package com.usoft.security.utils;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/usoft/security/utils/OpenApiSignUtil.class */
public class OpenApiSignUtil {
    public static final String SIGNATURE_KEY = "signature";
    private static final String HTTP_GET = "GET";
    private static final String ENCODE = "UTF-8";
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) OpenApiSignUtil.class);

    public static boolean verifySignForHttpGet(HttpServletRequest httpServletRequest, String str) throws NoSuchAlgorithmException, InvalidKeyException, IOException {
        if (httpServletRequest == null) {
            throw new RuntimeException("request不能为空");
        }
        String parameter = httpServletRequest.getParameter(SIGNATURE_KEY);
        if (parameter == null || parameter.trim().length() == 0) {
            throw new RuntimeException("signature为空");
        }
        String signForHttpGet = signForHttpGet(httpServletRequest, str);
        LOGGER.debug("[OpenApiSignUtil.verifySignForHttpGet]旧签名{}：新签名：{}", parameter, signForHttpGet);
        return parameter.equals(signForHttpGet);
    }

    public static boolean verifySignForJson(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        if (str == null || str.trim().length() == 0) {
            throw new RuntimeException("jsonBody不能为空");
        }
        String valueByJson = getValueByJson(str, SIGNATURE_KEY);
        if (valueByJson == null || valueByJson.trim().length() == 0) {
            throw new RuntimeException("signature为空");
        }
        String signForJson = signForJson(str, str2);
        LOGGER.debug("[OpenApiSignUtil.verifySignForJson]旧签名{}：新签名：{}", valueByJson, signForJson);
        return valueByJson.equals(signForJson);
    }

    public static String signForHttpGet(HttpServletRequest httpServletRequest, String str) throws NoSuchAlgorithmException, InvalidKeyException, IOException {
        if (httpServletRequest == null) {
            throw new RuntimeException("request不能为空");
        }
        if ("GET".equals(httpServletRequest.getMethod())) {
            return sign(getSrcByHttpGet(httpServletRequest), str);
        }
        throw new RuntimeException("只支持GET请求");
    }

    public static String signForJson(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        if (str == null || str.trim().length() == 0) {
            throw new RuntimeException("jsonBody不能为空");
        }
        return sign(getSrcByJson(str), str2);
    }

    public static String sign(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException, UnsupportedEncodingException {
        if (str == null || str.trim().length() == 0) {
            throw new RuntimeException("待签名字符串为空");
        }
        if (str2 == null || str2.trim().length() == 0) {
            throw new RuntimeException("密钥为空");
        }
        return HmacUtil.sign(str, str2, HmacUtil.HMAC_SHA256_ALGORITHM);
    }

    private static String getSrcByHttpGet(HttpServletRequest httpServletRequest) throws UnsupportedEncodingException {
        String parameter = httpServletRequest.getParameter(SIGNATURE_KEY);
        String decode = URLDecoder.decode(httpServletRequest.getQueryString(), "UTF-8");
        if (decode == null || decode.trim().length() == 0) {
            throw new RuntimeException("请求参数为空");
        }
        if (parameter == null || parameter.trim().length() == 0) {
            throw new RuntimeException("signature为空");
        }
        LOGGER.debug("[OpenApiSignUtil.getSrcByHttpGet]请求参数：{}", decode);
        String str = "signature=" + parameter;
        LOGGER.debug("[OpenApiSignUtil.getSrcByHttpGet]签名键值对:{}", str);
        int indexOf = decode.indexOf(str);
        if (indexOf == -1) {
            throw new RuntimeException("不存在signature键值对");
        }
        String replace = indexOf == 0 ? decode.replace(str + "&", "") : decode.replace("&" + str, "");
        LOGGER.debug("[OpenApiSignUtil.getSrcByHttpGet]待签名串：{}", replace);
        return replace;
    }

    private static String getSrcByJson(String str) {
        if (str == null || str.trim().length() == 0) {
            throw new RuntimeException("请求参数为空");
        }
        LOGGER.debug("[OpenApiSignUtil.getSrcByJson]请求参数：{}", str);
        String valueByJson = getValueByJson(str, SIGNATURE_KEY);
        if (valueByJson == null || valueByJson.trim().length() == 0) {
            throw new RuntimeException("不存在signature值");
        }
        LOGGER.debug("[OpenApiSignUtil.getSrcByJson]签名值:{}", valueByJson);
        String replace = str.replace(valueByJson, "");
        LOGGER.debug("[OpenApiSignUtil.getSrcByJson]待签名串：{}", replace);
        return replace;
    }

    private static String getValueByJson(String str, String str2) {
        if (str == null || str.trim().length() == 0) {
            throw new RuntimeException("jsonBody不能为空");
        }
        if (str2 == null || str2.trim().length() == 0) {
            throw new RuntimeException("Key不能为空");
        }
        JSONObject parseObject = JSON.parseObject(str);
        return parseObject.containsKey(str2) ? parseObject.getString(str2) : "";
    }
}
