package com.biuqu.boot.filter;

import com.biuqu.boot.utils.ResponseUtil;
import com.biuqu.encryption.Hash;
import com.biuqu.encryption.factory.EncryptionFactory;
import com.biuqu.errcode.ErrCodeEnum;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.entity.ContentType;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;

/* loaded from: input_file:com/biuqu/boot/filter/SecurityValidFilter.class */
public class SecurityValidFilter implements Filter {
    private static final String SIGN_KEY = "sign";

    @Value("${bq.json.snake-case:true}")
    private boolean snakeCase;
    private static final Logger log = LoggerFactory.getLogger(SecurityValidFilter.class);
    private static final Hash HASH = (Hash) EncryptionFactory.SHAHash.createAlgorithm();

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        long currentTimeMillis = System.currentTimeMillis();
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            String contentType = httpServletRequest.getContentType();
            String header = httpServletRequest.getHeader(SIGN_KEY);
            if (!StringUtils.isEmpty(header) && ContentType.APPLICATION_JSON.toString().contains(contentType)) {
                CachingRequestWrapper cachingRequestWrapper = new CachingRequestWrapper(httpServletRequest);
                String header2 = httpServletRequest.getHeader("Authorization");
                if (StringUtils.isEmpty(header2)) {
                    header2 = "";
                }
                String str = header2 + "_" + IOUtils.toString(cachingRequestWrapper.getContentAsByteArray(), StandardCharsets.UTF_8.name());
                String hexString = Hex.toHexString(HASH.digest(str.getBytes(StandardCharsets.UTF_8)));
                log.info("***json:{},sign:{},cost:{}ms", new Object[]{str, hexString, Long.valueOf(System.currentTimeMillis() - currentTimeMillis)});
                if (!header.equals(hexString)) {
                    ResponseUtil.writeErrorBody((HttpServletResponse) servletResponse, ErrCodeEnum.SIGNATURE_ERROR.getCode(), this.snakeCase);
                    return;
                } else {
                    log.info("cache and valid sign[{}] cost {}ms", httpServletRequest.getRequestURI(), Long.valueOf(System.currentTimeMillis() - currentTimeMillis));
                    filterChain.doFilter(cachingRequestWrapper, servletResponse);
                    return;
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }
}
