package com.zto.mall.admin.open.aspect;

import com.fqgj.log.factory.LogFactory;
import com.fqgj.log.interfaces.Log;
import com.zto.mall.admin.open.enums.CodeEnum;
import com.zto.mall.admin.open.model.request.OpenRequest;
import com.zto.mall.admin.open.model.response.OpenResponse;
import com.zto.mall.admin.open.sign.OpenApiSignUtils;
import com.zto.mall.application.open.OpenAppInfoApplication;
import com.zto.mall.model.dto.open.OpenAppInfoDTO;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.annotation.PostConstruct;
import javax.annotation.Resource;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;

@Aspect
@Component
/* loaded from: input_file:BOOT-INF/classes/com/zto/mall/admin/open/aspect/OpenApiSignAspect.class */
public class OpenApiSignAspect {
    private static final Log LOGGER = LogFactory.getLog((Class<?>) OpenApiSignAspect.class);

    @Resource
    private OpenAppInfoApplication openAppInfoApplication;

    @PostConstruct
    public void init() {
        LOGGER.info("open api aspect init");
    }

    @Pointcut("execution(public com.zto.mall.admin.open.model.response.OpenResponse com.zto.mall.admin.open..controller.*.*(com.zto.mall.admin.open.model.request.OpenRequest))")
    public void openApi() {
    }

    private boolean verifyTimestamp(long j) {
        return Math.abs(System.currentTimeMillis() - j) < TimeUnit.MINUTES.toMillis(2L);
    }

    private OpenResponse checkRequest(OpenRequest openRequest, String str, String str2) {
        if (openRequest == null) {
            LOGGER.warn("targetClass:{} signature:{} request body lost", str2, str);
            return OpenResponse.fail(CodeEnum.REQUEST_BODY_LOST);
        }
        Long timestamp = openRequest.getTimestamp();
        if (timestamp == null) {
            LOGGER.warn("targetClass:{} signature:{} lost timestamp", str2, str);
            return OpenResponse.fail(CodeEnum.LOST_PARAM_TIMESTAMP);
        }
        if (!verifyTimestamp(timestamp.longValue())) {
            LOGGER.warn("targetClass:{} signature:{} request expired diff:{}", str2, str, Long.valueOf(System.currentTimeMillis() - timestamp.longValue()));
            return OpenResponse.fail(CodeEnum.REQUEST_EXPIRED);
        }
        if (StringUtils.isBlank(openRequest.getAppId())) {
            LOGGER.warn("targetClass:{} signature:{} lost appId", str2, str);
            return OpenResponse.fail(CodeEnum.LOST_PARAM_APP_ID);
        }
        if (!StringUtils.isBlank(openRequest.getSign())) {
            return null;
        }
        LOGGER.warn("targetClass:{} signature:{} lost sign", str2, str);
        return OpenResponse.fail(CodeEnum.LOST_PARAM_SIGN);
    }

    @Around("openApi()")
    public Object run(ProceedingJoinPoint proceedingJoinPoint) {
        String name = proceedingJoinPoint.getSignature().getName();
        String name2 = proceedingJoinPoint.getTarget().getClass().getName();
        LOGGER.info("signature:{}", name);
        LOGGER.info("target class name:{}", name2);
        Object[] args = proceedingJoinPoint.getArgs();
        OpenRequest openRequest = (OpenRequest) args[0];
        OpenResponse checkRequest = checkRequest(openRequest, name, name2);
        if (checkRequest != null) {
            return checkRequest;
        }
        String appId = openRequest.getAppId();
        OpenAppInfoDTO openAppInfo = this.openAppInfoApplication.getOpenAppInfo(appId);
        if (openAppInfo == null) {
            LOGGER.warn("targetClass:{} signature:{} appId:{} 非法", name2, name, appId);
            return OpenResponse.fail(CodeEnum.APP_ID_ERROR);
        }
        String appSecret = openAppInfo.getAppSecret();
        if (!OpenApiSignUtils.verify(openRequest, appSecret)) {
            LOGGER.warn("targetClass:{} signature:{} verify sign fail", name2, name);
            return OpenResponse.fail(CodeEnum.SIGN_ERROR);
        }
        String apiList = openAppInfo.getApiList();
        String apiName = openRequest.getApiName();
        if (StringUtils.isNotBlank(apiList) && !Arrays.asList(apiList.split(",")).contains(apiName)) {
            LOGGER.warn("targetClass:{} signature:{} apiName:{} 当前应用没有权限", name2, name, apiName);
            return OpenResponse.fail(CodeEnum.API_NO_PRIVILEGE);
        }
        if (StringUtils.isBlank(apiName)) {
            LOGGER.warn("targetClass:{} signature:{} apiName:{} apiName参数错误", name2, name, apiName);
            return OpenResponse.fail(CodeEnum.API_NAME_PARAM_ERROR);
        }
        if (!apiName.equals(name)) {
            LOGGER.warn("targetClass:{} signature:{} apiName:{} apiName参数错误", name2, name, apiName);
            return OpenResponse.fail(CodeEnum.API_NAME_PARAM_ERROR);
        }
        try {
            Object proceed = proceedingJoinPoint.proceed(args);
            if (proceed == null) {
                LOGGER.warn("targetClass:{} signature:{} response class:{}", name2, name, proceed.getClass().getName());
                return proceed;
            }
            if (!(proceed instanceof OpenResponse)) {
                LOGGER.warn("targetClass:{} signature:{} response class:{}", name2, name, proceed.getClass().getName());
                return proceed;
            }
            OpenResponse openResponse = (OpenResponse) proceed;
            openResponse.setTimestamp(Long.valueOf(System.currentTimeMillis()));
            openResponse.setSignMethod("md5");
            openResponse.setVersion("1.0");
            openResponse.setAppId(openRequest.getAppId());
            openResponse.setSign(OpenApiSignUtils.sign(openResponse, appSecret));
            return openResponse;
        } catch (Throwable th) {
            LOGGER.warn("targetClass:{} signature:{} execute error", name2, name);
            LOGGER.error("openApi", th);
            return OpenResponse.fail(CodeEnum.SYSTEM_ERROR);
        }
    }
}
