<xml>\n<Encrypt><![CDATA[%1$s]]></Encrypt>\n<MsgSignature><![CDATA[%2$s]]></MsgSignature>\n<TimeStamp>%3$s</TimeStamp>\n<Nonce><![CDATA[%4$s]]></Nonce>\n</xml>", str, str2, str3, str4);
    }

    private static String onSignature(String str, String str2, String str3, String str4) {
        try {
            String[] strArr = {str, str2, str3, str4};
            Arrays.sort(strArr);
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < 4; i++) {
                sb.append(strArr[i]);
            }
            return CryptoUtils.shaDigest(sb.toString());
        } catch (Exception e) {
            throw new BusinessException("SHA签名失败", e);
        }
    }

    public static WWTokenInfo accessToken(String str, String str2) {
        return (WWTokenInfo) OkHttpUtils.execute(OkHttpParam.builder().url(ACCESS_TOKEN).build().addQuery("corpid", str).addQuery("corpsecret", str2), WWTokenInfo.class);
    }

    public static WWTokenInfo accessToken() {
        return accessToken(WxworkConfiguration.getCorpid(), WxworkConfiguration.getSecret());
    }

    public static WWUserInfo code2UserInfo(String str, String str2) {
        return (WWUserInfo) OkHttpUtils.execute(OkHttpParam.builder().url(CODE2USERINFO).build().addQuery("access_token", str).addQuery("code", str2), WWUserInfo.class);
    }

    public static WWSession code2Session(String str, String str2) {
        return (WWSession) OkHttpUtils.execute(OkHttpParam.builder().url(CODE2SESSION).build().addQuery("access_token", str).addQuery("js_code", str2).addQuery("grant_type", "authorization_code"), WWSession.class);
    }

    public static WWRespond sendMessage(String str, Map<String, Object> map) {
        if (!map.containsKey("agentid") || Assert.isEmpty(map.get("agentid"))) {
            map.put("agentid", WxworkConfiguration.getAgentid());
        }
        return (WWRespond) OkHttpUtils.execute(OkHttpParam.builder().url(SEND_MESSAGE).method(HttpMethod.POST).formData(map).build().addQuery("access_token", str), WWRespond.class);
    }

    public static WWRespond sendMessage(String str, WWMessage wWMessage) {
        return sendMessage(str, OrikaUtils.beanToMap(wWMessage));
    }

    public static String encrypt(String str, String str2, String str3, String str4, String str5, String str6) {
        String onEncrypt = onEncrypt(str, str2, str4);
        return onGenerate(onEncrypt, onSignature(str3, str5, str6, onEncrypt), str5, str6);
    }

    public static String encrypt(String str, String str2, String str3) {
        return encrypt(WxworkConfiguration.getCorpid(), WxworkConfiguration.getAesKey(), WxworkConfiguration.getToken(), str, str2, str3);
    }

    public static String decrypt(String str, String str2, String str3, String str4, String str5, String str6, String str7) {
        String onExtract = onExtract(str7);
        if (onSignature(str3, str5, str6, onExtract).equals(str4)) {
            return onDecrypt(str, str2, onExtract);
        }
        throw new BusinessException("签名验证错误");
    }

    public static String decrypt(String str, String str2, String str3, String str4) {
        return decrypt(WxworkConfiguration.getCorpid(), WxworkConfiguration.getAesKey(), WxworkConfiguration.getToken(), str, str2, str3, str4);
    }

    public static String verify(String str, String str2, String str3, String str4, String str5, String str6, String str7) {
        if (onSignature(str3, str5, str6, str7).equals(str4)) {
            return onDecrypt(str, str2, str7);
        }
        throw new BusinessException("签名验证错误");
    }

    public static String verify(String str, String str2, String str3, String str4) {
        return verify(WxworkConfiguration.getCorpid(), WxworkConfiguration.getAesKey(), WxworkConfiguration.getToken(), str, str2, str3, str4);
    }
}
