package com.yonyou.iuap.webpush.util;

import com.yonyou.iuap.security.rest.common.AuthConstants;
import com.yonyou.iuap.security.rest.common.SignProp;
import com.yonyou.iuap.security.rest.exception.UAPSecurityException;
import com.yonyou.iuap.security.rest.utils.PostParamsHelper;
import com.yonyou.iuap.security.rest.utils.SignPropGenerator;
import io.vertx.core.http.HttpServerRequest;
import io.vertx.core.http.HttpServerResponse;
import io.vertx.ext.web.RoutingContext;
import java.net.MalformedURLException;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.http.client.methods.HttpPost;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/yonyou/iuap/webpush/util/ServerSignVerigy.class */
public class ServerSignVerigy {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) ServerSignVerigy.class);

    public void signRestfulInterface(RoutingContext routingContext) {
        HttpServerRequest request = routingContext.request();
        String absoluteURI = request.absoluteURI();
        String str = "";
        String param = request.getParam(AuthConstants.PARAM_TIMESTAMP);
        String header = request.getHeader(AuthConstants.PARAM_DIGEST);
        if (!StringUtils.isNumeric(param)) {
            logger.info("ts=" + param);
            sendError(403, routingContext.response(), "参数可能被恶意修改，服务被拒绝!");
            return;
        }
        if (System.currentTimeMillis() - Long.parseLong(param) > 300000) {
            sendError(500, routingContext.response(), "请求超时！不允许，应返回错误信息!");
            return;
        }
        SignProp signProp = null;
        try {
            signProp = SignPropGenerator.genSignProp(absoluteURI);
            logger.info("prop=" + signProp);
        } catch (MalformedURLException e) {
            logger.error(e.getMessage(), (Throwable) e);
        }
        if (HttpPost.METHOD_NAME.equalsIgnoreCase(request.method().name())) {
            String param2 = request.getParam("paramjson");
            logger.info("param1=" + param2);
            if (StringUtils.isEmpty(param2)) {
                param2 = routingContext.getBodyAsString();
            }
            if (StringUtils.isEmpty(param2)) {
                logger.info("param2=" + param2);
                sendError(403, routingContext.response(), "参数可能被恶意修改，服务被拒绝!");
                return;
            }
            Map<String, Object> parseJSON2Map = JsonConvertUtil.parseJSON2Map(param2);
            if (!parseJSON2Map.isEmpty()) {
                str = (String) parseJSON2Map.get("identity");
                logger.info("appid=" + str);
            }
            if (signProp != null) {
                logger.info("PostParamsHelper=" + PostParamsHelper.genParamsStrByMap(parseJSON2Map));
                signProp.setPostParamsStr(PostParamsHelper.genParamsStrByMap(parseJSON2Map));
            }
        }
        WebPushVerifyFactory webPushVerifyFactory = new WebPushVerifyFactory();
        Boolean bool = false;
        try {
            logger.info("sign=" + header + " && prop=" + signProp);
            bool = Boolean.valueOf(webPushVerifyFactory.getVerifier(str).verify(header, signProp));
        } catch (UAPSecurityException e2) {
            logger.error(e2.getMessage(), (Throwable) e2);
        }
        if (bool.booleanValue()) {
            return;
        }
        logger.info("param3=" + bool);
        sendError(403, routingContext.response(), "参数可能被恶意修改，服务被拒绝!");
    }

    private void sendError(int i, HttpServerResponse httpServerResponse, String str) {
        httpServerResponse.setStatusCode(i).write(str).end();
    }
}
