package com.jhscale.security.zuul.signature.filter;

import com.jhscale.common.exception.GeneralInternation;
import com.jhscale.common.exception.SignatureException;
import com.jhscale.common.model.http.JRequest;
import com.jhscale.common.utils.MD5Utils;
import com.jhscale.security.component.consensus.exp.ConsenseException;
import com.jhscale.security.component.consensus.exp.ConsenseInternational;
import com.jhscale.security.component.consensus.utils.HeadUtils;
import com.jhscale.security.component.consensus.utils.HttpUtils;
import com.jhscale.security.component.zuul.FilterUtils;
import com.jhscale.security.component.zuul.ZuulComponentConstants;
import com.jhscale.security.zuul.signature.config.SignatureConfig;
import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import com.ysscale.framework.utils.JSONUtils;
import java.util.Map;
import java.util.Objects;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/jhscale/security/zuul/signature/filter/SignatureFilter.class */
public class SignatureFilter extends ZuulFilter {
    private static final Logger log = LoggerFactory.getLogger(SignatureFilter.class);

    @Autowired
    private SignatureConfig signatureConfig;

    public String filterType() {
        return "pre";
    }

    public int filterOrder() {
        return ZuulComponentConstants.SIGNATURE_ORDER_FILTER_ORDER.intValue();
    }

    public boolean shouldFilter() {
        RequestContext currentContext = RequestContext.getCurrentContext();
        return !Objects.nonNull(currentContext.get("hard-break")) && this.signatureConfig.isOpen() && Objects.nonNull(currentContext.get("X-Equipment-Key"));
    }

    public Object run() throws ZuulException {
        RequestContext currentContext = RequestContext.getCurrentContext();
        HttpServletRequest request = currentContext.getRequest();
        String obj = RequestContext.getCurrentContext().get("X-Equipment-Key").toString();
        log.debug("开始签名验证 Key:{}", obj);
        String method = request.getMethod();
        try {
            if ("GET".equalsIgnoreCase(method)) {
                String headContent = HeadUtils.getHeadContent(request, "X-Equipment-Secret");
                if (StringUtils.isBlank(headContent)) {
                    throw new ConsenseException(450, ConsenseInternational.设备密钥不存在);
                }
                if (!headContent.equals(obj)) {
                    throw new ConsenseException(450, ConsenseInternational.设备密钥无效);
                }
            } else {
                String readData = HttpUtils.readData(request);
                log.debug("请求方式：{}，参数内容：{}", method, readData);
                if (StringUtils.isBlank(readData)) {
                    throw new ConsenseException(450, ConsenseInternational.请求参数不存在);
                }
                JRequest jRequest = (JRequest) JSONUtils.jsonToPojo(readData, JRequest.class);
                if (Objects.isNull(jRequest)) {
                    throw new ConsenseException(450, ConsenseInternational.请求参数无效);
                }
                jRequest.checkPackage(obj, this.signatureConfig.getSingnatureInvalidTime());
                String bulidSourceSignature = MD5Utils.bulidSourceSignature((Map) JSONUtils.jsonToPojo(readData, Map.class), obj);
                log.debug("服务器解析签名源码：{}", bulidSourceSignature);
                String bulidMD5Signature = MD5Utils.bulidMD5Signature(bulidSourceSignature);
                log.debug("服务器还原MD5签名：{}，请求签名：{}", bulidMD5Signature, jRequest.getSign());
                if (!jRequest.getSign().equals(bulidMD5Signature)) {
                    throw new SignatureException(GeneralInternation.签名无效);
                }
            }
            return null;
        } catch (SignatureException e) {
            log.error("签名检查异常：{}", e.getMessage());
            FilterUtils.fail(450, currentContext, e);
            return null;
        } catch (ConsenseException e2) {
            log.error("签名参数异常：{}", e2.getMessage());
            FilterUtils.fail(e2.getResponseCode(), currentContext, e2);
            return null;
        }
    }
}
