package com.xdja.pki.aop;

import com.xdja.pki.common.enums.ErrorEnum;
import java.net.URLDecoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.util.ContentCachingRequestWrapper;
import org.springframework.web.util.WebUtils;
import org.testng.reporters.XMLConstants;

/* loaded from: input_file:WEB-INF/lib/scms-web-1.0-SNAPSHOT.jar:com/xdja/pki/aop/FingerprintCheckAspect.class */
public class FingerprintCheckAspect {
    private Logger logger = LoggerFactory.getLogger(getClass());

    @Pointcut("execution(public * com.xdja.pki.controller..*.*(..))")
    public void pointcut() {
    }

    @Around("pointcut()")
    public Object check(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        String[] split;
        ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.currentRequestAttributes();
        HttpServletRequest request = servletRequestAttributes.getRequest();
        HttpServletResponse response = servletRequestAttributes.getResponse();
        String header = request.getHeader("fingerprint");
        String header2 = request.getHeader(XMLConstants.ATTR_TIMESTAMP);
        if (StringUtils.isBlank(header) || StringUtils.isBlank(header2)) {
            return ErrorEnum.MISSING_REQUIRED_PARAMETERS.resp(response);
        }
        StringBuilder sb = new StringBuilder();
        sb.append(URLDecoder.decode(request.getRequestURI(), "UTF-8"));
        String contentType = request.getContentType();
        if (null == contentType) {
            return ErrorEnum.MISSING_CONTENT_TYPE.resp(response);
        }
        StringBuilder sb2 = new StringBuilder("");
        HashMap hashMap = null;
        if (contentType.contains("application/x-www-form-urlencoded")) {
            String queryString = request.getQueryString();
            if (null != queryString && (null == (split = URLDecoder.decode(queryString, "UTF-8").split(BeanFactory.FACTORY_BEAN_PREFIX)) || split.length >= 2)) {
                hashMap = new HashMap();
                for (String str : split) {
                    String[] split2 = str.split("=");
                    if (!split2[0].equals("_")) {
                        if (split2.length == 2) {
                            hashMap.put(split2[0], split2[1]);
                        } else if (split2.length == 1) {
                            hashMap.put(split2[0], "");
                        } else {
                            StringBuilder sb3 = new StringBuilder();
                            for (int i = 1; i < split2.length; i++) {
                                sb3.append(split2[i]);
                            }
                            hashMap.put(split2[0], sb3.toString());
                        }
                    }
                }
            }
        } else if (contentType.contains("multipart/form-data")) {
            Enumeration<String> parameterNames = request.getParameterNames();
            hashMap = new HashMap();
            while (parameterNames.hasMoreElements()) {
                String nextElement = parameterNames.nextElement();
                String parameter = request.getParameter(nextElement);
                if (StringUtils.isNotBlank(parameter) && !parameter.equalsIgnoreCase("null")) {
                    hashMap.put(nextElement, parameter);
                }
            }
        } else {
            if (!contentType.contains("application/json")) {
                this.logger.error("不支持的请求类型Content-Type:{}", contentType);
                return ErrorEnum.REQUEST_METHOD_NOT_SUPPORTED.resp(response);
            }
            sb2.append(new String(((ContentCachingRequestWrapper) WebUtils.getNativeRequest(request, ContentCachingRequestWrapper.class)).getContentAsByteArray()));
        }
        if (null != hashMap) {
            ArrayList<String> arrayList = new ArrayList(hashMap.keySet());
            Collections.sort(arrayList);
            for (String str2 : arrayList) {
                sb2.append(str2);
                sb2.append((String) hashMap.get(str2));
            }
        }
        sb.append((CharSequence) sb2);
        sb.append(header2);
        this.logger.debug("hash原文[{}]", sb.toString());
        if (header.equals(new Sha256Hash(sb.toString()).toHex().toLowerCase())) {
            return proceedingJoinPoint.proceed();
        }
        this.logger.error("请求原文数据遭到篡改！！,source:[{}],hash[{}]", sb.toString(), header);
        return ErrorEnum.REQUEST_CONTENT_IS_ALTERED.resp(response);
    }
}
