package cn.watsontech.core.web.spring.aop;

import cn.watsontech.core.openapi.params.base.OpenApiParams;
import cn.watsontech.core.openapi.params.base.PublicApiParams;
import cn.watsontech.core.service.AppInfoService;
import cn.watsontech.core.utils.Md5Util;
import cn.watsontech.core.utils.RequestUtils;
import cn.watsontech.core.web.spring.aop.annotation.OpenApi;
import cn.watsontech.core.web.spring.security.entity.AppInfo;
import java.util.ArrayList;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.RandomStringUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.After;
import org.aspectj.lang.annotation.AfterThrowing;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.Assert;
import org.springframework.web.context.request.RequestContextHolder;

@Aspect
@Component
/* loaded from: input_file:cn/watsontech/core/web/spring/aop/OpenApiAspect.class */
public class OpenApiAspect {
    private static final Logger log = LoggerFactory.getLogger(OpenApiAspect.class);

    @Autowired
    AppInfoService openAppInfoService;
    ThreadLocal<PublicApiParams> publicApiParamThreadLocal = new ThreadLocal<>();

    @Pointcut("@annotation(cn.watsontech.core.web.spring.aop.annotation.OpenApi)")
    public void openApi() {
    }

    @Before("openApi()")
    public void doBefore(JoinPoint joinPoint) {
        HttpServletRequest request = RequestContextHolder.getRequestAttributes().getRequest();
        String requestURI = request.getRequestURI();
        log.info("OpenApiAspect-{}.doBefore()，{}, {}", new Object[]{((OpenApi) joinPoint.getSignature().getMethod().getAnnotation(OpenApi.class)).value(), RequestUtils.getIpAddress(request), requestURI});
        PublicApiParams publicApiParams = null;
        ArrayList arrayList = new ArrayList();
        Object[] args = joinPoint.getArgs();
        if (args != null && args.length > 0) {
            for (int i = 0; i < args.length; i++) {
                if (args[i] instanceof PublicApiParams) {
                    publicApiParams = (PublicApiParams) args[i];
                }
                if (args[i] instanceof OpenApiParams) {
                    arrayList.add((OpenApiParams) args[i]);
                }
            }
        }
        Assert.notNull(publicApiParams, "非法请求");
        publicApiParams.setRequestId(RandomStringUtils.randomAlphanumeric(12));
        this.publicApiParamThreadLocal.set(publicApiParams);
        AppInfo appInfo = new AppInfo();
        appInfo.setCode(publicApiParams.getAppid());
        AppInfo selectFirst = this.openAppInfoService.selectFirst(appInfo);
        Assert.notNull(selectFirst, "非法请求：未识别的appid");
        String secret = selectFirst.getSecret();
        int intValue = selectFirst.getAllowDelay() != null ? selectFirst.getAllowDelay().intValue() * 1000 : 60000;
        String needSignParamString = publicApiParams.getNeedSignParamString(arrayList);
        Assert.isTrue((needSignParamString == null || needSignParamString.equals("")) ? false : true, "请求签名参数列表为空");
        String upperCase = Md5Util.MD5Encode(String.format("%s&appSecret=%s&url=%s", needSignParamString, secret, requestURI)).toUpperCase();
        long currentTimeMillis = System.currentTimeMillis();
        log.info("OpenApiAspect.doBefore 加密字符串：{}，已签名字符串：{}, 当前时间戳：{}", new Object[]{needSignParamString, upperCase, Long.valueOf(currentTimeMillis)});
        Assert.isTrue(upperCase.equals(publicApiParams.getSign()), "非法请求：签名错误");
        long longValue = currentTimeMillis - publicApiParams.getTimestamp().longValue();
        Assert.isTrue(longValue < ((long) intValue) && longValue > 0, "非法请求：无效的时间戳");
    }

    @After("openApi()")
    public void doAfter(JoinPoint joinPoint) {
        log.info("OpenApiAspect.doAfter()，请求ID：{}", this.publicApiParamThreadLocal.get().getRequestId());
    }

    @AfterThrowing(value = "openApi()", throwing = "exception")
    public void doAfterThrowingAdvice(JoinPoint joinPoint, Throwable th) {
        PublicApiParams publicApiParams = this.publicApiParamThreadLocal.get();
        log.info("OpenApiAspect-{}-[异常].doAfterThrowingAdvice() - requestId:{}", publicApiParams.getAppid(), publicApiParams.getRequestId());
    }
}
