package com.daas.nros.openapi.gateway.server.service.impl;

import brave.Tracer;
import com.daas.nros.openapi.gateway.client.consts.CodeMessageConsts;
import com.daas.nros.openapi.gateway.client.exception.OpenApiException;
import com.daas.nros.openapi.gateway.client.exception.OpenApiExceptionSupplier;
import com.daas.nros.openapi.gateway.client.model.vo.Client;
import com.daas.nros.openapi.gateway.client.model.vo.ServiceApiVO;
import com.daas.nros.openapi.gateway.client.utils.Assert;
import com.daas.nros.openapi.gateway.server.service.api.GatewayManager;
import com.daas.nros.openapi.gateway.server.service.api.OauthManager;
import com.daas.nros.openapi.gateway.server.service.api.RequestManager;
import com.google.common.base.Joiner;
import com.google.common.base.Strings;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.Cache;
import org.springframework.cache.CacheManager;
import org.springframework.stereotype.Service;

@Service
/* loaded from: input_file:com/daas/nros/openapi/gateway/server/service/impl/RequestManagerImpl.class */
public class RequestManagerImpl implements RequestManager {

    @Value("${bizvane.openapi.gateway.reject-timeout:900000}")
    private long rejectTimeout;

    @Autowired
    private OauthManager oauthManager;

    @Autowired
    private CacheManager cacheManager;

    @Autowired
    private GatewayManager gatewayManager;

    @Autowired
    private Tracer tracer;

    @Value("${spring.application.name}")
    String appName;
    static Set<String> signatureHeaders = Sets.newHashSet(new String[]{"bizvane-appkey", "bizvane-timestamp", "bizvane-nonce"});
    static String signatureHeadersValue = Joiner.on(',').join(signatureHeaders);

    @Override // com.daas.nros.openapi.gateway.server.service.api.RequestManager
    public Object request(String str, String str2, String str3, Map<String, String> map, Map<String, Object> map2) {
        AtomicReference atomicReference = new AtomicReference();
        Optional ofNullable = Optional.ofNullable(Strings.emptyToNull(map.get("bizvane-appkey")));
        GatewayManager gatewayManager = this.gatewayManager;
        gatewayManager.getClass();
        ofNullable.map(gatewayManager::getClient).map((v0) -> {
            return v0.getExt();
        }).ifPresent(map3 -> {
            Optional ofNullable2 = Optional.ofNullable(map3.get("business_id"));
            atomicReference.getClass();
            ofNullable2.ifPresent(atomicReference::set);
        });
        String str4 = (String) Optional.ofNullable(Strings.emptyToNull(map.get("bizvane-timestamp"))).orElseThrow(OpenApiExceptionSupplier.convert(CodeMessageConsts.Gateway.TIMESTAMP_EMPTY));
        String str5 = (String) Optional.ofNullable(Strings.emptyToNull(map.get("bizvane-access-token"))).orElseThrow(OpenApiExceptionSupplier.convert(CodeMessageConsts.Gateway.ACCESS_TOKEN_EMPTY));
        String str6 = (String) Optional.ofNullable(Strings.emptyToNull(map.get("bizvane-nonce"))).orElseThrow(OpenApiExceptionSupplier.convert(CodeMessageConsts.Gateway.NONCE_EMPTY));
        String str7 = (String) Optional.ofNullable(Strings.emptyToNull(map.get("bizvane-signature"))).orElseThrow(OpenApiExceptionSupplier.convert(CodeMessageConsts.Gateway.SIGNATURE_EMPTY));
        long checkTimestamp = checkTimestamp(str4);
        Optional.of(checkAccessToken(str5)).map((v0) -> {
            return v0.getExt();
        }).ifPresent(map4 -> {
            Optional ofNullable2 = Optional.ofNullable(map4.get("business_id"));
            atomicReference.getClass();
            ofNullable2.ifPresent(atomicReference::set);
        });
        checkReplayAttack(str, str5, str6);
        checkSignature(map2, str5, checkTimestamp, str6, str7);
        checkServiceApi(str2, str3);
        return null;
    }

    private Client checkAccessToken(String str) {
        return (Client) Optional.ofNullable(this.oauthManager.getClient(str)).orElseThrow(OpenApiExceptionSupplier.convert(CodeMessageConsts.Gateway.INVALID_ACCESS_TOKEN));
    }

    private long checkTimestamp(String str) {
        try {
            long parseLong = Long.parseLong(str);
            Assert.isTrue(System.currentTimeMillis() - parseLong <= this.rejectTimeout, CodeMessageConsts.Gateway.INVALID_TIMESTAMP);
            return parseLong;
        } catch (NumberFormatException e) {
            throw new OpenApiException(CodeMessageConsts.Gateway.INVALID_TIMESTAMP);
        }
    }

    private void checkReplayAttack(String str, String str2, String str3) {
        Cache cache = this.cacheManager.getCache("request_path");
        String lenientFormat = Strings.lenientFormat("%s-%s-%s", new Object[]{str2, str3, str});
        Assert.isNull((Boolean) cache.get(lenientFormat, Boolean.class), CodeMessageConsts.Gateway.NONCE_USED);
        cache.put(lenientFormat, Boolean.TRUE);
    }

    private void checkSignature(Map<String, Object> map, String str, long j, String str2, String str3) {
        Map<String, Object> map2 = (Map) Optional.ofNullable(map).orElseGet(() -> {
            return Maps.newHashMapWithExpectedSize(4);
        });
        map2.put("bizvane-timestamp", Long.valueOf(j));
        map2.put("bizvane-nonce", str2);
        map2.put("bizvane-access-token", str);
        Assert.isTrue(this.oauthManager.verifySignature(str3, str, map2), CodeMessageConsts.Gateway.SIGNATURE_DOES_NOT_MATCH);
    }

    private ServiceApiVO checkServiceApi(String str, String str2) {
        return this.gatewayManager.getServiceApi(str, str2);
    }
}
