package xyz.shodown.boot.upms.advice;

import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;
import xyz.shodown.boot.upms.annotation.IgnoreGeneralCrypto;
import xyz.shodown.boot.upms.config.AdditionalProperties;
import xyz.shodown.boot.upms.keychain.DynamicSecretKeyChain;
import xyz.shodown.boot.upms.keychain.UserSecretKeyStorage;
import xyz.shodown.boot.upms.util.ShodownUpmsUtil;
import xyz.shodown.common.util.encrypt.CryptoKeyGenerator;
import xyz.shodown.crypto.annotation.Crypto;
import xyz.shodown.crypto.enums.ProcessorEnum;
import xyz.shodown.crypto.factory.ProcessorFactory;
import xyz.shodown.crypto.processor.CryptoProcessor;
import xyz.shodown.crypto.properties.CryptoProperties;

@ControllerAdvice
/* loaded from: input_file:xyz/shodown/boot/upms/advice/SymmetricEncryptAdvice.class */
public class SymmetricEncryptAdvice implements ResponseBodyAdvice<Object> {
    private static final Logger log = LoggerFactory.getLogger("exception");

    @Resource
    private CryptoProperties cryptoProperties;

    @Resource
    private AdditionalProperties additionalProperties;

    @Resource
    private UserSecretKeyStorage userSecretKeyStorage;

    public boolean supports(MethodParameter methodParameter, Class cls) {
        if (methodParameter.hasMethodAnnotation(IgnoreGeneralCrypto.class) || methodParameter.hasMethodAnnotation(Crypto.class)) {
            return false;
        }
        return ShodownUpmsUtil.shouldCrypto(this.cryptoProperties);
    }

    public Object beforeBodyWrite(Object obj, MethodParameter methodParameter, MediaType mediaType, Class<? extends HttpMessageConverter<?>> cls, ServerHttpRequest serverHttpRequest, ServerHttpResponse serverHttpResponse) {
        try {
            try {
                String generateIv = CryptoKeyGenerator.generateIv();
                this.userSecretKeyStorage.storeIv(generateIv);
                CryptoProcessor processorFactory = ProcessorFactory.getInstance(ProcessorEnum.AES);
                processorFactory.setKeyChainClass(DynamicSecretKeyChain.class);
                Object encrypt = processorFactory.encrypt(obj, methodParameter, mediaType, cls, serverHttpRequest, serverHttpResponse);
                if (encrypt == null) {
                    this.userSecretKeyStorage.removeIv();
                    return null;
                }
                String str = (String) encrypt;
                int i = 1;
                if (this.additionalProperties != null) {
                    i = this.additionalProperties.getAccess().getIvOffset();
                }
                String blendIvAndEncryptData = ShodownUpmsUtil.blendIvAndEncryptData(generateIv, i, str);
                this.userSecretKeyStorage.removeIv();
                return blendIvAndEncryptData;
            } catch (Exception e) {
                log.error(e.getMessage(), e);
                this.userSecretKeyStorage.removeIv();
                return null;
            }
        } catch (Throwable th) {
            this.userSecretKeyStorage.removeIv();
            throw th;
        }
    }
}
