package com.gitee.cardoon.ms.web.interceptor;

import com.gitee.cardoon.ms.common.enums.ResultCode;
import com.gitee.cardoon.ms.common.util.AssertUtils;
import com.gitee.cardoon.ms.common.util.BeanUtils;
import com.gitee.cardoon.ms.common.util.LambdaUtils;
import com.gitee.cardoon.ms.common.util.ServletUtils;
import com.gitee.cardoon.ms.common.util.SignUtils;
import com.gitee.cardoon.ms.redis.service.RedisService;
import com.gitee.cardoon.ms.web.annotation.NotSign;
import com.gitee.cardoon.ms.web.annotation.Sign;
import com.gitee.cardoon.ms.web.properties.ApiProperties;
import com.gitee.cardoon.ms.web.service.ApiService;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.context.request.ServletWebRequest;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.HandlerMapping;

/* loaded from: input_file:com/gitee/cardoon/ms/web/interceptor/SignInterceptor.class */
public class SignInterceptor implements HandlerInterceptor {
    private static final String APP_ID = "appId";
    private static final String SIGN = "sign";
    private static final String TIMESTAMP = "timestamp";
    private static final String NONCE = "nonce";
    private static final String CACHE_KEY_PREFIX = "api:sign:";
    private String applicationName;
    private Integer serverPort;
    private ApiProperties apiProperties;
    private RedisService redisService;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        if (!(obj instanceof HandlerMethod) || !checkSign((HandlerMethod) obj).booleanValue()) {
            return true;
        }
        String parameter = httpServletRequest.getParameter(APP_ID);
        String parameter2 = httpServletRequest.getParameter(SIGN);
        String parameter3 = httpServletRequest.getParameter(TIMESTAMP);
        String parameter4 = httpServletRequest.getParameter(NONCE);
        AssertUtils.state(StringUtils.isEmpty(parameter) || StringUtils.isEmpty(parameter2) || StringUtils.isEmpty(parameter3) || StringUtils.isEmpty(parameter4), ResultCode.API_PARAM_ERROR);
        ApiProperties apiProperties = null;
        ApiService apiService = (ApiService) BeanUtils.getBean(ApiService.class);
        if (apiService != null) {
            apiProperties = apiService.getApiProperties(parameter);
        }
        if (apiProperties != null) {
            this.apiProperties = apiProperties;
        }
        AssertUtils.state(!this.apiProperties.getAppId().equals(parameter), ResultCode.API_APP_KEY_ERROR);
        long intValue = this.apiProperties.getSign().getExpire().intValue();
        AssertUtils.state(System.currentTimeMillis() - Long.valueOf(parameter3).longValue() > intValue, ResultCode.API_REQUEST_TIMEOUT);
        String key = LambdaUtils.getKey(new Object[]{this.applicationName, this.serverPort, CACHE_KEY_PREFIX, parameter4});
        AssertUtils.state(StringUtils.isNotEmpty((String) this.redisService.get(key)), ResultCode.API_REQUEST_REPLAY);
        Map map = (Map) new ServletWebRequest(httpServletRequest).getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE, 0);
        Map parameter5 = ServletUtils.getParameter(httpServletRequest);
        parameter5.keySet().removeIf(str -> {
            return str.equals(SIGN);
        });
        AssertUtils.state(!SignUtils.sign(map, parameter5, ServletUtils.getBody(httpServletRequest), this.apiProperties.getAppSecret()).equals(parameter2), ResultCode.API_SIGN_ERROR);
        this.redisService.set(key, parameter4, intValue, TimeUnit.MILLISECONDS);
        return true;
    }

    private Boolean checkSign(HandlerMethod handlerMethod) {
        if (handlerMethod.getMethod().getDeclaringClass().isAnnotationPresent(Sign.class) || handlerMethod.getMethod().isAnnotationPresent(Sign.class)) {
            return true;
        }
        if (handlerMethod.getMethod().getDeclaringClass().isAnnotationPresent(NotSign.class) || handlerMethod.getMethod().isAnnotationPresent(NotSign.class)) {
            return false;
        }
        return this.apiProperties.getSign().getOpen();
    }

    public void setApplicationName(String str) {
        this.applicationName = str;
    }

    public void setServerPort(Integer num) {
        this.serverPort = num;
    }

    public void setApiProperties(ApiProperties apiProperties) {
        this.apiProperties = apiProperties;
    }

    public void setRedisService(RedisService redisService) {
        this.redisService = redisService;
    }
}
