package com.yonyou.iuap.event.manager.filter;

import com.yonyou.iuap.event.manager.exception.BusinessException;
import com.yonyou.iuap.event.manager.service.IEventNodeService;
import com.yonyou.iuap.event.manager.sign.EventDigestVerifier;
import com.yonyou.iuap.event.manager.sign.EventSignConfigUtil;
import com.yonyou.iuap.event.manager.utils.SpringContextUtil;
import com.yonyou.iuap.security.rest.api.Verifier;
import com.yonyou.iuap.security.rest.common.AuthConstants;
import com.yonyou.iuap.security.rest.common.Credential;
import com.yonyou.iuap.security.rest.common.SignProp;
import com.yonyou.iuap.security.rest.exception.UAPSecurityException;
import com.yonyou.iuap.security.rest.factory.ServerVerifyFactory;
import com.yonyou.iuap.security.rest.rsa.server.RSAServerVerfier;
import com.yonyou.iuap.security.rest.utils.PostParamsHelper;
import com.yonyou.iuap.security.rest.utils.SignPropGenerator;
import java.io.IOException;
import java.net.MalformedURLException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/classes/com/yonyou/iuap/event/manager/filter/SendEventMsgSecurityFilter.class */
public class SendEventMsgSecurityFilter implements Filter {
    private static final long DEFAULT_EXPIRED = 3000000;
    private Logger logger = LoggerFactory.getLogger((Class<?>) SendEventMsgSecurityFilter.class);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/classes/com/yonyou/iuap/event/manager/filter/SendEventMsgSecurityFilter$SendEVentMsgServerVirifyFactory.class */
    public class SendEVentMsgServerVirifyFactory extends ServerVerifyFactory {
        SendEVentMsgServerVirifyFactory() {
        }

        @Override // com.yonyou.iuap.security.rest.factory.ServerVerifyFactory
        protected Credential genCredential(String str) {
            return new Credential(str, ((IEventNodeService) SpringContextUtil.getBean("eventNodeServiceImpl")).queryEventNodeByCode(str).getKey(), null);
        }

        @Override // com.yonyou.iuap.security.rest.factory.ServerVerifyFactory
        public Verifier getVerifier(String str) throws UAPSecurityException {
            try {
                String propertie = EventSignConfigUtil.getPropertie(AuthConstants.AUTH_ALG);
                if (AuthConstants.AUTH_HMAC_ALG.equals(propertie)) {
                    return new EventDigestVerifier(genCredential(str));
                }
                if (AuthConstants.AUTH_RSA_ALG.equals(propertie)) {
                    return new RSAServerVerfier(genCredential(str));
                }
                throw new UAPSecurityException("签名算法" + propertie + "不匹配!");
            } catch (BusinessException e) {
                SendEventMsgSecurityFilter.this.logger.error(e.getMessage(), (Throwable) e);
                throw new UAPSecurityException("签名算法找不到!");
            }
        }
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            String header = httpServletRequest.getHeader(AuthConstants.PARAM_DIGEST);
            String header2 = httpServletRequest.getHeader(AuthConstants.APPID);
            if (StringUtils.isEmpty(header)) {
                header = httpServletRequest.getParameter(AuthConstants.PARAM_DIGEST);
            }
            if (StringUtils.isEmpty(header2)) {
                header2 = httpServletRequest.getParameter(AuthConstants.APPID);
            }
            if (header == null || header2 == null) {
                HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
                httpServletResponse.setStatus(400);
                httpServletResponse.addHeader("Send event message validate error", " 400 , method not allowed, please check called paramaters !");
                httpServletResponse.getWriter().write("Method not allowed, please check called paramaters !");
                return;
            }
            String parameter = httpServletRequest.getParameter(AuthConstants.PARAM_TIMESTAMP);
            if (StringUtils.isNumeric(parameter)) {
                if (System.currentTimeMillis() - Long.parseLong(parameter) > DEFAULT_EXPIRED) {
                    HttpServletResponse httpServletResponse2 = (HttpServletResponse) servletResponse;
                    httpServletResponse2.setStatus(400);
                    httpServletResponse2.addHeader("send message validate error", " 400 ,请求超时");
                    httpServletResponse2.getWriter().write(" over time");
                    return;
                }
            }
            if (!ValidatorUrl(httpServletRequest)) {
                HttpServletResponse httpServletResponse3 = (HttpServletResponse) servletResponse;
                httpServletResponse3.setStatus(400);
                httpServletResponse3.addHeader("Send event message validate error", " 400 , method not allowed, please check called paramaters !");
                httpServletResponse3.getWriter().write("Method not allowed, please check called paramaters !");
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private boolean ValidatorUrl(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(AuthConstants.PARAM_DIGEST);
        String header2 = httpServletRequest.getHeader(AuthConstants.APPID);
        if (StringUtils.isEmpty(header)) {
            header = httpServletRequest.getParameter(AuthConstants.PARAM_DIGEST);
        }
        if (StringUtils.isEmpty(header2)) {
            header2 = httpServletRequest.getParameter(AuthConstants.APPID);
        }
        if (!StringUtils.isNotEmpty(header) || !StringUtils.isNotEmpty(header2)) {
            return false;
        }
        try {
            String stringBuffer = httpServletRequest.getRequestURL().toString();
            if (StringUtils.isNotBlank(httpServletRequest.getQueryString())) {
                stringBuffer = stringBuffer + "?" + httpServletRequest.getQueryString();
            }
            String genParamsStrByReqeust = PostParamsHelper.genParamsStrByReqeust(httpServletRequest);
            SignProp genSignProp = SignPropGenerator.genSignProp(stringBuffer);
            if (StringUtils.isNotBlank(genParamsStrByReqeust)) {
                genSignProp.setPostParamsStr(genParamsStrByReqeust);
                genSignProp.setContentLength(httpServletRequest.getContentLength());
            }
            return new SendEVentMsgServerVirifyFactory().getVerifier(header2).verify(header, genSignProp);
        } catch (UAPSecurityException e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            return false;
        } catch (MalformedURLException e2) {
            this.logger.error(e2.getMessage(), (Throwable) e2);
            return false;
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
