package com.yonyou.yht.sdkutils.sign;

import com.yonyou.yht.sdkutils.PropertyUtil;
import com.yonyou.yht.sdkutils.StringUtils;
import com.yonyou.yht.sdkutils.YhtClientPropertyUtil;
import com.yonyou.yht.security.rest.api.Signer;
import com.yonyou.yht.security.rest.common.AuthConstants;
import com.yonyou.yht.security.rest.common.Credential;
import com.yonyou.yht.security.rest.exception.YHTSecurityException;
import com.yonyou.yht.security.rest.rsa.client.RSAClientSigner;
import com.yonyou.yht.security.rest.utils.ClientCredentialGenerator;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.util.Properties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/yonyou/yht/sdkutils/sign/CasClientSignFactory.class */
public class CasClientSignFactory {
    private static Properties properties;
    private static final Logger logger = LoggerFactory.getLogger(CasClientSignFactory.class);
    private static Signer signer = null;

    public static Signer getSigner(String str) throws YHTSecurityException, IOException {
        if (signer != null) {
            return signer;
        }
        String str2 = null;
        if (StringUtils.isNotBlank(str)) {
            str2 = YhtClientPropertyUtil.getPropertyByKey(str + "." + AuthConstants.CLIENT_CREDENTIAL_PATH);
        }
        if (StringUtils.isBlank(str2)) {
            logger.info("find credential file path without prefix.");
            str2 = YhtClientPropertyUtil.getPropertyByKey(AuthConstants.CLIENT_CREDENTIAL_PATH);
        }
        String propertyByKey = YhtClientPropertyUtil.getPropertyByKey(AuthConstants.AUTH_ALG);
        if (StringUtils.isBlank(str2)) {
            logger.warn("please check config for yht.client.credential.path file url. will try with enviroment");
        }
        if (StringUtils.isBlank(propertyByKey)) {
            propertyByKey = AuthConstants.AUTH_HMAC_ALG;
        }
        Credential credential = null;
        try {
            credential = getResourceFileOrEnviroment(str2);
        } catch (Exception e) {
        }
        if (StringUtils.isBlank(str2) && null == credential) {
            logger.error("please check config for yht.client.credential.path file url. or set  enviroment");
            throw new YHTSecurityException("please check config for yht.client.credential.path file url. or set  enviroment");
        }
        String realCredientialPath = getRealCredientialPath(str2);
        logger.info("credential file path is {}.", realCredientialPath);
        if (AuthConstants.AUTH_HMAC_ALG.equals(propertyByKey)) {
            if (null != credential) {
                signer = new DigestSigner(credential);
            } else {
                signer = new DigestSigner(ClientCredentialGenerator.loadCredential(realCredientialPath));
            }
            return signer;
        }
        if (!"RSA".equals(propertyByKey)) {
            throw new YHTSecurityException("签名算法" + propertyByKey + "不匹配!");
        }
        if (null != credential) {
            signer = new RSAClientSigner(credential);
            return signer;
        }
        signer = new RSAClientSigner(ClientCredentialGenerator.loadCredential(realCredientialPath));
        return signer;
    }

    public static String getRealCredientialPath(String str) {
        URL resource;
        if (str == null) {
            return null;
        }
        if (!new File(str).exists() && (resource = SignMake.class.getClassLoader().getResource(str)) != null) {
            String path = resource.getPath();
            if (StringUtils.isNotBlank(path) && !path.contains("jar!")) {
                str = path;
            }
        }
        return str;
    }

    public static Credential getResourceFileOrEnviroment(String str) throws IOException {
        String propertyByKeyInPath = PropertyUtil.getPropertyByKeyInPath(AuthConstants.APPID, str);
        String propertyByKeyInPath2 = PropertyUtil.getPropertyByKeyInPath(AuthConstants.KEY, str);
        String propertyByKeyInPath3 = PropertyUtil.getPropertyByKeyInPath(AuthConstants.EXPIRED_TS, str);
        if (StringUtils.isNotBlank(propertyByKeyInPath) && StringUtils.isNotBlank(propertyByKeyInPath2) && StringUtils.isNotBlank(propertyByKeyInPath3)) {
            return new Credential(propertyByKeyInPath, propertyByKeyInPath2, propertyByKeyInPath3);
        }
        String propertyByKey = YhtClientPropertyUtil.getPropertyByKey(AuthConstants.APPID);
        String propertyByKey2 = YhtClientPropertyUtil.getPropertyByKey(AuthConstants.KEY);
        String propertyByKey3 = YhtClientPropertyUtil.getPropertyByKey(AuthConstants.EXPIRED_TS);
        if (StringUtils.isNotBlank(propertyByKey) && StringUtils.isNotBlank(propertyByKey2) && StringUtils.isNotBlank(propertyByKey3)) {
            return new Credential(propertyByKey, propertyByKey2, propertyByKey3);
        }
        return null;
    }
}
