package cn.gmlee.tools.webapp.controller;

import cn.gmlee.tools.base.enums.XCode;
import cn.gmlee.tools.base.ex.SkillException;
import cn.gmlee.tools.base.util.SignUtil;
import cn.gmlee.tools.redis.util.RedisClient;
import cn.gmlee.tools.webapp.assist.SignAssist;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotEmpty;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestHeader;

@Validated
/* loaded from: input_file:cn/gmlee/tools/webapp/controller/SignController.class */
public class SignController extends ParameterController {

    @Resource
    protected SignAssist signAssist;

    @Autowired(required = false)
    protected RedisClient<String, String> rc;

    @ModelAttribute
    public void signPre(@RequestHeader(value = "appid", required = false) @NotEmpty(message = "应用码是空") String str, @RequestHeader(value = "timestamp", required = false) @NotEmpty(message = "时间戳是空") String str2, @RequestHeader(value = "nonce", required = false) @NotEmpty(message = "随机数是空") String str3, @RequestHeader(value = "signature", required = false) @NotEmpty(message = "签名是空") String str4, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        super.parameterPre(str);
        if (!timestampOK(str2)) {
            throw new SkillException(Integer.valueOf(XCode.CONSENSUS_SIGN2001.code), "签名过期");
        }
        if (!nonceOK(str3, str4)) {
            throw new SkillException(Integer.valueOf(XCode.CONSENSUS_SIGN2001.code), "重复请求");
        }
        String secretKey = getSecretKey(str);
        if (StringUtils.isEmpty(secretKey)) {
            throw new SkillException(Integer.valueOf(XCode.CONSENSUS_SIGN2001.code), "暂无私钥");
        }
        if (!SignUtil.check(httpServletRequest, secretKey, this.signAssist.getExtraHeaders())) {
            throw new SkillException(Integer.valueOf(XCode.CONSENSUS_SIGN2001.code), "非法请求");
        }
    }

    public String getSecretKey(String str) {
        return (String) this.rc.get(this.signAssist.getAppKeyPrefix().concat(str));
    }

    public String setSecretKey(String str, String str2) {
        this.rc.set(this.signAssist.getAppKeyPrefix().concat(str), str2);
        return str2;
    }

    private boolean nonceOK(String str, String str2) {
        return true;
    }

    private boolean timestampOK(String str) {
        return System.currentTimeMillis() < Long.valueOf(str).longValue();
    }
}
