package cn.aotcloud.security.tamperproofing.impl;

import cn.aotcloud.security.tamperproofing.SafeException;
import cn.aotcloud.utils.HttpServletUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpMethod;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.security.crypto.encrypt.TextEncryptor;

/* loaded from: input_file:cn/aotcloud/security/tamperproofing/impl/PostBodyTamperProofingChecker.class */
public abstract class PostBodyTamperProofingChecker extends GetQueryTamperProofingChecker {
    protected final MappingJackson2HttpMessageConverter jackson2HttpMessageConverter;

    public PostBodyTamperProofingChecker(TextEncryptor textEncryptor, MappingJackson2HttpMessageConverter mappingJackson2HttpMessageConverter) {
        super(textEncryptor);
        this.jackson2HttpMessageConverter = mappingJackson2HttpMessageConverter;
    }

    @Override // cn.aotcloud.security.tamperproofing.impl.GetQueryTamperProofingChecker, cn.aotcloud.security.tamperproofing.TamperProofingChecker
    public boolean support(HttpServletRequest httpServletRequest) {
        return StringUtils.isNotBlank(httpServletRequest.getContentType()) && HttpMethod.resolve(httpServletRequest.getMethod()) == HttpMethod.POST && supportInternal(httpServletRequest) && !super.isRootRequest(httpServletRequest);
    }

    @Override // cn.aotcloud.security.tamperproofing.impl.GetQueryTamperProofingChecker, cn.aotcloud.security.tamperproofing.TamperProofingChecker
    public void check(HttpServletRequest httpServletRequest) throws SafeException {
        doValdiate(httpServletRequest, getBodyAndQueryAsJson(httpServletRequest), getSignValue(httpServletRequest));
    }

    protected abstract boolean supportInternal(HttpServletRequest httpServletRequest);

    protected abstract Object getBody(HttpServletRequest httpServletRequest) throws IOException, ServletException;

    protected String getBodyAndQueryAsJson(HttpServletRequest httpServletRequest) {
        try {
            Object body = getBody(httpServletRequest);
            LinkedHashMap linkedHashMap = new LinkedHashMap();
            if (body != null) {
                linkedHashMap.put("body", body);
            }
            if (StringUtils.isNotBlank(HttpServletUtil.getQueryString(httpServletRequest))) {
                linkedHashMap.put("query", sortQueryString(httpServletRequest));
            }
            if (linkedHashMap.isEmpty()) {
                return null;
            }
            return this.jackson2HttpMessageConverter.getObjectMapper().writeValueAsString(convertData(linkedHashMap));
        } catch (IOException | ServletException e) {
            this.logger.error(e);
            throw new SafeException("防篡改异常：系统错误。");
        }
    }

    public Object convertData(Object obj) {
        if (!(obj instanceof Map)) {
            if (!(obj instanceof List)) {
                return obj;
            }
            ArrayList arrayList = new ArrayList();
            ((List) obj).forEach(obj2 -> {
                arrayList.add(convertData(obj2));
            });
            return arrayList;
        }
        Map map = (Map) obj;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        ArrayList arrayList2 = new ArrayList(map.keySet());
        Collections.sort(arrayList2);
        arrayList2.forEach(str -> {
            linkedHashMap.put(str, convertData(map.get(str)));
        });
        return linkedHashMap;
    }
}
