package com.xdja.cssp.was.open.auth.action;

import com.xdja.cssp.sm2cipher.sm2.cipher.Base64Util;
import com.xdja.cssp.sm2cipher.sm2.cipher.SM3Digest;
import com.xdja.cssp.was.open.auth.scheduling.OpenAppInfoCacheOperator;
import com.xdja.cssp.was.open.auth.util.Const;
import com.xdja.cssp.was.ticket.IChallengeService;
import com.xdja.cssp.was.ticket.ITicketService;
import com.xdja.cssp.was.ticket.impl.ChallengeServiceImpl;
import com.xdja.cssp.was.ticket.impl.TicketServiceImpl;
import com.xdja.cssp.was.utils.Func;
import com.xdja.platform.common.lite.kit.StrKit;
import com.xdja.platform.core.spring.SpringBeanUtil;
import com.xdja.platform.redis.core.RedisClient;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.xml.BeanDefinitionParserDelegate;
import org.springframework.http.HttpHeaders;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
/* loaded from: input_file:WEB-INF/classes/com/xdja/cssp/was/open/auth/action/TicketAction.class */
public class TicketAction extends BaseAction {
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private ITicketService ticketService = new TicketServiceImpl((RedisClient) SpringBeanUtil.getBean(RedisClient.class));
    private IChallengeService challengeService = new ChallengeServiceImpl((RedisClient) SpringBeanUtil.getBean(RedisClient.class));

    @RequestMapping(method = {RequestMethod.GET}, value = {"/open/api/v1/ticket/getChallenge"})
    @ResponseBody
    public Object getChallenge(@RequestHeader("appID") String str, HttpServletResponse httpServletResponse) {
        return StringUtils.isBlank(str) ? HttpError.APPID_NOT_EXIST.handle(httpServletResponse) : this.challengeService.create(str, Const.CHALLENGE_PERIOD);
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/open/api/v1/ticket/verifyChallenge"}, consumes = {"application/json"})
    @ResponseBody
    public Object verifySignForAppSecretKey(@RequestHeader HttpHeaders httpHeaders, @RequestBody Map<String, String> map, HttpServletResponse httpServletResponse) {
        String first = httpHeaders.getFirst("appID");
        if (StringUtils.isBlank(first)) {
            return HttpError.APPID_NOT_EXIST.handle(httpServletResponse);
        }
        HashMap hashMap = new HashMap();
        String str = map.get(BeanDefinitionParserDelegate.INDEX_ATTRIBUTE);
        String str2 = map.get("signature");
        String str3 = this.challengeService.get(first, str);
        if (StrKit.isBlank(str3)) {
            hashMap.put("code", -2);
            return hashMap;
        }
        Map<String, String> appInfo = OpenAppInfoCacheOperator.getAppInfo(first);
        if (null == appInfo || appInfo.isEmpty()) {
            this.logger.error("根据appId【{}】无法查询到相应的应用信息", first);
            hashMap.put("code", -1);
            return hashMap;
        }
        SM3Digest sM3Digest = new SM3Digest();
        sM3Digest.update(str3.getBytes());
        if (!str2.equals(new String(Base64Util.encode(Func.hmac_sm3(appInfo.get("secretkey").getBytes(), sM3Digest.doFinal()))))) {
            hashMap.put("code", -1);
            return hashMap;
        }
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        linkedHashMap.put("appId", first);
        hashMap.put("code", 0);
        hashMap.put("ticket", this.ticketService.create(first, Const.TICKET_PERIOD, linkedHashMap));
        hashMap.put("period", Integer.valueOf(Const.TICKET_PERIOD * 1000));
        return hashMap;
    }

    @RequestMapping(method = {RequestMethod.POST}, value = {"/open/api/v1/ticket/checkPackage"}, consumes = {"application/json"})
    @ResponseBody
    public Object verifyPackage(@RequestHeader("appID") String str, @RequestBody Map<String, String> map, HttpServletResponse httpServletResponse) {
        if (StringUtils.isBlank(str)) {
            return HttpError.APPID_NOT_EXIST.handle(httpServletResponse);
        }
        HashMap hashMap = new HashMap();
        Map<String, String> appInfo = OpenAppInfoCacheOperator.getAppInfo(str);
        if (null == appInfo || appInfo.isEmpty()) {
            this.logger.error("根据appId【{}】无法查询到相应的应用信息", str);
            hashMap.put("code", -2);
            return hashMap;
        }
        if (appInfo.get("packageName").equals(map.get("pkgName")) && appInfo.get("packageSign").equals(map.get("sign"))) {
            hashMap.put("code", 0);
        } else {
            hashMap.put("code", -1);
        }
        return hashMap;
    }

    @RequestMapping(method = {RequestMethod.GET}, value = {"/open/api/v1/ticket/refeshTicket"})
    @ResponseBody
    public Map<String, Object> refeshTicket(@RequestHeader(value = "ticket", required = true) String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("code", 0);
        if (this.ticketService.refresh(str, Const.TICKET_PERIOD).longValue() == 0) {
            hashMap.put("code", -1);
        }
        return hashMap;
    }

    @RequestMapping(method = {RequestMethod.DELETE}, value = {"/open/api/v1/ticket/destroyTicket"})
    @ResponseBody
    public Map<String, Object> destroyTicket(@RequestHeader(value = "ticket", required = true) String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("code", 0);
        if (this.ticketService.destroy(str).longValue() == 0) {
            hashMap.put("code", -1);
        }
        return hashMap;
    }
}
