package com.chuangjiangx.unifiedpay.aspect;

import com.alibaba.fastjson.JSON;
import com.chuangjiangx.commons.exception.BaseException;
import com.chuangjiangx.microservice.common.SignatureUtils;
import com.chuangjiangx.unifiedpay.common.Response;
import com.chuangjiangx.unifiedpay.exception.CheckSignException;
import com.chuangjiangx.unifiedpay.exception.ParameterException;
import com.chuangjiangx.unifiedpay.service.AgentService;
import com.chuangjiangx.unifiedpay.service.MerchantService;
import com.chuangjiangx.unifiedpay.service.SaasAppService;
import com.chuangjiangx.unifiedpay.service.dto.AgentDTO;
import com.chuangjiangx.unifiedpay.service.dto.MerchantDTO;
import com.chuangjiangx.unifiedpay.service.dto.SaasAppDTO;
import java.lang.reflect.Field;
import java.util.Map;
import java.util.Objects;
import java.util.TreeMap;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

@Aspect
@Component
/* loaded from: input_file:WEB-INF/classes/com/chuangjiangx/unifiedpay/aspect/CheckSignAspect.class */
public class CheckSignAspect {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) CheckSignAspect.class);

    @Autowired
    private SaasAppService saasAppService;

    @Autowired
    private AgentService agentService;

    @Autowired
    private MerchantService merchantService;
    private String[] whitLists = {"com.chuangjiangx.unifiedpay.controller.CallbackController"};
    private String[] checkMchLists = {"com.chuangjiangx.unifiedpay.controller.PayController"};
    private String[] checkAgentLists = {"com.chuangjiangx.unifiedpay.controller.MerchantController"};

    @Around("execution(* com.chuangjiangx.unifiedpay.controller..*.*(..))")
    @ResponseBody
    public Object doAround(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        String str = null;
        String str2 = null;
        String name = proceedingJoinPoint.getTarget().getClass().getName();
        boolean booleanValue = filterClass(name).booleanValue();
        log.info("api签名验证：{}，{}", name, booleanValue ? "进入签名验证：" : "免签");
        proceedingJoinPoint.getSignature().getName();
        if (booleanValue) {
            try {
                Map<String, String[]> parameterMap = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest().getParameterMap();
                if (parameterMap == null) {
                    throw new ParameterException("参数异常");
                }
                str2 = parameterMap.get("appid") == null ? null : parameterMap.get("appid")[0];
                if (StringUtils.isBlank(str2)) {
                    throw new CheckSignException("200", "未被授权，appid有误或者请检查是否审核通过");
                }
                String str3 = parameterMap.get("sign") == null ? null : parameterMap.get("sign")[0];
                if (StringUtils.isBlank(str3)) {
                    throw new ParameterException("签名不能为空");
                }
                if (isCheckAgent(name).booleanValue()) {
                    AgentDTO byAppid = this.agentService.getByAppid(str2);
                    if (Objects.isNull(byAppid)) {
                        throw new CheckSignException("200", "未被授权，appid有误或者请检查是否审核通过");
                    }
                    str = byAppid.getAppsecret();
                } else {
                    SaasAppDTO byAppid2 = this.saasAppService.getByAppid(str2);
                    if (Objects.isNull(byAppid2)) {
                        throw new CheckSignException("200", "未被授权，appid有误或者请检查是否审核通过");
                    }
                    str = byAppid2.getAppsecret();
                    if (isCheckMchno(name).booleanValue()) {
                        String str4 = parameterMap.get("mchno") == null ? null : parameterMap.get("mchno")[0];
                        if (StringUtils.isBlank(str4)) {
                            throw new ParameterException("商户号不能为空");
                        }
                        checkMchno(str4, byAppid2.getId());
                    }
                }
                requestCheckSign(parameterMap, str, str3);
            } catch (BaseException e) {
                log.error("CheckSignAspect-", (Throwable) e);
                Response response = new Response();
                response.setCode(e.getErrCode());
                response.setErr_msg(e.getErrMessage());
                return getResponseSisn(response, null, null);
            } catch (Exception e2) {
                log.error("CheckSignAspect-", (Throwable) e2);
                Response response2 = new Response();
                response2.setCode("100");
                response2.setErr_msg("系统错误");
                return getResponseSisn(response2, null, null);
            }
        }
        Object proceed = proceedingJoinPoint.proceed();
        if (booleanValue) {
            responseAddSign(proceed, str, str2);
        }
        return proceed;
    }

    private Response getResponseSisn(Response response, String str, String str2) {
        if (StringUtils.isNotBlank(str) && StringUtils.isNotBlank(str2)) {
            response.setOpen_appid(str);
            response.setOpen_sign(SignatureUtils.sign(response, str2));
            return response;
        }
        response.setOpen_sign(checkNullReturnEmptyString(""));
        response.setOpen_appid(checkNullReturnEmptyString(str));
        return response;
    }

    private Boolean filterClass(String str) {
        if (StringUtils.isBlank(str)) {
            return true;
        }
        for (String str2 : this.whitLists) {
            if (str2.equals(str)) {
                return false;
            }
        }
        return true;
    }

    private Boolean isCheckMchno(String str) {
        if (StringUtils.isBlank(str)) {
            return false;
        }
        for (String str2 : this.checkMchLists) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    private Boolean isCheckAgent(String str) {
        if (StringUtils.isBlank(str)) {
            return false;
        }
        for (String str2 : this.checkAgentLists) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    private String checkNullReturnEmptyString(String str) {
        return str == null ? "" : str;
    }

    private void requestCheckSign(Map<String, String[]> map, String str, String str2) {
        log.info("进行签名验证：{}，appsecret：{}", JSON.toJSONString(map), str);
        TreeMap treeMap = new TreeMap();
        for (String str3 : map.keySet()) {
            String str4 = map.get(str3) == null ? null : map.get(str3)[0];
            if (str4 != null && !"sign".equals(str3) && !"fromDiversionModule".equals(str3)) {
                treeMap.put(str3, str4);
            }
            if (str4 != null && "".equals(str4)) {
                throw new ParameterException(str3 + "不能为空字符串");
            }
        }
        String sign = SignatureUtils.sign(treeMap, str);
        log.info("请求签名:" + str2 + "----系统签名:" + sign);
        if (!sign.equals(str2)) {
            throw new CheckSignException("201", "签名不正确");
        }
    }

    private void responseAddSign(Object obj, String str, String str2) {
        if (obj instanceof Response) {
            int i = 0;
            Class<?> cls = obj.getClass();
            Field field = null;
            Field field2 = null;
            while (cls != null) {
                for (Field field3 : cls.getDeclaredFields()) {
                    field3.setAccessible(true);
                    try {
                        if ("open_sign".equals(field3.getName())) {
                            field = cls.getDeclaredField("open_sign");
                        } else if ("open_appid".equals(field3.getName())) {
                            field2 = cls.getDeclaredField("open_appid");
                        }
                    } catch (NoSuchFieldException e) {
                        log.error("responseAddSign-", (Throwable) e);
                    }
                }
                cls = cls.getSuperclass();
                if (i >= 3) {
                    break;
                } else {
                    i++;
                }
            }
            if (field2 != null) {
                try {
                    field2.setAccessible(true);
                    field2.set(obj, str2);
                } catch (IllegalAccessException e2) {
                    log.error("responseAddSign-", (Throwable) e2);
                    return;
                }
            }
            String sign = SignatureUtils.sign(obj, str);
            log.info("返回值添加签名：{},签名：{},appsecret：{}", obj, sign, str);
            if (field != null) {
                field.setAccessible(true);
                field.set(obj, sign);
            }
        }
    }

    private void checkMchno(String str, Long l) {
        MerchantDTO byId = this.merchantService.getById(str);
        if (Objects.isNull(byId)) {
            throw new CheckSignException("200", "未被授权，mchno有误或者请检查是否审核通过");
        }
        if (!byId.getSaasIds().contains(l)) {
            throw new CheckSignException("200", "未被授权，mchno有误或者请检查是否审核通过");
        }
    }
}
