package com.ztesoft.zsmart.nros.base.aspect;

import com.alibaba.fastjson.JSON;
import com.github.pagehelper.util.StringUtil;
import com.ztesoft.zsmart.nros.base.constant.BaseConstant;
import com.ztesoft.zsmart.nros.base.exception.AppSecretException;
import com.ztesoft.zsmart.nros.base.exception.BusiException;
import com.ztesoft.zsmart.nros.base.util.BizHttpHeader;
import com.ztesoft.zsmart.nros.base.util.CryptoUtil;
import com.ztesoft.zsmart.nros.base.util.RuntimeContext;
import com.ztesoft.zsmart.nros.base.util.UrlUtil;
import com.ztesoft.zsmart.nros.base.util.paas.CacheUtils;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.annotation.Order;
import org.springframework.http.HttpStatus;
import org.springframework.stereotype.Component;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.context.request.RequestContextHolder;

@Aspect
@Component
@Order(1)
/* loaded from: input_file:com/ztesoft/zsmart/nros/base/aspect/AppSecretAspect.class */
public class AppSecretAspect {
    private Logger logger = LoggerFactory.getLogger(AppSecretAspect.class);

    @Autowired
    private CacheUtils cacheUtils;

    @Value("${without.oauth.url.list:}")
    private String withoutOauthUrlArr;

    @Pointcut("@within(com.ztesoft.zsmart.nros.base.annotation.AppSecretController)")
    public void pointCut() {
    }

    @Around("pointCut()")
    public Object around(ProceedingJoinPoint proceedingJoinPoint) {
        HttpServletRequest request = RequestContextHolder.getRequestAttributes().getRequest();
        String requestURI = request.getRequestURI() != null ? request.getRequestURI() : "";
        logBeforeProceed(proceedingJoinPoint, request, requestURI);
        getAppInfoFromRequest(request);
        if (!Arrays.asList(this.withoutOauthUrlArr.split(",")).contains(requestURI)) {
            StringBuilder sb = new StringBuilder();
            sb.append(request.getMethod()).append("-").append(requestURI);
            String sb2 = sb.toString();
            String header = request.getHeader(BizHttpHeader.APPID);
            String header2 = request.getHeader("timestamp");
            String header3 = request.getHeader("signature");
            if (StringUtil.isEmpty(header) || StringUtil.isEmpty(header2) || StringUtil.isEmpty(header3)) {
                RuntimeContext.remove();
                throw new AppSecretException(601, "请传请求头信息");
            }
            Object obj = this.cacheUtils.get(BaseConstant.APP_SECRET_KEY_PREFIX + header);
            if (null == obj || StringUtil.isEmpty(obj.toString())) {
                RuntimeContext.remove();
                throw new AppSecretException(602, "APPID不正确");
            }
            if (!header3.equals(CryptoUtil.getSHA1(header, header2, obj.toString()))) {
                RuntimeContext.remove();
                throw new AppSecretException(603, "签名验证不通过");
            }
            Object obj2 = this.cacheUtils.get(BaseConstant.APP_URL_KEY_PREFIX + header);
            if (null == obj2 || !(obj2 instanceof Set) || CollectionUtils.isEmpty((Set) obj2)) {
                RuntimeContext.remove();
                throw new AppSecretException(403, "接口未授权");
            }
            if (!((Set) obj2).contains(sb2)) {
                Object obj3 = this.cacheUtils.get(BaseConstant.APP_URL_REGEX_KEY_PREFIX + header);
                if (null == obj3 || !(obj3 instanceof Set) || CollectionUtils.isEmpty((Set) obj3)) {
                    RuntimeContext.remove();
                    throw new AppSecretException(403, "接口未授权");
                }
                Boolean bool = false;
                Iterator it = ((Set) obj3).iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (UrlUtil.urlMatches((String) it.next(), sb2).booleanValue()) {
                        bool = true;
                        break;
                    }
                }
                if (!bool.booleanValue()) {
                    RuntimeContext.remove();
                    throw new AppSecretException(403, "接口未授权");
                }
            }
        }
        long currentTimeMillis = System.currentTimeMillis();
        try {
            Object proceed = proceedingJoinPoint.proceed(proceedingJoinPoint.getArgs());
            this.logger.info("{} {} {} {}", new Object[]{request.getMethod(), requestURI, Long.valueOf(System.currentTimeMillis() - currentTimeMillis), Integer.valueOf(HttpStatus.OK.value())});
            this.logger.info("response: {}", getResponseString(proceed));
            RuntimeContext.remove();
            return proceed;
        } catch (BusiException e) {
            this.logger.info("{} {} {} {}", new Object[]{request.getMethod(), requestURI, Long.valueOf(System.currentTimeMillis() - currentTimeMillis), Integer.valueOf(HttpStatus.NOT_ACCEPTABLE.value())});
            RuntimeContext.remove();
            throw e;
        } catch (Throwable th) {
            this.logger.info("{} {} {} {}", new Object[]{request.getMethod(), requestURI, Long.valueOf(System.currentTimeMillis() - currentTimeMillis), Integer.valueOf(HttpStatus.INTERNAL_SERVER_ERROR.value())});
            RuntimeContext.remove();
            throw new RuntimeException(th.getMessage(), th);
        }
    }

    private void getAppInfoFromRequest(HttpServletRequest httpServletRequest) {
        RuntimeContext.put(BizHttpHeader.APPID, httpServletRequest.getHeader(BizHttpHeader.APPID));
        RuntimeContext.put(BizHttpHeader.MERCHANT_CODE, httpServletRequest.getHeader(BizHttpHeader.MERCHANT_CODE));
        RuntimeContext.put("user_id", httpServletRequest.getHeader(BaseConstant.FEIGN_USER_ID_KEY));
        try {
            RuntimeContext.put("user_name", StringUtils.isNotBlank(httpServletRequest.getHeader(BaseConstant.FEIGN_USER_NAME_KEY)) ? URLDecoder.decode(httpServletRequest.getHeader(BaseConstant.FEIGN_USER_NAME_KEY), "UTF-8") : "");
        } catch (UnsupportedEncodingException e) {
            this.logger.error("AppSecretAspect UnsupportedEncodingException");
        }
    }

    private void logBeforeProceed(ProceedingJoinPoint proceedingJoinPoint, HttpServletRequest httpServletRequest, String str) {
        try {
            this.logger.info("{} {} {} {}", new Object[]{httpServletRequest.getRemoteAddr(), httpServletRequest.getLocalAddr(), httpServletRequest.getMethod(), str});
            if (StringUtils.equals(httpServletRequest.getMethod(), RequestMethod.GET.toString())) {
                this.logger.info("params: {}", getRequestParametersString(httpServletRequest));
            } else {
                ArrayList arrayList = new ArrayList();
                for (int i = 0; i < proceedingJoinPoint.getArgs().length; i++) {
                    if (!(proceedingJoinPoint.getArgs()[i] instanceof BindingResult)) {
                        arrayList.add(proceedingJoinPoint.getArgs()[i]);
                    }
                }
                this.logger.info("params: {}", JSON.toJSONString(arrayList));
            }
        } catch (Exception e) {
            this.logger.error("日志打印错误！");
        }
    }

    private String getRequestParametersString(HttpServletRequest httpServletRequest) {
        return JSON.toJSONString(httpServletRequest.getParameterMap());
    }

    private String getResponseString(Object obj) {
        return null == obj ? "null" : JSON.toJSONString(obj);
    }
}
