package com.aote.handler;

import com.alibaba.fastjson.JSON;
import com.aote.plugins.ParameterRequestWrapper;
import com.aote.utils.AesUtils;
import com.aote.utils.FileConfig;
import com.aote.utils.SignUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
import org.json.JSONObject;

/* loaded from: input_file:com/aote/handler/InterFaceFiliterSign.class */
public class InterFaceFiliterSign implements Filter {
    static Logger log = Logger.getLogger(InterFaceFiliterSign.class);

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        log.debug("进入accesstoken,签名验证拦截器");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader("accesskey");
        String header2 = httpServletRequest.getHeader("sign");
        if (StringUtils.isEmpty(header) || StringUtils.isEmpty(header2)) {
            resultError(701, "not accesskey or sign was found", httpServletResponse);
            return;
        }
        String str = "";
        try {
            JSONObject jSONObject = FileConfig.getjsonfromfile("thirdFiliter.json");
            Iterator<String> keys = jSONObject.keys();
            while (keys.hasNext()) {
                JSONObject jSONObject2 = jSONObject.getJSONObject(keys.next());
                String string = jSONObject2.getString("accesskey");
                if (StringUtils.isNotEmpty(string) && header.equals(string) && "1".equals(jSONObject2.getString("isflag")) && StringUtils.isNotEmpty(jSONObject2.getString("secretkey"))) {
                    str = jSONObject2.getString("secretkey");
                }
            }
            if ("".equals(str)) {
                resultError(401, "Illegal access", httpServletResponse);
                return;
            }
            JSONObject jSONObject3 = new JSONObject(AesUtils.aesdecrypt(getPostData(httpServletRequest), str));
            if (!jSONObject3.isNull("data")) {
                jSONObject3 = (JSONObject) jSONObject3.get("data");
            }
            HashMap judgeArray = FileConfig.getJudgeArray((Map) JSON.parseObject(jSONObject3.toString(), Map.class));
            System.out.println(jSONObject3.toString());
            if (!SignUtils.verifybd(judgeArray, str, header2)) {
                resultError(402, "Illegal access, signature verification failed", httpServletResponse);
                return;
            }
            ParameterRequestWrapper parameterRequestWrapper = new ParameterRequestWrapper((HttpServletRequest) servletRequest);
            Iterator<String> keys2 = jSONObject3.keys();
            System.out.println(jSONObject3);
            while (keys2.hasNext()) {
                String next = keys2.next();
                parameterRequestWrapper.addParameter(next, jSONObject3.get(next));
            }
            log.debug("进入chain.doFilter");
            filterChain.doFilter(parameterRequestWrapper, servletResponse);
            log.debug("出入chain.doFilter");
        } catch (Exception e) {
            e.printStackTrace();
            resultError(502, "Server error", httpServletResponse);
        }
    }

    public void destroy() {
    }

    public void resultError(Integer num, String str, HttpServletResponse httpServletResponse) throws IOException {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("code", num);
        jSONObject.put("msg", new String(str.getBytes("UTF-8")));
        httpServletResponse.getWriter().write(new String(jSONObject.toString().getBytes("UTF-8")));
    }

    private String getPostData(HttpServletRequest httpServletRequest) {
        StringBuffer stringBuffer = new StringBuffer();
        try {
            BufferedReader reader = httpServletRequest.getReader();
            while (true) {
                String readLine = reader.readLine();
                if (null == readLine) {
                    break;
                }
                stringBuffer.append(readLine);
            }
        } catch (IOException e) {
        }
        return stringBuffer.toString();
    }
}
