package org.redkalex.weixin;

import java.io.IOException;
import java.lang.reflect.Type;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.util.Arrays;
import java.util.Base64;
import java.util.Map;
import java.util.Random;
import java.util.function.Supplier;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Resource;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.redkale.convert.json.JsonConvert;
import org.redkale.net.WorkThread;
import org.redkale.service.Local;
import org.redkale.service.Service;
import org.redkale.util.AutoLoad;
import org.redkale.util.ByteArray;
import org.redkale.util.TypeToken;
import org.redkale.util.Utility;

@Local
@AutoLoad(false)
/* loaded from: input_file:org/redkalex/weixin/WeiXinQYService.class */
public class WeiXinQYService implements Service {
    private static final String BASE = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
    private static final Charset CHARSET = Charset.forName("UTF-8");
    private static final Random RANDOM = new Random();
    protected static final Type MAPTYPE = new TypeToken<Map<String, String>>() { // from class: org.redkalex.weixin.WeiXinQYService.1
    }.getType();

    @Resource
    protected JsonConvert convert;
    private SecretKeySpec qykeyspec;
    private IvParameterSpec qyivspec;
    protected final Logger logger = Logger.getLogger(getClass().getSimpleName());
    private final boolean finest = this.logger.isLoggable(Level.FINEST);
    private final boolean finer = this.logger.isLoggable(Level.FINER);

    @Resource(name = "property.wxqy.token")
    protected String qytoken = "";

    @Resource(name = "property.wxqy.corpid")
    protected String qycorpid = "wxYYYYYYYYYYYYYYYY";

    @Resource(name = "property.wxqy.aeskey")
    protected String qyaeskey = "";

    @Resource(name = "property.wxqy.secret")
    private String qysecret = "#########################";
    private final Token qyAccessToken = new Token();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/redkalex/weixin/WeiXinQYService$Token.class */
    public static class Token {
        public String token;
        public long expires;
        public long accesstime;

        private Token() {
            this.expires = 7100000L;
        }
    }

    public Map<String, String> getQYUserCode(String str, String str2) throws IOException {
        String str3 = "https://qyapi.weixin.qq.com/cgi-bin/user/getuserinfo?access_token=" + getQYAccessToken() + "&code=" + str + "&agentid=" + str2;
        String httpContent = Utility.getHttpContent(str3);
        if (this.finest) {
            this.logger.finest(str3 + "--->" + httpContent);
        }
        return (Map) this.convert.convertFrom(MAPTYPE, httpContent);
    }

    public void sendQYTextMessage(String str, String str2) {
        sendQYMessage(new WeiXinQYMessage(str, str2));
    }

    public void sendQYTextMessage(String str, Supplier<String> supplier) {
        sendQYMessage(new WeiXinQYMessage(str, supplier));
    }

    public void sendQYMessage(WeiXinQYMessage weiXinQYMessage) {
        runAsync(() -> {
            String str = null;
            try {
                weiXinQYMessage.supplyContent();
                if (weiXinQYMessage.getText() == null) {
                    return;
                }
                str = Utility.postHttpContent("https://qyapi.weixin.qq.com/cgi-bin/message/send?access_token=" + getQYAccessToken(), this.convert.convertTo(weiXinQYMessage));
                if (this.finest) {
                    this.logger.finest("sendQYMessage ok: " + weiXinQYMessage + " -> " + str);
                }
            } catch (Exception e) {
                this.logger.log(Level.WARNING, "sendQYMessage error: " + weiXinQYMessage + " -> " + str, (Throwable) e);
            }
        });
    }

    public String verifyQYURL(String str, String str2, String str3, String str4) {
        if (sha1(this.qytoken, str2, str3, str4).equals(str)) {
            return decryptQY(str4);
        }
        throw new RuntimeException("signature verification error");
    }

    protected String getQYAccessToken() throws IOException {
        if (this.qyAccessToken.accesstime < System.currentTimeMillis() - this.qyAccessToken.expires) {
            this.qyAccessToken.token = null;
        }
        if (this.qyAccessToken.token == null) {
            String str = "https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=" + this.qycorpid + "&corpsecret=" + this.qysecret;
            String httpContent = Utility.getHttpContent(str);
            if (this.finest) {
                this.logger.finest(str + "--->" + httpContent);
            }
            Map map = (Map) this.convert.convertFrom(MAPTYPE, httpContent);
            this.qyAccessToken.accesstime = System.currentTimeMillis();
            this.qyAccessToken.token = (String) map.get("access_token");
            if (((String) map.get("expires_in")) != null) {
                this.qyAccessToken.expires = (Integer.parseInt(r0) - 100) * 1000;
            }
        }
        return this.qyAccessToken.token;
    }

    protected String encryptQYMessage(String str, String str2, String str3) {
        String encryptQY = encryptQY(random16String(), str);
        if (str2 == null || str2.isEmpty()) {
            str2 = Long.toString(System.currentTimeMillis());
        }
        return "<xml>\n<Encrypt><![CDATA[" + encryptQY + "]]></Encrypt>\n<MsgSignature><![CDATA[" + sha1(this.qytoken, str2, str3, encryptQY) + "]]></MsgSignature>\n<TimeStamp>" + str2 + "</TimeStamp>\n<Nonce><![CDATA[" + str3 + "]]></Nonce>\n</xml>";
    }

    protected String decryptQYMessage(String str, String str2, String str3, String str4) {
        String substring = str4.substring(str4.indexOf("<Encrypt><![CDATA[") + "<Encrypt><![CDATA[".length(), str4.indexOf("]]></Encrypt>"));
        if (sha1(this.qytoken, str2, str3, substring).equals(str)) {
            return decryptQY(substring);
        }
        throw new RuntimeException("signature verification error");
    }

    protected String encryptQY(String str, String str2) {
        ByteArray byteArray = new ByteArray();
        byte[] bytes = str.getBytes(CHARSET);
        byte[] bytes2 = str2.getBytes(CHARSET);
        byte[] bytes3 = this.qycorpid.getBytes(CHARSET);
        byteArray.write(bytes);
        byteArray.writeInt(bytes2.length);
        byteArray.write(bytes2);
        byteArray.write(bytes3);
        byteArray.write(encodePKCS7(byteArray.size()));
        try {
            return Base64.getEncoder().encodeToString(createQYCipher(1).doFinal(byteArray.directBytes(), 0, byteArray.size()));
        } catch (Exception e) {
            throw new RuntimeException("AES加密失败", e);
        }
    }

    protected String decryptQY(String str) {
        try {
            try {
                byte[] decodePKCS7 = decodePKCS7(createQYCipher(2).doFinal(Base64.getDecoder().decode(str)));
                int i = ((decodePKCS7[16] & 255) << 24) | ((decodePKCS7[17] & 255) << 16) | ((decodePKCS7[18] & 255) << 8) | (decodePKCS7[19] & 255);
                if (this.qycorpid.equals(new String(decodePKCS7, 20 + i, (decodePKCS7.length - 20) - i, CHARSET))) {
                    return new String(decodePKCS7, 20, i, CHARSET);
                }
                throw new RuntimeException("corpid校验失败");
            } catch (RuntimeException e) {
                if (e.getMessage().contains("corpid")) {
                    throw e;
                }
                throw new RuntimeException("解密后得到的buffer非法", e);
            }
        } catch (Exception e2) {
            throw new RuntimeException("AES解密失败", e2);
        }
    }

    protected Cipher createQYCipher(int i) throws Exception {
        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        if (this.qykeyspec == null) {
            byte[] decode = Base64.getDecoder().decode(this.qyaeskey + "=");
            this.qykeyspec = new SecretKeySpec(decode, "AES");
            this.qyivspec = new IvParameterSpec(decode, 0, 16);
        }
        cipher.init(i, this.qykeyspec, this.qyivspec);
        return cipher;
    }

    protected void runAsync(Runnable runnable) {
        WorkThread currentThread = Thread.currentThread();
        if (currentThread instanceof WorkThread) {
            currentThread.runAsync(runnable);
        } else {
            runnable.run();
        }
    }

    protected static String random16String() {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < 16; i++) {
            sb.append(BASE.charAt(RANDOM.nextInt(BASE.length())));
        }
        return sb.toString();
    }

    protected static String sha1(String... strArr) {
        try {
            Arrays.sort(strArr);
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            for (String str : strArr) {
                messageDigest.update(str.getBytes());
            }
            return Utility.binToHexString(messageDigest.digest());
        } catch (Exception e) {
            throw new RuntimeException("SHA encryption to generate signature failure", e);
        }
    }

    private static byte[] encodePKCS7(int i) {
        int i2 = 32 - (i % 32);
        if (i2 == 0) {
            i2 = 32;
        }
        char c = (char) ((byte) (i2 & 255));
        StringBuilder sb = new StringBuilder();
        for (int i3 = 0; i3 < i2; i3++) {
            sb.append(c);
        }
        return sb.toString().getBytes(CHARSET);
    }

    private static byte[] decodePKCS7(byte[] bArr) {
        byte b = bArr[bArr.length - 1];
        if (b < 1 || b > 32) {
            b = 0;
        }
        return Arrays.copyOfRange(bArr, 0, bArr.length - b);
    }
}
