package com.asa.commom.asacommon.auth.filter;

import com.asa.commom.asacommon.CommonProperties;
import com.asa.commom.asacommon.constant.CommonConstant;
import com.asa.commom.asacommon.constant.ErrorTypeEnum;
import com.asa.commom.asacommon.domain.BaseResultDTO;
import com.asa.commom.asacommon.util.JsonUtils;
import com.asa.commom.asacommon.web.RequestMatcher;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.PrintStream;
import java.nio.charset.StandardCharsets;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Stream;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.core.Ordered;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:com/asa/commom/asacommon/auth/filter/SignatureCheckFilter.class */
public class SignatureCheckFilter extends OncePerRequestFilter implements Ordered {
    private CommonProperties.Auth auth;
    private List<RequestMatcher> requestMatchers;
    public static final String[] AUTH_WHITELIST = {"/", "/*.html", "/favicon.ico", "/**/*.html", "/**/*.css", "/**/*.js", "/webjars/**", "/swagger-resources/**", "/**/api-docs/**", "/**/env/**", "/error", "/druid/**", "/api/test", "/v2/api-docs", "/swagger-resources", "/swagger-resources/**", "/configuration/ui", "/configuration/security", "/swagger-ui.html", "/webjars/**", "/actuator/**", "/test/**", "/**/tool/**"};

    public SignatureCheckFilter(CommonProperties.Auth auth) {
        this.auth = auth;
        if (CommonConstant.model_black.equals(auth.getModel())) {
            if (StringUtils.isEmpty(this.auth.getRequestList())) {
                this.requestMatchers = RequestMatcher.antMatchers("*");
                return;
            } else {
                this.requestMatchers = RequestMatcher.antMatchers(this.auth.getRequestList());
                return;
            }
        }
        if (StringUtils.isEmpty(this.auth.getRequestList())) {
            this.requestMatchers = RequestMatcher.antMatchers(AUTH_WHITELIST);
            return;
        }
        Stream concat = Stream.concat(Stream.of((Object[]) this.auth.getRequestList()), Stream.of((Object[]) AUTH_WHITELIST));
        PrintStream printStream = System.out;
        printStream.getClass();
        this.requestMatchers = RequestMatcher.antMatchers((String[]) concat.peek(printStream::println).toArray(i -> {
            return new String[i];
        }));
    }

    private boolean inWriteOrBlackList(HttpServletRequest httpServletRequest) {
        if (CommonConstant.model_black.equals(this.auth.getModel())) {
            if (this.requestMatchers == null) {
                return true;
            }
            Iterator<RequestMatcher> it = this.requestMatchers.iterator();
            while (it.hasNext()) {
                if (it.next().matches(httpServletRequest)) {
                    return false;
                }
            }
            return true;
        }
        if (this.requestMatchers == null) {
            return false;
        }
        Iterator<RequestMatcher> it2 = this.requestMatchers.iterator();
        while (it2.hasNext()) {
            if (it2.next().matches(httpServletRequest)) {
                return true;
            }
        }
        return false;
    }

    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (httpServletRequest.getMethod().matches(HttpMethod.OPTIONS.name())) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        String header = httpServletRequest.getHeader(CommonConstant.signature);
        String header2 = httpServletRequest.getHeader(CommonConstant.currentTimestamp);
        if (!inWriteOrBlackList(httpServletRequest)) {
            if (header == null || header2 == null) {
                writeUnAuth(httpServletRequest.getRequestURL().toString(), httpServletResponse, "当前请求缺少签名信息！");
                return;
            }
            Long valueOf = Long.valueOf(System.currentTimeMillis() - Long.valueOf(header2).longValue());
            if (valueOf.longValue() > 300000 || valueOf.longValue() < -300000) {
                writeUnAuth(httpServletRequest.getRequestURL().toString(), httpServletResponse, "当前请求签名已过期");
                return;
            }
            StringBuilder sb = new StringBuilder();
            BufferedReader reader = httpServletRequest.getReader();
            while (true) {
                String readLine = reader.readLine();
                if (readLine == null) {
                    break;
                } else {
                    sb.append(readLine);
                }
            }
            if (!DigestUtils.md5Hex((((Object) sb) + "&timestamp=" + header2).getBytes(StandardCharsets.UTF_8)).equals(header)) {
                writeUnAuth(httpServletRequest.getRequestURL().toString(), httpServletResponse, "验签失败！");
                return;
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private void writeUnAuth(String str, HttpServletResponse httpServletResponse, String str2) throws IOException {
        httpServletResponse.setStatus(HttpStatus.UNAUTHORIZED.value());
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setContentType("application/json");
        BaseResultDTO baseResultDTO = new BaseResultDTO();
        baseResultDTO.setErrorType(ErrorTypeEnum.BUSINESS.getValue());
        baseResultDTO.setStatus(Integer.valueOf(HttpStatus.UNAUTHORIZED.value()));
        baseResultDTO.setStatusDescription(HttpStatus.UNAUTHORIZED.getReasonPhrase());
        baseResultDTO.setErrorCode(String.valueOf(HttpStatus.UNAUTHORIZED.value()));
        baseResultDTO.setPath(str);
        baseResultDTO.setErrorMessage(str2);
        baseResultDTO.setServerTime(Long.valueOf(System.currentTimeMillis()));
        httpServletResponse.getWriter().println(JsonUtils.objectToString(baseResultDTO));
    }

    public int getOrder() {
        return Integer.MIN_VALUE;
    }
}
