package net.dragonshard.dsf.data.secret.advice;

import com.google.common.collect.Sets;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.lang.reflect.Type;
import java.nio.charset.Charset;
import java.security.Provider;
import java.util.Set;
import net.dragonshard.dsf.data.secret.algorithm.RequestAESDecrypt;
import net.dragonshard.dsf.data.secret.algorithm.RequestRSADecrypt;
import net.dragonshard.dsf.data.secret.algorithm.key.AESKey;
import net.dragonshard.dsf.data.secret.algorithm.key.RSAKey;
import net.dragonshard.dsf.data.secret.annotation.SecretBody;
import net.dragonshard.dsf.data.secret.configuration.property.AESProperties;
import net.dragonshard.dsf.data.secret.configuration.property.RSAProperties;
import net.dragonshard.dsf.data.secret.exception.SecretRequestDecryptException;
import net.dragonshard.dsf.data.secret.model.SecretHttpMessage;
import net.dragonshard.dsf.web.core.common.WebCoreConstants;
import net.dragonshard.dsf.web.core.enums.DsfErrorCodeEnum;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.core.MethodParameter;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.util.StreamUtils;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdviceAdapter;

@ControllerAdvice
@ConditionalOnProperty(prefix = "dragonshard.secret", name = {"enabled"}, matchIfMissing = true)
@Order(1)
/* loaded from: input_file:net/dragonshard/dsf/data/secret/advice/SecretRequestAdvice.class */
public class SecretRequestAdvice extends RequestBodyAdviceAdapter {
    private static final Logger log = LoggerFactory.getLogger(SecretRequestAdvice.class);

    @Autowired
    private AESProperties aesProperties;

    @Autowired
    private RSAProperties rsaProperties;
    private final Set<String> ALGORITHM_SET = Sets.newHashSet(new String[]{WebCoreConstants.SECRET.ALGORITHM_AES, WebCoreConstants.SECRET.ALGORITHM_RSA});

    private boolean supportSecretRequest(MethodParameter methodParameter) {
        Annotation annotation = methodParameter.getContainingClass().getAnnotation(SecretBody.class);
        SecretBody secretBody = (SecretBody) methodParameter.getMethodAnnotation(SecretBody.class);
        if (annotation == null && secretBody == null) {
            return false;
        }
        if (annotation != null && (((SecretBody) annotation).exclude() || notSupportAlgorithm(((SecretBody) annotation).value()))) {
            return false;
        }
        return !(secretBody != null && (secretBody.exclude() || notSupportAlgorithm(secretBody.value())));
    }

    public boolean supports(MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> cls) {
        return supportSecretRequest(methodParameter);
    }

    public HttpInputMessage beforeBodyRead(HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> cls) throws IOException {
        String decryptBody = decryptBody(httpInputMessage, methodParameter);
        if (decryptBody == null) {
            throw new SecretRequestDecryptException(DsfErrorCodeEnum.SECRET_DECRYPT_BODY_FAIL.msg());
        }
        return new SecretHttpMessage(new ByteArrayInputStream(decryptBody.getBytes()), httpInputMessage.getHeaders());
    }

    private String decryptBody(HttpInputMessage httpInputMessage, MethodParameter methodParameter) {
        try {
            String copyToString = StreamUtils.copyToString(httpInputMessage.getBody(), Charset.defaultCharset());
            if (log.isDebugEnabled()) {
                log.debug("Decrypt body for input > {}", copyToString);
            }
            SecretBody algorithmValue = getAlgorithmValue(methodParameter);
            if (algorithmValue == null) {
                return copyToString;
            }
            String value = algorithmValue.value();
            String ciphertextType = algorithmValue.ciphertextType();
            if (WebCoreConstants.SECRET.ALGORITHM_AES.equalsIgnoreCase(value)) {
                return new RequestAESDecrypt(ciphertextType, new AESKey(this.aesProperties.getKey())).decryptBody(copyToString);
            }
            if (!WebCoreConstants.SECRET.ALGORITHM_RSA.equalsIgnoreCase(value)) {
                return null;
            }
            RSAKey rSAKey = new RSAKey(this.rsaProperties.getPublicKey(), this.rsaProperties.getPrivateKey(), this.rsaProperties.getModulus(), null);
            Class<? extends Provider>[] providerClass = algorithmValue.providerClass();
            if (providerClass.length > 0) {
                rSAKey.setProviderClass(providerClass[0]);
            }
            return new RequestRSADecrypt(ciphertextType, rSAKey).decryptBody(copyToString);
        } catch (Exception e) {
            log.warn(e.getMessage());
            return null;
        }
    }

    private SecretBody getAlgorithmValue(MethodParameter methodParameter) {
        SecretBody secretBody = (SecretBody) methodParameter.getMethodAnnotation(SecretBody.class);
        if (secretBody != null && !secretBody.exclude()) {
            return secretBody;
        }
        Annotation annotation = methodParameter.getContainingClass().getAnnotation(SecretBody.class);
        if (annotation != null) {
            return (SecretBody) annotation;
        }
        return null;
    }

    private boolean notSupportAlgorithm(String str) {
        return !this.ALGORITHM_SET.contains(str.toUpperCase());
    }
}
