package com.gitee.easyopen.support;

import com.gitee.easyopen.ApiConfig;
import com.gitee.easyopen.ApiContext;
import com.gitee.easyopen.ApiResult;
import com.gitee.easyopen.Encrypter;
import com.gitee.easyopen.Invoker;
import com.gitee.easyopen.ParamNames;
import com.gitee.easyopen.auth.Oauth2Manager;
import com.gitee.easyopen.auth.Oauth2Service;
import com.gitee.easyopen.bean.Consts;
import com.gitee.easyopen.bean.RequestMode;
import com.gitee.easyopen.doc.ApiDocHolder;
import com.gitee.easyopen.interceptor.ApiInterceptor;
import com.gitee.easyopen.message.Errors;
import com.gitee.easyopen.monitor.MonitorSearch;
import com.gitee.easyopen.monitor.MonitorStore;
import com.gitee.easyopen.register.AbstractInitializer;
import com.gitee.easyopen.util.MD5Util;
import com.gitee.easyopen.util.RequestUtil;
import com.gitee.easyopen.util.VelocityUtil;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.interfaces.RSAPrivateKey;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.velocity.VelocityContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.core.io.ClassPathResource;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

/* loaded from: input_file:com/gitee/easyopen/support/ApiController.class */
public abstract class ApiController extends AbstractInitializer implements ApplicationListener<ContextRefreshedEvent> {
    private static final String SESSION_KEY_MONITOR_PASSWORD = "session_key_monitor_password";
    protected ApiConfig apiConfig;

    @Autowired(required = false)
    protected Oauth2Manager oauth2Manager;
    protected Oauth2Service oauth2Service;
    protected Invoker invoker;

    public void onApplicationEvent(ContextRefreshedEvent contextRefreshedEvent) {
        ApplicationContext rootApplicationContext = getRootApplicationContext(contextRefreshedEvent.getApplicationContext());
        ApiContext.setApplicationContext(rootApplicationContext);
        this.apiConfig = newApiConfig();
        ApiContext.setApiConfig(this.apiConfig);
        this.apiConfig.loadPrivateKey();
        initApiConfig(this.apiConfig);
        init(rootApplicationContext, this.apiConfig);
        initComponent();
    }

    protected ApplicationContext getRootApplicationContext(ApplicationContext applicationContext) {
        ApplicationContext parent = applicationContext.getParent();
        return parent != null ? parent : applicationContext;
    }

    protected ApiConfig newApiConfig() {
        return new ApiConfig();
    }

    private void initComponent() {
        if (this.oauth2Manager != null) {
            this.apiConfig.initOauth2Service(this.oauth2Manager);
            this.oauth2Service = this.apiConfig.getOauth2Service();
        }
        this.invoker = this.apiConfig.getInvoker();
        initInterceptor();
    }

    private void initInterceptor() {
        if (this.apiConfig.isShowMonitor()) {
            ApiInterceptor[] interceptors = this.apiConfig.getInterceptors();
            ApiInterceptor[] apiInterceptorArr = new ApiInterceptor[interceptors.length + 1];
            apiInterceptorArr[0] = this.apiConfig.getMonitorInerceptor();
            for (int i = 0; i < interceptors.length; i++) {
                apiInterceptorArr[i + 1] = interceptors[i];
            }
            this.apiConfig.setInterceptors(apiInterceptorArr);
        }
    }

    @RequestMapping(method = {RequestMethod.POST})
    public void index(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        responseResult(httpServletResponse, invoke(httpServletRequest, httpServletResponse));
    }

    @RequestMapping(value = {"ssl"}, method = {RequestMethod.POST})
    public void ssl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        responseResult(httpServletResponse, invokeBySSL(httpServletRequest, httpServletResponse));
    }

    protected Object invoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        ApiContext.setRequestMode(RequestMode.SIGNATURE);
        return this.invoker.invoke(httpServletRequest, httpServletResponse);
    }

    protected Object invokeBySSL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        ApiContext.setRequestMode(RequestMode.ENCRYPT);
        return this.invoker.invoke(httpServletRequest, httpServletResponse);
    }

    public void responseResult(HttpServletResponse httpServletResponse, Object obj) {
        this.apiConfig.getRespWriter().write(httpServletResponse, obj);
    }

    @RequestMapping({"doc"})
    public void doc(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        httpServletResponse.setCharacterEncoding(Consts.UTF8);
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        if (!this.apiConfig.isShowDoc()) {
            httpServletResponse.getWriter().write("文档功能未开启");
            return;
        }
        ClassPathResource classPathResource = new ClassPathResource(this.apiConfig.getDocClassPath());
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("title", "API文档");
        velocityContext.put("docEntrys", ApiDocHolder.getApiDocBuilder().getDocItemEntry());
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        velocityContext.put("url", stringBuffer.substring(0, stringBuffer.length() - 4));
        velocityContext.put("ctx", httpServletRequest.getContextPath());
        velocityContext.put("ACCESS_TOKEN_NAME", ParamNames.ACCESS_TOKEN_NAME);
        velocityContext.put("API_NAME", ParamNames.API_NAME);
        velocityContext.put("APP_KEY_NAME", ParamNames.APP_KEY_NAME);
        velocityContext.put("DATA_NAME", ParamNames.DATA_NAME);
        velocityContext.put("FORMAT_NAME", ParamNames.FORMAT_NAME);
        velocityContext.put("SIGN_METHOD_NAME", ParamNames.SIGN_METHOD_NAME);
        velocityContext.put("SIGN_NAME", ParamNames.SIGN_NAME);
        velocityContext.put("TIMESTAMP_NAME", ParamNames.TIMESTAMP_NAME);
        velocityContext.put("TIMESTAMP_PATTERN", ParamNames.TIMESTAMP_PATTERN);
        velocityContext.put("VERSION_NAME", ParamNames.VERSION_NAME);
        processDocVelocityContext(velocityContext);
        VelocityUtil.generate(velocityContext, classPathResource.getInputStream(), httpServletResponse.getWriter());
    }

    protected void processDocVelocityContext(VelocityContext velocityContext) {
    }

    @RequestMapping({"monitor"})
    public void monitor(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (httpServletRequest.getSession().getAttribute(SESSION_KEY_MONITOR_PASSWORD) != null || checkMonitorPassword(httpServletRequest)) {
            httpServletRequest.getSession().setAttribute(SESSION_KEY_MONITOR_PASSWORD, true);
            httpServletRequest.getRequestDispatcher("monitorPage").forward(httpServletRequest, httpServletResponse);
            return;
        }
        httpServletRequest.getSession().setAttribute(SESSION_KEY_MONITOR_PASSWORD, (Object) null);
        httpServletResponse.setCharacterEncoding(Consts.UTF8);
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        String replace = ("<script type='text/javascript' src='" + httpServletRequest.getContextPath() + "/opendoc/md5.js'></script>").replace("'", "\"");
        StringBuilder sb = new StringBuilder();
        sb.append("<html><head>").append(replace).append("</head><body>").append("<form style='display:none;' method='post' action='monitor'><input name='p' type='password' /></form>".replace("'", "\"")).append("<script>var pwd = null;while(!pwd) {pwd = prompt('请输入密码');};var frm = document.forms[0];frm.p.value = hex_md5(pwd);frm.submit();</script>").append("</body></html>");
        httpServletResponse.getWriter().write(sb.toString());
    }

    private boolean checkMonitorPassword(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("p");
        if (parameter == null) {
            return false;
        }
        return MD5Util.encrypt(this.apiConfig.getMonitorPassword()).equals(parameter);
    }

    @RequestMapping({"monitorPage"})
    public void monitorPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (httpServletRequest.getSession().getAttribute(SESSION_KEY_MONITOR_PASSWORD) == null) {
            httpServletResponse.sendRedirect("monitor");
            return;
        }
        httpServletResponse.setCharacterEncoding(Consts.UTF8);
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        if (!this.apiConfig.isShowMonitor()) {
            httpServletResponse.getWriter().write("监控功能未开启");
            return;
        }
        ClassPathResource classPathResource = new ClassPathResource(this.apiConfig.getMonitorClassPath());
        VelocityContext velocityContext = new VelocityContext();
        velocityContext.put("title", "监控");
        velocityContext.put("errorSize", Integer.valueOf(this.apiConfig.getMonitorErrorQueueSize()));
        velocityContext.put("ctx", httpServletRequest.getContextPath());
        processMonitorVelocityContext(velocityContext);
        VelocityUtil.generate(velocityContext, classPathResource.getInputStream(), httpServletResponse.getWriter());
    }

    protected void processMonitorVelocityContext(VelocityContext velocityContext) {
    }

    @RequestMapping({"monitorData"})
    @ResponseBody
    public Object monitorData(MonitorSearch monitorSearch, HttpServletRequest httpServletRequest) throws IOException {
        if (httpServletRequest.getSession().getAttribute(SESSION_KEY_MONITOR_PASSWORD) == null) {
            return -1;
        }
        MonitorStore monitorStore = this.apiConfig.getMonitorStore();
        long total = monitorStore.getTotal(monitorSearch);
        List list = monitorStore.getList(monitorSearch);
        HashMap hashMap = new HashMap();
        hashMap.put("total", Long.valueOf(total));
        hashMap.put("rows", list);
        return hashMap;
    }

    @RequestMapping({"monitorDel"})
    @ResponseBody
    public Object monitorDel(String str, String str2) throws IOException {
        this.apiConfig.getMonitorStore().clean(str, str2);
        return Collections.emptyMap();
    }

    @RequestMapping(value = {"handshake"}, method = {RequestMethod.POST})
    @ResponseBody
    public Object handshake(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        try {
            String text = RequestUtil.getText(httpServletRequest);
            Encrypter encrypter = this.apiConfig.getEncrypter();
            String privateKey = this.apiConfig.getPrivateKey();
            if (StringUtils.isEmpty(privateKey)) {
                this.logger.error("未设置正确的私钥");
                throw Errors.ERROR_SSL.getException(new Object[0]);
            }
            RSAPrivateKey privateKey2 = encrypter.getPrivateKey(privateKey);
            String rsaDecryptByPrivateKey = encrypter.rsaDecryptByPrivateKey(text, privateKey2);
            httpServletRequest.getSession().setAttribute(Consts.RANDOM_KEY_NAME, rsaDecryptByPrivateKey);
            String rsaEncryptByPrivateKey = encrypter.rsaEncryptByPrivateKey(encrypter.aesEncryptToHex("0", rsaDecryptByPrivateKey), privateKey2);
            ApiResult apiResult = new ApiResult();
            apiResult.setCode(Errors.SUCCESS.getCode());
            apiResult.setData(rsaEncryptByPrivateKey);
            return apiResult;
        } catch (Exception e) {
            this.logger.error(e.getMessage(), e);
            ApiResult apiResult2 = new ApiResult();
            apiResult2.setCode(Errors.ERROR_SSL.getCode());
            apiResult2.setMsg("交互错误");
            return apiResult2;
        }
    }

    @RequestMapping({"authorize"})
    public Object authorize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws URISyntaxException, OAuthSystemException {
        OAuthResponse authorize = this.oauth2Service.authorize(httpServletRequest, httpServletResponse, this.apiConfig);
        if (authorize == null) {
            return null;
        }
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setLocation(new URI(authorize.getLocationUri()));
        return new ResponseEntity(httpHeaders, HttpStatus.valueOf(authorize.getResponseStatus()));
    }

    @RequestMapping({"accessToken"})
    public HttpEntity<?> accessToken(HttpServletRequest httpServletRequest) throws URISyntaxException, OAuthSystemException {
        OAuthResponse accessToken = this.oauth2Service.accessToken(httpServletRequest, this.apiConfig);
        return new ResponseEntity(accessToken.getBody(), HttpStatus.valueOf(accessToken.getResponseStatus()));
    }

    @ExceptionHandler({Throwable.class})
    public void jsonErrorHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) throws Exception {
        responseResult(httpServletResponse, this.invoker.caugthException(th));
    }

    protected abstract void initApiConfig(ApiConfig apiConfig);
}
