package com.beiming.odr.peace.interceptor;

import com.beiming.framework.enums.APIResultCodeEnums;
import com.beiming.framework.redis.RedisService;
import com.beiming.framework.util.AssertUtils;
import com.beiming.framework.util.StringUtils;
import com.beiming.odr.peace.annotation.ExtrAccessAnnotation;
import com.beiming.odr.peace.common.constants.ExtConst;
import com.beiming.odr.peace.common.utils.SHAUtil;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

@Component
/* loaded from: input_file:WEB-INF/classes/com/beiming/odr/peace/interceptor/ExtAccessInterceptor.class */
public class ExtAccessInterceptor extends HandlerInterceptorAdapter {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) ExtAccessInterceptor.class);

    @Resource
    private RedisService redisService;
    private final String secretKey = "tdhqdhnc@*smupad";
    private final String secretAppid = "900978";
    private final String hbSecretKey = "hbsjzx@*zldj";
    private final String hbSecretAppid = "900979";
    private final String gsSecretKey = "hngs@*HLWKT#2024";
    private final String gsSecretAppid = "900980";

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        log.info("第三方请求进入验证.................");
        HashMap hashMap = new HashMap();
        Enumeration<String> headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String nextElement = headerNames.nextElement();
            hashMap.put(nextElement, httpServletRequest.getHeader(nextElement));
        }
        log.info("request header = {}", hashMap);
        httpServletResponse.setStatus(200);
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        if (!(obj instanceof HandlerMethod)) {
            return true;
        }
        HandlerMethod handlerMethod = (HandlerMethod) obj;
        ExtrAccessAnnotation extrAccessAnnotation = (ExtrAccessAnnotation) Optional.ofNullable(handlerMethod.getMethod().getAnnotation(ExtrAccessAnnotation.class)).orElseGet(() -> {
            return (ExtrAccessAnnotation) handlerMethod.getClass().getAnnotation(ExtrAccessAnnotation.class);
        });
        if (extrAccessAnnotation == null) {
            return true;
        }
        if (extrAccessAnnotation.verifyAppId()) {
            String str = hashMap.get(ExtConst.APP_ID);
            log.info("===============secretAppid.equals(appId)=========================" + "900978".equals(str));
            log.info("===============hbSecretAppid.equals(appId)=========================" + "900979".equals(str));
            log.info("===============gsSecretAppid.equals(appId)=========================" + "900980".equals(str));
            if (!"900978".equals(str) && !"900979".equals(str) && !"900980".equals(str)) {
                AssertUtils.assertTrue(false, APIResultCodeEnums.ACCESS_DENIED, APIResultCodeEnums.ACCESS_DENIED.desc());
            }
        }
        if (extrAccessAnnotation.verifySign()) {
            verifySign(hashMap);
        }
        if (!extrAccessAnnotation.verifyToken()) {
            return true;
        }
        verifyToken(hashMap);
        return true;
    }

    private void verifyToken(Map<String, String> map) {
        String str = map.get(ExtConst.APP_ID);
        String str2 = map.get("token");
        String str3 = (String) this.redisService.getRedisTemplate().opsForValue().get("THIRD_PARTY_TOKEN_" + str);
        log.info(str2 + "=================token=======================" + str3);
        AssertUtils.assertTrue(StringUtils.isNotBlank(str2) && StringUtils.isEquals(str2, str3), APIResultCodeEnums.AUTH_TOKEN_EXPIRE, APIResultCodeEnums.AUTH_TOKEN_EXPIRE.desc());
    }

    private void verifySign(Map<String, String> map) {
        String str = map.get(ExtConst.APP_ID);
        String str2 = map.get("timestamp");
        String str3 = map.get(ExtConst.SIGNATURE);
        StringBuffer stringBuffer = new StringBuffer();
        log.info("tdhSign timestamp:{},appId:{},signature:{}", str2, str, "tdhqdhnc@*smupad");
        stringBuffer.append(str2).append("900978").append("tdhqdhnc@*smupad");
        String stringBuffer2 = stringBuffer.toString();
        StringBuffer stringBuffer3 = new StringBuffer();
        log.info("hbSign timestamp:{},appId:{},signature:{}", str2, str, "hbsjzx@*zldj");
        stringBuffer3.append(str2).append("900979").append("hbsjzx@*zldj");
        String stringBuffer4 = stringBuffer3.toString();
        StringBuffer stringBuffer5 = new StringBuffer();
        log.info("hbSign timestamp:{},appId:{},signature:{}", str2, str, "hngs@*HLWKT#2024");
        stringBuffer5.append(str2).append("900980").append("hngs@*HLWKT#2024");
        String stringBuffer6 = stringBuffer5.toString();
        ArrayList arrayList = new ArrayList();
        arrayList.add(SHAUtil.getSHA256Str(stringBuffer2));
        arrayList.add(SHAUtil.getSHA256Str(stringBuffer4));
        arrayList.add(SHAUtil.getSHA256Str(stringBuffer6));
        AssertUtils.assertTrue(arrayList.contains(str3), APIResultCodeEnums.ACCESS_DENIED, APIResultCodeEnums.ACCESS_DENIED.desc());
    }
}
