package com.gitee.easyopen.support;

import com.alibaba.fastjson.JSON;
import com.gitee.easyopen.ApiConfig;
import com.gitee.easyopen.ApiContext;
import com.gitee.easyopen.ApiResult;
import com.gitee.easyopen.ApiValidator;
import com.gitee.easyopen.Encrypter;
import com.gitee.easyopen.Invoker;
import com.gitee.easyopen.ParamNames;
import com.gitee.easyopen.Result;
import com.gitee.easyopen.auth.Oauth2Manager;
import com.gitee.easyopen.auth.Oauth2Service;
import com.gitee.easyopen.bean.ApiSearch;
import com.gitee.easyopen.bean.Consts;
import com.gitee.easyopen.bean.RequestMode;
import com.gitee.easyopen.doc.ApiDocHolder;
import com.gitee.easyopen.exception.ApiException;
import com.gitee.easyopen.interceptor.ApiInterceptor;
import com.gitee.easyopen.limit.LimitConfig;
import com.gitee.easyopen.limit.LimitConfigManager;
import com.gitee.easyopen.limit.LimitSearch;
import com.gitee.easyopen.message.Errors;
import com.gitee.easyopen.monitor.MonitorApiInfo;
import com.gitee.easyopen.monitor.MonitorStore;
import com.gitee.easyopen.register.AbstractInitializer;
import com.gitee.easyopen.util.MD5Util;
import com.gitee.easyopen.util.RequestUtil;
import com.gitee.easyopen.util.VelocityUtil;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.interfaces.RSAPrivateKey;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.ConstraintViolation;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang.math.NumberUtils;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.message.OAuthResponse;
import org.apache.velocity.VelocityContext;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationListener;
import org.springframework.context.event.ContextRefreshedEvent;
import org.springframework.core.io.ClassPathResource;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

/* loaded from: input_file:com/gitee/easyopen/support/ApiController.class */
public abstract class ApiController extends AbstractInitializer implements ApplicationListener<ContextRefreshedEvent> {
    private static final String SESSION_KEY_MONITOR_PASSWORD = "session_key_monitor_password";
    private static final String SESSION_KEY_DOC_PASSWORD = "session_key_doc_password";
    protected InvokeTemplate invokeTemplate = new InvokeTemplate();
    protected WebfluxInvokeTemplate webfluxInvokeTemplate = new WebfluxInvokeTemplate();
    protected ApiConfig apiConfig;

    @Autowired(required = false)
    protected Oauth2Manager oauth2Manager;
    protected Oauth2Service oauth2Service;
    protected Invoker invoker;
    private static String SESSION_KEY_LIMIT_PASSWORD = "session_key_limit_password";

    /* loaded from: input_file:com/gitee/easyopen/support/ApiController$AbstractInvokeTemplate.class */
    private abstract class AbstractInvokeTemplate {
        private AbstractInvokeTemplate() {
        }

        protected abstract void afterInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj);

        public Object processInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            try {
                try {
                    Object invoke = ApiController.this.invoke(httpServletRequest, httpServletResponse);
                    afterInvoke(httpServletRequest, httpServletResponse, invoke);
                    ApiContext.clean();
                    return invoke;
                } catch (Throwable th) {
                    Object processError = processError(httpServletRequest, httpServletResponse, th);
                    ApiContext.clean();
                    return processError;
                }
            } catch (Throwable th2) {
                ApiContext.clean();
                throw th2;
            }
        }

        public Object processInvokeBySSL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            try {
                try {
                    Object invokeBySSL = ApiController.this.invokeBySSL(httpServletRequest, httpServletResponse);
                    afterInvoke(httpServletRequest, httpServletResponse, invokeBySSL);
                    ApiContext.clean();
                    return invokeBySSL;
                } catch (Throwable th) {
                    Object processError = processError(httpServletRequest, httpServletResponse, th);
                    ApiContext.clean();
                    return processError;
                }
            } catch (Throwable th2) {
                ApiContext.clean();
                throw th2;
            }
        }

        public Object processError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) {
            Result caugthException = ApiController.this.caugthException(th);
            afterInvoke(httpServletRequest, httpServletResponse, caugthException);
            return caugthException;
        }
    }

    /* loaded from: input_file:com/gitee/easyopen/support/ApiController$InvokeTemplate.class */
    protected class InvokeTemplate extends AbstractInvokeTemplate {
        protected InvokeTemplate() {
            super();
        }

        @Override // com.gitee.easyopen.support.ApiController.AbstractInvokeTemplate
        protected void afterInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
            ApiController.this.responseResult(httpServletResponse, obj);
        }
    }

    /* loaded from: input_file:com/gitee/easyopen/support/ApiController$StatusParam.class */
    public static class StatusParam {
        private List<String> nameVersionList;
        private Byte status;

        public List<String> getNameVersionList() {
            return this.nameVersionList;
        }

        public void setNameVersionList(List<String> list) {
            this.nameVersionList = list;
        }

        public Byte getStatus() {
            return this.status;
        }

        public void setStatus(Byte b) {
            this.status = b;
        }
    }

    /* loaded from: input_file:com/gitee/easyopen/support/ApiController$WebfluxInvokeTemplate.class */
    protected class WebfluxInvokeTemplate extends AbstractInvokeTemplate {
        protected WebfluxInvokeTemplate() {
            super();
        }

        @Override // com.gitee.easyopen.support.ApiController.AbstractInvokeTemplate
        protected void afterInvoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) {
        }
    }

    public void onApplicationEvent(ContextRefreshedEvent contextRefreshedEvent) {
        ApplicationContext rootApplicationContext = getRootApplicationContext(contextRefreshedEvent.getApplicationContext());
        ApiContext.setApplicationContext(rootApplicationContext);
        this.apiConfig = newApiConfig();
        ApiContext.setApiConfig(this.apiConfig);
        this.apiConfig.loadPrivateKey();
        initApiConfig(this.apiConfig);
        init(rootApplicationContext, this.apiConfig);
        initComponent();
    }

    protected ApplicationContext getRootApplicationContext(ApplicationContext applicationContext) {
        ApplicationContext parent = applicationContext.getParent();
        return parent != null ? parent : applicationContext;
    }

    protected ApiConfig newApiConfig() {
        return new ApiConfig();
    }

    private void initComponent() {
        if (this.oauth2Manager != null) {
            this.apiConfig.initOauth2Service(this.oauth2Manager);
            this.oauth2Service = this.apiConfig.getOauth2Service();
        }
        this.invoker = this.apiConfig.getInvoker();
        initInterceptor();
    }

    private void initInterceptor() {
        if (this.apiConfig.isShowMonitor()) {
            ApiInterceptor[] interceptors = this.apiConfig.getInterceptors();
            ApiInterceptor[] apiInterceptorArr = new ApiInterceptor[interceptors.length + 1];
            apiInterceptorArr[0] = this.apiConfig.getMonitorInerceptor();
            for (int i = 0; i < interceptors.length; i++) {
                apiInterceptorArr[i + 1] = interceptors[i];
            }
            this.apiConfig.setInterceptors(apiInterceptorArr);
        }
    }

    @RequestMapping(method = {RequestMethod.POST, RequestMethod.GET})
    public void index(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        this.invokeTemplate.processInvoke(httpServletRequest, httpServletResponse);
    }

    @RequestMapping(value = {"ssl"}, method = {RequestMethod.POST})
    public void ssl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        this.invokeTemplate.processInvokeBySSL(httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Object invoke(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        ApiContext.setRequestMode(RequestMode.SIGNATURE);
        return this.invoker.invoke(httpServletRequest, httpServletResponse);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Object invokeBySSL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        ApiContext.setRequestMode(RequestMode.ENCRYPT);
        return this.invoker.invoke(httpServletRequest, httpServletResponse);
    }

    public void responseResult(HttpServletResponse httpServletResponse, Object obj) {
        if (obj == null) {
            return;
        }
        this.apiConfig.getRespWriter().write(httpServletResponse, obj);
    }

    @RequestMapping({"doc"})
    public void doc(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        httpServletResponse.setCharacterEncoding(Consts.UTF8);
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        if (!this.apiConfig.isShowDoc()) {
            httpServletResponse.getWriter().write("文档功能未开启");
            return;
        }
        Object attribute = httpServletRequest.getSession().getAttribute(SESSION_KEY_DOC_PASSWORD);
        VelocityContext buildVelocityContext = buildVelocityContext(httpServletRequest);
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        buildVelocityContext.put("apiUrl", stringBuffer.subSequence(0, stringBuffer.length() - 4));
        if (StringUtils.hasText(this.apiConfig.getDocPassword()) && attribute == null) {
            if (checkDocPassword(httpServletRequest)) {
                httpServletRequest.getSession().setAttribute(SESSION_KEY_DOC_PASSWORD, true);
                httpServletResponse.sendRedirect(String.valueOf(buildVelocityContext.get("loginUrl")));
                return;
            } else {
                ClassPathResource classPathResource = new ClassPathResource(this.apiConfig.getLoginClassPath());
                buildVelocityContext.put("title", "API文档");
                buildVelocityContext.put("remark", "文档页面密码：");
                VelocityUtil.generate(buildVelocityContext, classPathResource.getInputStream(), httpServletResponse.getWriter());
                return;
            }
        }
        ClassPathResource classPathResource2 = new ClassPathResource(this.apiConfig.getDocClassPath());
        buildVelocityContext.put("title", "API文档");
        buildVelocityContext.put("apiModules", ApiDocHolder.getApiDocBuilder().getApiModules());
        buildVelocityContext.put("ACCESS_TOKEN_NAME", ParamNames.ACCESS_TOKEN_NAME);
        buildVelocityContext.put("API_NAME", ParamNames.API_NAME);
        buildVelocityContext.put("APP_KEY_NAME", ParamNames.APP_KEY_NAME);
        buildVelocityContext.put("DATA_NAME", ParamNames.DATA_NAME);
        buildVelocityContext.put("FORMAT_NAME", ParamNames.FORMAT_NAME);
        buildVelocityContext.put("SIGN_METHOD_NAME", ParamNames.SIGN_METHOD_NAME);
        buildVelocityContext.put("SIGN_NAME", ParamNames.SIGN_NAME);
        buildVelocityContext.put("TIMESTAMP_NAME", ParamNames.TIMESTAMP_NAME);
        buildVelocityContext.put("TIMESTAMP_PATTERN", ParamNames.TIMESTAMP_PATTERN);
        buildVelocityContext.put("VERSION_NAME", ParamNames.VERSION_NAME);
        buildVelocityContext.put("code_name", "code");
        buildVelocityContext.put("code_description", "状态值，\"0\"表示成功，其它都是失败");
        buildVelocityContext.put("msg_name", "msg");
        buildVelocityContext.put("msg_description", "错误信息，出错时显示");
        buildVelocityContext.put("data_name", "data");
        buildVelocityContext.put("data_description", "返回的数据，没有则返回{}");
        buildVelocityContext.put("docRemark", getDocRemark());
        buildVelocityContext.put("jsHook", "");
        processDocVelocityContext(buildVelocityContext);
        VelocityUtil.generate(buildVelocityContext, classPathResource2.getInputStream(), httpServletResponse.getWriter());
    }

    protected String getDocRemark() {
        return "";
    }

    protected VelocityContext buildVelocityContext(HttpServletRequest httpServletRequest) {
        VelocityContext velocityContext = new VelocityContext();
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        velocityContext.put("url", stringBuffer);
        velocityContext.put("ctx", httpServletRequest.getContextPath());
        velocityContext.put("loginUrl", getLoginUrl(stringBuffer));
        return velocityContext;
    }

    protected String getLoginUrl(String str) {
        return str.substring(str.lastIndexOf("/") + 1);
    }

    protected boolean checkDocPassword(HttpServletRequest httpServletRequest) {
        return checkPassword(httpServletRequest, this.apiConfig.getDocPassword());
    }

    protected boolean checkPassword(HttpServletRequest httpServletRequest, String str) {
        String parameter = httpServletRequest.getParameter("p");
        if (parameter == null || str == null) {
            return false;
        }
        return MD5Util.encrypt(str).equals(parameter);
    }

    protected void processDocVelocityContext(VelocityContext velocityContext) {
    }

    @RequestMapping({"monitor"})
    public void monitor(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (!this.apiConfig.isShowMonitor()) {
            httpServletResponse.getWriter().write("监控功能未开启");
            return;
        }
        httpServletResponse.setCharacterEncoding(Consts.UTF8);
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        Object attribute = httpServletRequest.getSession().getAttribute(SESSION_KEY_MONITOR_PASSWORD);
        VelocityContext buildVelocityContext = buildVelocityContext(httpServletRequest);
        if (attribute != null) {
            ClassPathResource classPathResource = new ClassPathResource(this.apiConfig.getMonitorClassPath());
            buildVelocityContext.put("title", "监控");
            buildVelocityContext.put("errorSize", Integer.valueOf(this.apiConfig.getMonitorErrorQueueSize()));
            processMonitorVelocityContext(buildVelocityContext);
            VelocityUtil.generate(buildVelocityContext, classPathResource.getInputStream(), httpServletResponse.getWriter());
            return;
        }
        if (checkMonitorPassword(httpServletRequest)) {
            httpServletRequest.getSession().setAttribute(SESSION_KEY_MONITOR_PASSWORD, true);
            httpServletResponse.sendRedirect(String.valueOf(buildVelocityContext.get("loginUrl")));
            return;
        }
        httpServletRequest.getSession().setAttribute(SESSION_KEY_MONITOR_PASSWORD, (Object) null);
        ClassPathResource classPathResource2 = new ClassPathResource(this.apiConfig.getLoginClassPath());
        buildVelocityContext.put("title", "API监控");
        buildVelocityContext.put("remark", "监控页面密码：");
        VelocityUtil.generate(buildVelocityContext, classPathResource2.getInputStream(), httpServletResponse.getWriter());
    }

    protected boolean checkMonitorPassword(HttpServletRequest httpServletRequest) {
        return checkPassword(httpServletRequest, this.apiConfig.getMonitorPassword());
    }

    protected void processMonitorVelocityContext(VelocityContext velocityContext) {
    }

    @RequestMapping({"monitor/data"})
    @ResponseBody
    public Object monitorData(ApiSearch apiSearch, HttpServletRequest httpServletRequest) throws IOException {
        if (httpServletRequest.getSession().getAttribute(SESSION_KEY_MONITOR_PASSWORD) == null) {
            return -1;
        }
        MonitorStore monitorStore = this.apiConfig.getMonitorStore();
        long total = monitorStore.getTotal(apiSearch);
        List<MonitorApiInfo> list = monitorStore.getList(apiSearch);
        HashMap hashMap = new HashMap();
        hashMap.put("total", Long.valueOf(total));
        hashMap.put("rows", list);
        return hashMap;
    }

    @RequestMapping({"monitor/del"})
    @ResponseBody
    public Object monitorDel(String str, String str2) throws IOException {
        this.apiConfig.getMonitorStore().clean(str, str2);
        return Collections.emptyMap();
    }

    @RequestMapping(value = {"handshake"}, method = {RequestMethod.POST})
    @ResponseBody
    public Object handshake(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        try {
            String text = RequestUtil.getText(httpServletRequest);
            Encrypter encrypter = this.apiConfig.getEncrypter();
            String privateKey = this.apiConfig.getPrivateKey();
            if (StringUtils.isEmpty(privateKey)) {
                this.logger.error("未设置正确的私钥");
                throw Errors.ERROR_SSL.getException(new Object[0]);
            }
            RSAPrivateKey privateKey2 = encrypter.getPrivateKey(privateKey);
            String rsaDecryptByPrivateKey = encrypter.rsaDecryptByPrivateKey(text, privateKey2);
            httpServletRequest.getSession().setAttribute(Consts.RANDOM_KEY_NAME, rsaDecryptByPrivateKey);
            String rsaEncryptByPrivateKey = encrypter.rsaEncryptByPrivateKey(encrypter.aesEncryptToHex("0", rsaDecryptByPrivateKey), privateKey2);
            ApiResult apiResult = new ApiResult();
            apiResult.setCode(Errors.SUCCESS.getCode());
            apiResult.setData(rsaEncryptByPrivateKey);
            return apiResult;
        } catch (Exception e) {
            this.logger.error(e.getMessage(), e);
            ApiResult apiResult2 = new ApiResult();
            apiResult2.setCode(Errors.ERROR_SSL.getCode());
            apiResult2.setMsg("交互错误");
            return apiResult2;
        }
    }

    @RequestMapping({"authorize"})
    public Object authorize(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws URISyntaxException, OAuthSystemException {
        OAuthResponse authorize = this.oauth2Service.authorize(httpServletRequest, httpServletResponse, this.apiConfig);
        if (authorize == null) {
            return null;
        }
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.setLocation(new URI(authorize.getLocationUri()));
        return new ResponseEntity(httpHeaders, HttpStatus.valueOf(authorize.getResponseStatus()));
    }

    @RequestMapping({"accessToken"})
    public HttpEntity<?> accessToken(HttpServletRequest httpServletRequest) throws URISyntaxException, OAuthSystemException {
        OAuthResponse accessToken = this.oauth2Service.accessToken(httpServletRequest, this.apiConfig);
        return new ResponseEntity(accessToken.getBody(), HttpStatus.valueOf(accessToken.getResponseStatus()));
    }

    @ExceptionHandler({Throwable.class})
    public void jsonErrorHandler(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) {
        try {
            this.invokeTemplate.processError(httpServletRequest, httpServletResponse, th);
        } catch (Throwable th2) {
            this.logger.error("jsonErrorHandler error", th2);
            try {
                ApiResult apiResult = new ApiResult();
                apiResult.setCode(Errors.SYS_ERROR.getCode());
                apiResult.setMsg(th2.getMessage());
                httpServletResponse.getWriter().write(JSON.toJSONString(apiResult));
            } catch (IOException e) {
                this.logger.error(e.getMessage(), e);
            }
        }
    }

    protected Result caugthException(Throwable th) {
        String code = Errors.SYS_ERROR.getCode();
        String message = th.getMessage();
        Object obj = null;
        if (th instanceof ApiException) {
            ApiException apiException = (ApiException) th;
            code = apiException.getCode();
            message = apiException.getMessage();
            obj = apiException.getData();
        }
        return this.apiConfig.getResultCreator().createErrorResult(code, message, obj);
    }

    public void setInvokeTemplate(InvokeTemplate invokeTemplate) {
        this.invokeTemplate = invokeTemplate;
    }

    public void setWebfluxInvokeTemplate(WebfluxInvokeTemplate webfluxInvokeTemplate) {
        this.webfluxInvokeTemplate = webfluxInvokeTemplate;
    }

    protected abstract void initApiConfig(ApiConfig apiConfig);

    @Override // com.gitee.easyopen.register.AbstractInitializer, com.gitee.easyopen.register.RegistCallback
    public void onRegistFinished(ApiConfig apiConfig) {
        LimitConfigManager limitConfigManager = apiConfig.getLimitConfigManager();
        if (limitConfigManager != null) {
            limitConfigManager.loadToLocalCache();
        }
    }

    @RequestMapping({"limit"})
    public void limit(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        if (this.apiConfig.getLimitManager() == null) {
            httpServletResponse.getWriter().write("限流功能未开启");
            return;
        }
        httpServletResponse.setCharacterEncoding(Consts.UTF8);
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        httpServletResponse.setHeader("Pragma", "No-cache");
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setDateHeader("Expires", 0L);
        Object attribute = httpServletRequest.getSession().getAttribute(SESSION_KEY_LIMIT_PASSWORD);
        VelocityContext buildVelocityContext = buildVelocityContext(httpServletRequest);
        if (attribute != null) {
            ClassPathResource classPathResource = new ClassPathResource(this.apiConfig.getLimitClassPath());
            buildVelocityContext.put("title", "限流管理");
            processLimitVelocityContext(buildVelocityContext);
            VelocityUtil.generate(buildVelocityContext, classPathResource.getInputStream(), httpServletResponse.getWriter());
            return;
        }
        if (checkLimitPassword(httpServletRequest)) {
            httpServletRequest.getSession().setAttribute(SESSION_KEY_LIMIT_PASSWORD, true);
            httpServletResponse.sendRedirect(String.valueOf(buildVelocityContext.get("loginUrl")));
            return;
        }
        httpServletRequest.getSession().setAttribute(SESSION_KEY_LIMIT_PASSWORD, (Object) null);
        ClassPathResource classPathResource2 = new ClassPathResource(this.apiConfig.getLoginClassPath());
        buildVelocityContext.put("title", "限流管理");
        buildVelocityContext.put("remark", "限流管理页面密码：");
        VelocityUtil.generate(buildVelocityContext, classPathResource2.getInputStream(), httpServletResponse.getWriter());
    }

    protected void processLimitVelocityContext(VelocityContext velocityContext) {
    }

    @RequestMapping({"limit/data"})
    @ResponseBody
    public Object limitData(LimitSearch limitSearch, HttpServletRequest httpServletRequest) throws IOException {
        if (httpServletRequest.getSession().getAttribute(SESSION_KEY_LIMIT_PASSWORD) == null) {
            return -1;
        }
        LimitConfigManager limitConfigManager = this.apiConfig.getLimitConfigManager();
        long total = limitConfigManager.getTotal(limitSearch);
        List<LimitConfig> listLimitConfig = limitConfigManager.listLimitConfig(limitSearch);
        HashMap hashMap = new HashMap();
        hashMap.put("total", Long.valueOf(total));
        hashMap.put("rows", listLimitConfig);
        return hashMap;
    }

    @RequestMapping({"limit/modify"})
    @ResponseBody
    public Object limitModify(LimitConfig limitConfig, HttpServletRequest httpServletRequest) throws IOException {
        if (httpServletRequest.getSession().getAttribute(SESSION_KEY_LIMIT_PASSWORD) == null) {
            return -1;
        }
        if (org.apache.commons.lang.StringUtils.isBlank(limitConfig.getVersion())) {
            limitConfig.setVersion("");
        }
        Iterator it = ApiValidator.getValidator().validate(limitConfig, new Class[0]).iterator();
        if (it.hasNext()) {
            throw new ApiException(((ConstraintViolation) it.next()).getMessage(), "500");
        }
        String limitCode = limitConfig.getLimitCode();
        if (NumberUtils.isNumber(limitCode) && NumberUtils.toInt(limitCode) <= 100) {
            throw new ApiException("code值必须大于100（1~100为系统保留code）", "500");
        }
        this.apiConfig.getLimitConfigManager().save(limitConfig);
        return Collections.emptyMap();
    }

    @RequestMapping({"limit/status"})
    @ResponseBody
    public Object limitStatus(@RequestBody StatusParam statusParam, HttpServletRequest httpServletRequest) throws IOException {
        if (httpServletRequest.getSession().getAttribute(SESSION_KEY_LIMIT_PASSWORD) == null) {
            return -1;
        }
        List<String> nameVersionList = statusParam.getNameVersionList();
        if (CollectionUtils.isEmpty(nameVersionList)) {
            return Collections.emptyMap();
        }
        if (statusParam.getStatus() == null) {
            throw new ApiException("status不能为null", "500");
        }
        LimitConfigManager limitConfigManager = this.apiConfig.getLimitConfigManager();
        byte byteValue = statusParam.getStatus().byteValue();
        Iterator<String> it = nameVersionList.iterator();
        while (it.hasNext()) {
            LimitConfig apiRateConfig = limitConfigManager.getApiRateConfig(it.next());
            if (apiRateConfig.getStatus().byteValue() != byteValue) {
                apiRateConfig.setStatus(Byte.valueOf(byteValue));
                limitConfigManager.save(apiRateConfig);
            }
        }
        return Collections.emptyMap();
    }

    protected boolean checkLimitPassword(HttpServletRequest httpServletRequest) {
        return checkPassword(httpServletRequest, this.apiConfig.getLimitPassword());
    }
}
