package com.dtyunxi.tcbj.app.open.biz.auth.check;

import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.parser.Feature;
import com.dtyunxi.tcbj.app.open.biz.auth.ModeTypeEnum;
import com.dtyunxi.tcbj.app.open.biz.auth.ResultBo;
import com.dtyunxi.tcbj.app.open.biz.auth.ServletDataUtils;
import com.dtyunxi.tcbj.app.open.biz.auth.config.ThirdAuthProperties;
import com.dtyunxi.tcbj.app.open.biz.auth.filter.ContentRepeatableHttpServletRequestWrapper;
import com.dtyunxi.tcbj.app.open.biz.auth.sign.SignHelper;
import com.dtyunxi.tcbj.app.open.biz.auth.sign.dto.BasicSignDto;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.concurrent.ConcurrentHashMap;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.StringUtils;
import org.springframework.http.HttpMethod;

/* loaded from: input_file:com/dtyunxi/tcbj/app/open/biz/auth/check/HmacParamCheckImpl.class */
public class HmacParamCheckImpl implements ICheck {
    private final Map<String, String> instanceSecretMap = new ConcurrentHashMap();
    private final SignHelper signHelper;

    @Resource
    private ThirdAuthProperties properties;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.dtyunxi.tcbj.app.open.biz.auth.check.HmacParamCheckImpl$1, reason: invalid class name */
    /* loaded from: input_file:com/dtyunxi/tcbj/app/open/biz/auth/check/HmacParamCheckImpl$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$springframework$http$HttpMethod = new int[HttpMethod.values().length];

        static {
            try {
                $SwitchMap$org$springframework$http$HttpMethod[HttpMethod.POST.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$springframework$http$HttpMethod[HttpMethod.PUT.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$springframework$http$HttpMethod[HttpMethod.GET.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$springframework$http$HttpMethod[HttpMethod.DELETE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
        }
    }

    public HmacParamCheckImpl(SignHelper signHelper) {
        this.signHelper = signHelper;
    }

    @Override // com.dtyunxi.tcbj.app.open.biz.auth.check.ICheck
    public boolean supports(HttpServletRequest httpServletRequest) {
        return StringUtils.isNotBlank(httpServletRequest.getHeader("X-Yx-Signature"));
    }

    @Override // com.dtyunxi.tcbj.app.open.biz.auth.check.ICheck
    public ResultBo check(HttpServletRequest httpServletRequest) {
        return doCheck(httpServletRequest) ? ResultBo.successData() : ResultBo.build(false);
    }

    private boolean doCheck(HttpServletRequest httpServletRequest) {
        return ((Boolean) Optional.ofNullable(httpServletRequest.getHeader("X-Yx-Signature")).map(str -> {
            return isValid(httpServletRequest, str);
        }).orElse(false)).booleanValue();
    }

    private Boolean isValid(HttpServletRequest httpServletRequest, String str) {
        String header = httpServletRequest.getHeader("Application-Key");
        return (Boolean) Optional.ofNullable(getAppSecret(header)).filter(StringUtils::isNotBlank).map(str2 -> {
            BasicSignDto basicSignDto = new BasicSignDto();
            basicSignDto.setNonce(httpServletRequest.getHeader("X-Yx-Nonce"));
            basicSignDto.setTimestamp(httpServletRequest.getHeader("X-Yx-Timestamp"));
            basicSignDto.setAppSecret(str2);
            basicSignDto.setAppKey(header);
            basicSignDto.setReqParam(extractReqParam(httpServletRequest));
            return Boolean.valueOf(this.signHelper.sign(basicSignDto).equals(str));
        }).orElse(false);
    }

    private JSONObject extractReqParam(HttpServletRequest httpServletRequest) {
        if (ModeTypeEnum.ZERO.equals(ModeTypeEnum.resolve(this.properties.getModel()))) {
            return new JSONObject();
        }
        try {
            return doExtractReqParam(httpServletRequest);
        } catch (Exception e) {
            e.printStackTrace();
            return new JSONObject();
        }
    }

    private JSONObject doExtractReqParam(HttpServletRequest httpServletRequest) throws IOException {
        switch (AnonymousClass1.$SwitchMap$org$springframework$http$HttpMethod[((HttpMethod) Objects.requireNonNull(HttpMethod.resolve(httpServletRequest.getMethod()))).ordinal()]) {
            case 1:
            case 2:
                return JSONObject.parseObject(((ContentRepeatableHttpServletRequestWrapper) httpServletRequest).getBody(), new Feature[]{Feature.OrderedField});
            case 3:
            case 4:
                return (JSONObject) Optional.ofNullable(URLEncoder.encode(httpServletRequest.getQueryString(), "utf-8")).map(ServletDataUtils::urlParse).orElse(new JSONObject());
            default:
                return new JSONObject();
        }
    }

    private String getAppSecret(String str) {
        this.instanceSecretMap.putIfAbsent(str, loadAppSecret(str));
        return this.instanceSecretMap.get(str);
    }

    private String loadAppSecret(String str) {
        return this.properties.getAppKeyMap().getOrDefault(str, "");
    }
}
