package tech.codingless.core.gateway.interceptor;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson2.JSONObject;
import java.io.IOException;
import java.util.Date;
import java.util.TreeMap;
import java.util.concurrent.ConcurrentHashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.BooleanUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.AsyncHandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import tech.codingless.core.gateway.annotation.GrantModuleCondition;
import tech.codingless.core.gateway.annotation.MyAccessKeyAuth;
import tech.codingless.core.gateway.annotation.MyAuth;
import tech.codingless.core.gateway.annotation.MyBiz;
import tech.codingless.core.gateway.data.MyMemoryAnalysisFlag;
import tech.codingless.core.gateway.helper.AccessKeyHelper;
import tech.codingless.core.gateway.helper.RequestMonitorHelper;
import tech.codingless.core.gateway.util.DateUtil;
import tech.codingless.core.gateway.util.SHAUtil;
import tech.codingless.core.gateway.util.SessionUtil;
import tech.codingless.core.gateway.util.SignUtil;
import tech.codingless.core.gateway.util.StringUtil;

/* loaded from: input_file:tech/codingless/core/gateway/interceptor/GatewayInterceptor.class */
public class GatewayInterceptor implements AsyncHandlerInterceptor {
    private static final String ACCESS_KEY = "Access-Key";
    private static final String ACCESS_TIMESTAMP = "Access-Timestamp";
    private static final String ACCESS_SIGN = "Access-Sign";
    private static final String X_REAL_IP = "X-Real-IP";
    private static final String DEFAULT_MODULE = "00000";
    private static final Logger log = LoggerFactory.getLogger(GatewayInterceptor.class);
    private static final ThreadLocal<MyMemoryAnalysisFlag> flag = new ThreadLocal<>();
    private static final ThreadLocal<Long> t = new ThreadLocal<>();
    private static final ThreadLocal<Boolean> DISABLE_LOG = new ThreadLocal<>();
    private static final ThreadLocal<Boolean> DISABLE_RESPONSE_LOG = new ThreadLocal<>();
    private static final ThreadLocal<String> REQUEST_BODY = new ThreadLocal<>();
    private static final ConcurrentHashMap<String, String> URI_CATCH = new ConcurrentHashMap<>();

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
        super.postHandle(httpServletRequest, httpServletResponse, obj, modelAndView);
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        try {
            if (!(obj instanceof HandlerMethod)) {
                return super.preHandle(httpServletRequest, httpServletResponse, obj);
            }
            clearSession();
            t.set(Long.valueOf(System.currentTimeMillis()));
            HandlerMethod handlerMethod = (HandlerMethod) obj;
            MyBiz myBiz = (MyBiz) handlerMethod.getMethodAnnotation(MyBiz.class);
            if (myBiz != null) {
                DISABLE_LOG.set(Boolean.valueOf(myBiz.disableRequestLog()));
                DISABLE_RESPONSE_LOG.set(Boolean.valueOf(myBiz.disableResponseLog()));
            }
            REQUEST_BODY.remove();
            MyAccessKeyAuth myAccessKeyAuth = (MyAccessKeyAuth) handlerMethod.getMethodAnnotation(MyAccessKeyAuth.class);
            if (myAccessKeyAuth == null) {
                setRequestLog(DEFAULT_MODULE, httpServletRequest, httpServletResponse);
                return super.preHandle(httpServletRequest, httpServletResponse, obj);
            }
            String header = httpServletRequest.getHeader(ACCESS_KEY);
            String header2 = httpServletRequest.getHeader(ACCESS_TIMESTAMP);
            String header3 = httpServletRequest.getHeader(ACCESS_SIGN);
            if (StringUtil.hasEmpty(header, header2, header3)) {
                notAuthResponse(httpServletRequest, httpServletResponse, handlerMethod);
                return false;
            }
            AccessKeyHelper.AccessKey accessKey = AccessKeyHelper.get(header.trim());
            String findModuleNameByResourcePkg = GrantModuleCondition.findModuleNameByResourcePkg(handlerMethod.getBean().getClass());
            if (StringUtil.isEmpty(findModuleNameByResourcePkg)) {
                notAuthResponse(httpServletRequest, httpServletResponse, handlerMethod);
                return false;
            }
            if (!accessKey.isReadAble(findModuleNameByResourcePkg) && !accessKey.isWriteAble(findModuleNameByResourcePkg)) {
                notAuthResponse(httpServletRequest, httpServletResponse, handlerMethod);
                return false;
            }
            if (myAccessKeyAuth.requiredWriteAble() && BooleanUtils.isFalse(Boolean.valueOf(accessKey.isWriteAble(findModuleNameByResourcePkg)))) {
                notAuthResponse(httpServletRequest, httpServletResponse, handlerMethod);
                return false;
            }
            if ("GET".equalsIgnoreCase(httpServletRequest.getMethod())) {
                TreeMap treeMap = new TreeMap();
                httpServletRequest.getParameterNames().asIterator().forEachRemaining(str -> {
                    treeMap.put(str, httpServletRequest.getParameter(str));
                });
                if (!SHAUtil.verifySign(accessKey.getSecret(), SignUtil.toSignSrc(treeMap, header2), header3)) {
                    notAuthResponse(httpServletRequest, httpServletResponse, handlerMethod);
                    return false;
                }
                setRequestLog(findModuleNameByResourcePkg, httpServletRequest, httpServletResponse);
                MyAccessKeyAuth.CURRENT_COMPANY_ID.set(accessKey.getCompany());
                MyAccessKeyAuth.ACCESS_KEY.set(accessKey.getKey());
                SessionUtil.CURRENT_COMPANY_ID.set(accessKey.getCompany());
                SessionUtil.CURRENT_USER_ID.set(accessKey.getKey());
                return super.preHandle(httpServletRequest, httpServletResponse, obj);
            }
            if (!"application/json".equalsIgnoreCase(httpServletRequest.getContentType()) || !(httpServletRequest instanceof BodyReaderHttpServletRequestWrapper)) {
                return false;
            }
            BodyReaderHttpServletRequestWrapper bodyReaderHttpServletRequestWrapper = (BodyReaderHttpServletRequestWrapper) httpServletRequest;
            String requestBody = bodyReaderHttpServletRequestWrapper.getRequestBody();
            REQUEST_BODY.set(requestBody);
            if (!SHAUtil.verifySign(accessKey.getSecret(), requestBody + "&" + header2, header3)) {
                notAuthResponse(httpServletRequest, httpServletResponse, handlerMethod);
                return false;
            }
            setRequestLog(findModuleNameByResourcePkg, httpServletRequest, httpServletResponse);
            MyAccessKeyAuth.CURRENT_COMPANY_ID.set(accessKey.getCompany());
            MyAccessKeyAuth.ACCESS_KEY.set(accessKey.getKey());
            SessionUtil.CURRENT_COMPANY_ID.set(accessKey.getCompany());
            SessionUtil.CURRENT_USER_ID.set(accessKey.getKey());
            return super.preHandle(bodyReaderHttpServletRequestWrapper, httpServletResponse, obj);
        } catch (Throwable th) {
            log.error("error", th);
            return false;
        }
    }

    private void notAuthResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, HandlerMethod handlerMethod) throws IOException {
        try {
            httpServletResponse.setHeader(MyAuth.UNAUTHORIZED_MSG, "1");
            httpServletResponse.sendError(MyAuth.UNAUTHORIZED_CODE);
            SessionUtil.CURRENT_RESPONSE.set(MyAuth.UNAUTHORIZED_MSG);
            appendLog(httpServletRequest, httpServletResponse, handlerMethod, null);
            clearSession();
        } catch (Throwable th) {
            clearSession();
            throw th;
        }
    }

    private void appendLog(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws IOException {
        if (BooleanUtils.isTrue(DISABLE_LOG.get())) {
            return;
        }
        String uri = getUri(httpServletRequest, obj);
        String jSONString = httpServletRequest.getParameterMap().isEmpty() ? null : JSON.toJSONString(httpServletRequest.getParameterMap());
        long currentTimeMillis = System.currentTimeMillis() - t.get().longValue();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("ip", httpServletRequest.getHeader(X_REAL_IP));
        jSONObject.put("t", Long.valueOf(System.currentTimeMillis()));
        jSONObject.put("method", httpServletRequest.getMethod());
        jSONObject.put("companyId", MyAccessKeyAuth.CURRENT_COMPANY_ID.get());
        jSONObject.put("access_key", MyAccessKeyAuth.ACCESS_KEY.get());
        jSONObject.put("cost", Long.valueOf(currentTimeMillis));
        jSONObject.put("uri", uri);
        jSONObject.put("url", httpServletRequest.getRequestURL().toString());
        jSONObject.put("url_param", jSONString);
        if ("POST".equalsIgnoreCase(httpServletRequest.getMethod()) && "application/json".equalsIgnoreCase(httpServletRequest.getContentType()) && (httpServletRequest instanceof BodyReaderHttpServletRequestWrapper)) {
            jSONObject.put("req_body", REQUEST_BODY.get());
        }
        if (BooleanUtils.isNotTrue(DISABLE_RESPONSE_LOG.get())) {
            jSONObject.put("response", SessionUtil.CURRENT_RESPONSE.get());
        }
        StringBuilder sb = new StringBuilder();
        sb.append("REQUEST_INFO:").append(jSONObject);
        log.info(sb.toString());
        RequestMonitorHelper.append(SessionUtil.CURRENT_COMPANY_ID.get(), SessionUtil.CURRENT_USER_ID.get(), SessionUtil.CURRENT_USER_NAME.get(), SessionUtil.RID.get(), uri, httpServletRequest.getRequestURL().toString(), currentTimeMillis, jSONString, REQUEST_BODY.get(), BooleanUtils.isNotTrue(DISABLE_RESPONSE_LOG.get()) ? SessionUtil.CURRENT_RESPONSE.get() : null, exc);
    }

    private void setRequestLog(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String str2 = DateUtil.formatYYYYMMDD(new Date()) + "-REQ-" + str.replace("/", StringUtil.EMPTY_STR).toUpperCase() + "-" + StringUtil.genGUID() + "-" + StringUtil.genShortGUID().toLowerCase();
        httpServletResponse.addHeader("Request-Id", str2);
        SessionUtil.RID.set(str2);
        MyMemoryAnalysisFlag myMemoryAnalysisFlag = new MyMemoryAnalysisFlag("REQ:" + httpServletRequest.getRequestURL().toString(), str2);
        myMemoryAnalysisFlag.setReqBody(REQUEST_BODY.get());
        if (!httpServletRequest.getParameterMap().isEmpty()) {
            myMemoryAnalysisFlag.setUrlParam(JSON.toJSONString(httpServletRequest.getParameterMap()));
        }
        flag.set(myMemoryAnalysisFlag);
        RequestMonitorHelper.append(myMemoryAnalysisFlag);
    }

    private void clearSession() {
        RequestMonitorHelper.clear(flag.get());
        flag.remove();
        MyAccessKeyAuth.CURRENT_COMPANY_ID.remove();
        MyAccessKeyAuth.ACCESS_KEY.remove();
        REQUEST_BODY.remove();
        SessionUtil.CURRENT_COMPANY_ID.remove();
        SessionUtil.CURRENT_USER_ID.remove();
        DISABLE_LOG.remove();
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        try {
            appendLog(httpServletRequest, httpServletResponse, obj, exc);
            clearSession();
        } catch (Throwable th) {
            clearSession();
            throw th;
        }
        super.afterCompletion(httpServletRequest, httpServletResponse, obj, exc);
    }

    private String getUri(HttpServletRequest httpServletRequest, Object obj) {
        if (URI_CATCH.containsKey(obj.toString())) {
            return URI_CATCH.get(obj.toString());
        }
        StringBuilder sb = new StringBuilder();
        if (obj instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) obj;
            RequestMapping annotation = handlerMethod.getBeanType().getAnnotation(RequestMapping.class);
            if (annotation != null) {
                sb.append(annotation.value()[0]);
            }
            GetMapping methodAnnotation = handlerMethod.getMethodAnnotation(GetMapping.class);
            if (methodAnnotation != null) {
                sb.append(methodAnnotation.value()[0]);
            } else if (handlerMethod.getMethodAnnotation(PostMapping.class) != null) {
                sb.append(handlerMethod.getMethodAnnotation(PostMapping.class).value()[0]);
            } else if (handlerMethod.getMethodAnnotation(PutMapping.class) != null) {
                sb.append(handlerMethod.getMethodAnnotation(PutMapping.class).value()[0]);
            } else if (handlerMethod.getMethodAnnotation(DeleteMapping.class) != null) {
                sb.append(handlerMethod.getMethodAnnotation(DeleteMapping.class).value()[0]);
            } else {
                sb.append(httpServletRequest.getRequestURI());
            }
        }
        URI_CATCH.put(obj.toString(), sb.toString());
        return sb.toString();
    }
}
