package com.beiming.odr.usergateway.help;

import com.alibaba.fastjson.JSONObject;
import com.beiming.framework.domain.APIResult;
import com.beiming.odr.referee.annotation.AESEncryptAnnotation;
import com.beiming.odr.referee.context.ThirdpartyAppContextHolder;
import com.beiming.odr.referee.dto.responsedto.ThirdPartyConfigResDTO;
import com.beiming.odr.referee.dto.thirdparty.ObjectResult;
import com.beiming.odr.usergateway.annotation.RsaSecurity;
import com.beiming.odr.usergateway.common.utils.AESUtil;
import com.beiming.odr.usergateway.config.SecurityProperties;
import com.beiming.odr.usergateway.util.RsaUtils;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.lang.reflect.Method;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Random;
import javax.validation.constraints.NotNull;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;

@ControllerAdvice
/* loaded from: input_file:WEB-INF/classes/com/beiming/odr/usergateway/help/ResponseBodyWrapper.class */
public class ResponseBodyWrapper implements ResponseBodyAdvice<Object> {
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) ResponseBodyWrapper.class);
    private static final String PRIVATE_KEY_NAME = "x-s-pk";
    public static final String IF_RSA_DECODED = "x-s-o";
    private final SecurityProperties properties;

    @Override // org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice
    public boolean supports(MethodParameter methodParameter, @NotNull Class cls) {
        return true;
    }

    public ResponseBodyWrapper(SecurityProperties securityProperties) {
        this.properties = securityProperties;
    }

    @Override // org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice
    public Object beforeBodyWrite(Object obj, @NotNull MethodParameter methodParameter, @NotNull MediaType mediaType, @NotNull Class cls, @NotNull ServerHttpRequest serverHttpRequest, @NotNull ServerHttpResponse serverHttpResponse) {
        Object beforeBody = beforeBody(obj, methodParameter, mediaType, cls, serverHttpRequest, serverHttpResponse);
        boolean z = (((Method) Objects.requireNonNull(methodParameter.getMethod())).isAnnotationPresent(RsaSecurity.class) && ((RsaSecurity) Objects.requireNonNull(methodParameter.getMethodAnnotation(RsaSecurity.class))).outEncode()) || (methodParameter.getMethod().getDeclaringClass().isAnnotationPresent(RsaSecurity.class) && ((RsaSecurity) methodParameter.getDeclaringClass().getAnnotation(RsaSecurity.class)).outEncode());
        if (!z) {
            return beforeBody;
        }
        if (!z || !this.properties.getResponseForceEncode().booleanValue() || !StringUtils.isNotEmpty(serverHttpRequest.getHeaders().getFirst(IF_RSA_DECODED)) || !StringUtils.isNotEmpty(serverHttpRequest.getHeaders().getFirst(IF_RSA_DECODED)) || !serverHttpRequest.getHeaders().getFirst(IF_RSA_DECODED).equals("RSA")) {
            return (z && (this.properties.getResponseForceEncode().booleanValue() || StringUtils.isNotEmpty(serverHttpRequest.getHeaders().getFirst(IF_RSA_DECODED)) || StringUtils.isNotEmpty(serverHttpRequest.getHeaders().getFirst(IF_RSA_DECODED)))) ? encodeAES(methodParameter, beforeBody, serverHttpResponse) : beforeBody;
        }
        LOGGER.info("对方法method :【" + ((Method) Objects.requireNonNull(methodParameter.getMethod())).getName() + "】返回数据进行加密");
        return encodeRsa(methodParameter, beforeBody, serverHttpResponse);
    }

    public Object beforeBody(Object obj, MethodParameter methodParameter, MediaType mediaType, Class<? extends HttpMessageConverter<?>> cls, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
        if (serverHttpRequest.getURI().getPath().indexOf("swagger") > -1 || serverHttpRequest.getURI().getPath().indexOf("v2/api-docs") > -1) {
            return obj;
        }
        if (serverHttpRequest.getURI().getPath().indexOf("/extra") > -1) {
            return extraReturn(obj, methodParameter);
        }
        if (obj != null && (obj instanceof APIResult)) {
            return obj;
        }
        Object success = APIResult.success(obj);
        if (methodParameter.getMethod().getReturnType() == String.class || (obj != null && (obj instanceof String))) {
            success = JSONObject.toJSONString(success);
        }
        return success;
    }

    private Object extraReturn(Object obj, MethodParameter methodParameter) {
        if (obj != null && (obj instanceof APIResult)) {
            return obj;
        }
        AESEncryptAnnotation aESEncryptAnnotation = (AESEncryptAnnotation) Optional.ofNullable(methodParameter.getMethodAnnotation(AESEncryptAnnotation.class)).orElseGet(() -> {
            return (AESEncryptAnnotation) methodParameter.getContainingClass().getClass().getAnnotation(AESEncryptAnnotation.class);
        });
        Boolean valueOf = Boolean.valueOf(Objects.isNull(aESEncryptAnnotation) ? false : aESEncryptAnnotation.isEncrypt());
        ThirdPartyConfigResDTO app = ThirdpartyAppContextHolder.getApp();
        if (Objects.nonNull(app) && valueOf.booleanValue()) {
            obj = AESUtil.encrypt(JSONObject.toJSONString(obj), app.getAppSecret());
        }
        ObjectResult success = ObjectResult.success(obj);
        return (methodParameter.getMethod().getReturnType() == String.class || (obj != null && (obj instanceof String))) ? JSONObject.toJSONString(success) : success;
    }

    private Object encodeAES(MethodParameter methodParameter, Object obj, ServerHttpResponse serverHttpResponse) {
        ObjectMapper objectMapper = new ObjectMapper();
        try {
            serverHttpResponse.getHeaders().add("Access-Control-Expose-Headers", PRIVATE_KEY_NAME);
            String aesKey = this.properties.getAesKey();
            int nextInt = new Random().nextInt(4);
            String uuid = getUUID();
            serverHttpResponse.getHeaders().add(PRIVATE_KEY_NAME, getUUID().substring(0, 4) + uuid + getUUID().substring(0, nextInt));
            String writeValueAsString = objectMapper.writeValueAsString(obj);
            System.out.println(writeValueAsString);
            return com.beiming.odr.usergateway.util.AESUtil.hexEncrypt(writeValueAsString, aesKey, uuid);
        } catch (Exception e) {
            e.printStackTrace();
            LOGGER.error("对方法method :【" + ((Method) Objects.requireNonNull(methodParameter.getMethod())).getName() + "】返回数据进行加密出现异常：" + e.getMessage());
            return obj;
        }
    }

    private Object encodeRsa(MethodParameter methodParameter, Object obj, ServerHttpResponse serverHttpResponse) {
        ObjectMapper objectMapper = new ObjectMapper();
        try {
            Map<String, Object> genKeyPair = RsaUtils.genKeyPair();
            String privateKey = RsaUtils.getPrivateKey(genKeyPair);
            String publicKey = RsaUtils.getPublicKey(genKeyPair);
            serverHttpResponse.getHeaders().add("Access-Control-Expose-Headers", PRIVATE_KEY_NAME);
            serverHttpResponse.getHeaders().add(PRIVATE_KEY_NAME, privateKey);
            return RsaUtils.encryptedDataOnJava(Base64.getEncoder().encodeToString(objectMapper.writeValueAsString(obj).getBytes("UTF-8")), publicKey);
        } catch (Exception e) {
            e.printStackTrace();
            LOGGER.error("对方法method :【" + ((Method) Objects.requireNonNull(methodParameter.getMethod())).getName() + "】返回数据进行加密出现异常：" + e.getMessage());
            return obj;
        }
    }

    private String getUUID() {
        StringBuilder sb = new StringBuilder();
        SecureRandom secureRandom = new SecureRandom();
        for (int i = 0; i < 16; i++) {
            switch (secureRandom.nextInt(3)) {
                case 0:
                    sb.append(secureRandom.nextInt(10));
                    break;
                case 1:
                    sb.append((char) (secureRandom.nextInt(25) + 65));
                    break;
                case 2:
                    sb.append((char) (secureRandom.nextInt(25) + 97));
                    break;
            }
        }
        return sb.toString();
    }
}
