package org.jeecg.modules.jmreport.common.interceptor;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.SortedMap;
import java.util.TreeMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jeecg.modules.jmreport.common.constant.d;
import org.jeecg.modules.jmreport.common.util.JimuSpringContextUtils;
import org.jeecg.modules.jmreport.common.util.OkConvertUtils;
import org.jeecg.modules.jmreport.common.util.wrapper.BodyReaderHttpServletRequestWrapper;
import org.jeecg.modules.jmreport.common.vo.Result;
import org.jeecg.modules.jmreport.config.JmReportBaseConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.HandlerInterceptor;

/* loaded from: input_file:org/jeecg/modules/jmreport/common/interceptor/JimuReportSignatureInterceptor.class */
public class JimuReportSignatureInterceptor implements HandlerInterceptor {
    private static final Logger log = LoggerFactory.getLogger(JimuReportSignatureInterceptor.class);
    public static final String X_SIGN = "X-Sign";
    public static final String X_TIMESTAMP = "X-TIMESTAMP";
    public static final String DEFAULT_SECRET = "aa05f1c54d63749eda95f9fa6d49v442a";
    private static final long MAX_EXPIRE = 300;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!isSafeMode((JmReportBaseConfig) JimuSpringContextUtils.getBean(JmReportBaseConfig.class)).booleanValue()) {
            return true;
        }
        String header = httpServletRequest.getHeader(X_TIMESTAMP);
        String header2 = httpServletRequest.getHeader(X_SIGN);
        if (System.currentTimeMillis() - Long.valueOf(Long.parseLong(header)).longValue() > 300000) {
            log.error("签名验证失败:X-TIMESTAMP已过期，注意系统时间和服务器时间是否有误差！");
            error(httpServletResponse, "签名验证失败:X-TIMESTAMP已过期");
            return false;
        }
        BodyReaderHttpServletRequestWrapper bodyReaderHttpServletRequestWrapper = new BodyReaderHttpServletRequestWrapper(httpServletRequest);
        log.info("请求地址:" + bodyReaderHttpServletRequestWrapper.getRequestURL().toString());
        String jSONString = JSONObject.toJSONString(getQueryParams(bodyReaderHttpServletRequestWrapper));
        log.info("Param paramsJsonStr : {}", jSONString);
        if (DigestUtils.md5DigestAsHex((jSONString + DEFAULT_SECRET).getBytes()).toUpperCase().equals(header2)) {
            return true;
        }
        log.error("签名校验失败！Header Sign : {},请求地址：{}", header2, bodyReaderHttpServletRequestWrapper.getRequestURL().toString());
        error(httpServletResponse, "签名校验失败，参数有误！");
        return false;
    }

    private void error(HttpServletResponse httpServletResponse, String str) throws IOException {
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json; charset=utf-8");
        PrintWriter writer = httpServletResponse.getWriter();
        Result<Object> error = Result.error(str);
        error.setCode(1001);
        writer.print(JSON.toJSON(error));
    }

    private SortedMap<String, String> getQueryParams(BodyReaderHttpServletRequestWrapper bodyReaderHttpServletRequestWrapper) {
        TreeMap treeMap = new TreeMap();
        String queryString = bodyReaderHttpServletRequestWrapper.getQueryString();
        if (OkConvertUtils.isNotEmpty(queryString)) {
            String str = d.fC;
            try {
                str = URLDecoder.decode(queryString, "utf-8");
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
            }
            for (String str2 : str.split(d.eE)) {
                int indexOf = str2.indexOf("=");
                treeMap.put(str2.substring(0, indexOf), str2.substring(indexOf + 1));
            }
        }
        if (RequestMethod.POST.name().equals(bodyReaderHttpServletRequestWrapper.getMethod())) {
            String body = bodyReaderHttpServletRequestWrapper.getBody();
            if (OkConvertUtils.isNotEmpty(body)) {
                JSONObject parseObject = JSON.parseObject(body);
                for (String str3 : parseObject.keySet()) {
                    treeMap.put(str3, parseObject.getString(str3));
                }
            }
        }
        return treeMap;
    }

    private Boolean isSafeMode(JmReportBaseConfig jmReportBaseConfig) {
        Boolean valueOf = Boolean.valueOf(jmReportBaseConfig.getFirewall() != null ? jmReportBaseConfig.getFirewall().getDataSourceSafe().booleanValue() : false);
        if (valueOf == null) {
            Environment environment = (Environment) JimuSpringContextUtils.getBean(Environment.class);
            valueOf = (Boolean) environment.getProperty("jeecg.safeMode", Boolean.class, false);
            if (valueOf == null) {
                valueOf = (Boolean) environment.getProperty("jeecg.firewall.dataSourceSafe", Boolean.class, false);
            }
        }
        return valueOf;
    }

    private String getSignatureSecret(JmReportBaseConfig jmReportBaseConfig) {
        String signatureSecret = jmReportBaseConfig.getSignatureSecret();
        if (signatureSecret == null) {
            signatureSecret = (String) ((Environment) JimuSpringContextUtils.getBean(Environment.class)).getProperty("jeecg.signatureSecret", String.class, DEFAULT_SECRET);
        }
        return signatureSecret;
    }
}
