package org.shoulder.crypto.negotiation.support.service.impl;

import cn.hutool.core.lang.Assert;
import java.net.URI;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import javax.annotation.Nonnull;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.shoulder.core.dto.response.BaseResult;
import org.shoulder.core.log.Logger;
import org.shoulder.core.log.LoggerFactory;
import org.shoulder.core.util.JsonUtils;
import org.shoulder.crypto.asymmetric.exception.AsymmetricCryptoException;
import org.shoulder.crypto.negotiation.cache.NegotiationResultCache;
import org.shoulder.crypto.negotiation.constant.NegotiationConstants;
import org.shoulder.crypto.negotiation.dto.NegotiationResult;
import org.shoulder.crypto.negotiation.exception.NegotiationException;
import org.shoulder.crypto.negotiation.support.dto.NegotiationRequest;
import org.shoulder.crypto.negotiation.support.dto.NegotiationResponse;
import org.shoulder.crypto.negotiation.support.dto.TransportNegotiationInfo;
import org.shoulder.crypto.negotiation.support.service.TransportNegotiationService;
import org.shoulder.crypto.negotiation.util.TransportCryptoUtil;
import org.shoulder.http.AppIdExtractor;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.RestClientException;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:org/shoulder/crypto/negotiation/support/service/impl/TransportNegotiationServiceImpl.class */
public class TransportNegotiationServiceImpl implements TransportNegotiationService {
    private final TransportCryptoUtil transportCryptoUtil;
    private final RestTemplate restTemplate;
    private final NegotiationResultCache negotiationResultCache;
    private final AppIdExtractor appIdExtractor;
    static final /* synthetic */ boolean $assertionsDisabled;
    private final Logger log = LoggerFactory.getLogger(getClass());
    private Map<String, String> negotiationUrls = new HashMap();

    public TransportNegotiationServiceImpl(TransportCryptoUtil transportCryptoUtil, RestTemplate restTemplate, NegotiationResultCache negotiationResultCache, AppIdExtractor appIdExtractor) {
        this.transportCryptoUtil = transportCryptoUtil;
        this.restTemplate = restTemplate;
        this.negotiationResultCache = negotiationResultCache;
        this.appIdExtractor = appIdExtractor;
    }

    @Override // org.shoulder.crypto.negotiation.support.service.TransportNegotiationService
    public NegotiationResult requestForNegotiate(URI uri) throws NegotiationException {
        String extract = this.appIdExtractor.extract(uri);
        try {
            NegotiationResult asClient = this.negotiationResultCache.getAsClient(extract);
            if (asClient != null) {
                return asClient;
            }
            String replace = uri.toString().replace(uri.getPath(), getNegotiationUrl(extract));
            this.log.debug("negotiate with {}, url is {}", extract, replace);
            NegotiationResult negotiation = this.transportCryptoUtil.negotiation(validateAndFill(this.restTemplate.exchange(replace, HttpMethod.POST, createKeyNegotiationHttpEntity(), new ParameterizedTypeReference<BaseResult<NegotiationResponse>>() { // from class: org.shoulder.crypto.negotiation.support.service.impl.TransportNegotiationServiceImpl.1
            }, new Object[0])));
            this.negotiationResultCache.putAsClient(extract, negotiation);
            return negotiation;
        } catch (RestClientException e) {
            throw new NegotiationException("Try negotiate FAIL with " + extract + ", please check other service's healthy", e);
        } catch (AsymmetricCryptoException e2) {
            throw new NegotiationException("Negotiate FAIL with " + extract, e2);
        }
    }

    private HttpEntity<NegotiationRequest> createKeyNegotiationHttpEntity() throws AsymmetricCryptoException {
        NegotiationRequest createRequest = this.transportCryptoUtil.createRequest();
        String str = createRequest.getxSessionId();
        String token = createRequest.getToken();
        HttpHeaders httpHeaders = new HttpHeaders();
        ArrayList arrayList = new ArrayList();
        arrayList.add(MediaType.APPLICATION_JSON_UTF8);
        httpHeaders.setAccept(arrayList);
        httpHeaders.setContentType(MediaType.APPLICATION_JSON_UTF8);
        httpHeaders.add(NegotiationConstants.SECURITY_SESSION_ID, str);
        httpHeaders.add(NegotiationConstants.TOKEN, token);
        return new HttpEntity<>(createRequest, httpHeaders);
    }

    private NegotiationResponse validateAndFill(ResponseEntity<BaseResult<NegotiationResponse>> responseEntity) throws AsymmetricCryptoException, NegotiationException {
        BaseResult baseResult = (BaseResult) responseEntity.getBody();
        if (HttpStatus.OK != responseEntity.getStatusCode() || baseResult == null) {
            throw new NegotiationException("response error! response = " + JsonUtils.toJson(baseResult));
        }
        NegotiationResponse negotiationResponse = (NegotiationResponse) baseResult.getData();
        String first = responseEntity.getHeaders().getFirst(NegotiationConstants.TOKEN);
        String first2 = responseEntity.getHeaders().getFirst(NegotiationConstants.SECURITY_SESSION_ID);
        String publicKey = negotiationResponse.getPublicKey();
        String encryptionScheme = negotiationResponse.getEncryptionScheme();
        Assert.notEmpty(publicKey, "response.publicKey can't be empty", new Object[0]);
        Assert.notEmpty(encryptionScheme, "response.encryptionScheme can't be empty", new Object[0]);
        negotiationResponse.setxSessionId(first2);
        negotiationResponse.setToken(first);
        if (this.transportCryptoUtil.verifyToken(negotiationResponse)) {
            return negotiationResponse;
        }
        throw new NegotiationException("token not validate!");
    }

    @Override // org.shoulder.crypto.negotiation.support.service.TransportNegotiationService
    public NegotiationResponse handleNegotiate(NegotiationRequest negotiationRequest) throws NegotiationException {
        NegotiationResult asServer;
        try {
            validateAndFill(negotiationRequest);
            if (!negotiationRequest.isRefresh() && (asServer = this.negotiationResultCache.getAsServer(negotiationRequest.getxSessionId())) != null) {
                return this.transportCryptoUtil.createResponse(asServer);
            }
            NegotiationResponse prepareNegotiation = this.transportCryptoUtil.prepareNegotiation(negotiationRequest);
            NegotiationResponse m9clone = prepareNegotiation.m9clone();
            m9clone.setPublicKey(negotiationRequest.getPublicKey());
            NegotiationResult negotiation = this.transportCryptoUtil.negotiation(m9clone);
            negotiation.setExpireTime(negotiation.getExpireTime() + 60000);
            this.negotiationResultCache.putAsServer(prepareNegotiation.getxSessionId(), negotiation);
            HttpServletResponse response = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getResponse();
            if (!$assertionsDisabled && response == null) {
                throw new AssertionError();
            }
            response.setHeader(NegotiationConstants.SECURITY_SESSION_ID, prepareNegotiation.getxSessionId());
            response.setHeader(NegotiationConstants.TOKEN, prepareNegotiation.getToken());
            return prepareNegotiation;
        } catch (AsymmetricCryptoException e) {
            throw new NegotiationException("Receive request, negotiate Fail!", e);
        }
    }

    private NegotiationRequest validateAndFill(@Nonnull NegotiationRequest negotiationRequest) throws AsymmetricCryptoException, NegotiationException {
        HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
        String header = request.getHeader(NegotiationConstants.SECURITY_SESSION_ID);
        String header2 = request.getHeader(NegotiationConstants.TOKEN);
        negotiationRequest.setxSessionId(header);
        negotiationRequest.setToken(header2);
        if (this.transportCryptoUtil.verifyToken(negotiationRequest)) {
            return negotiationRequest;
        }
        throw new NegotiationException("token not validate!");
    }

    @Nonnull
    private String getNegotiationUrl(String str) {
        return this.negotiationUrls.computeIfAbsent(str, str2 -> {
            this.log.warn("Not config [{}]'s negotiationUrl, will use default: /security/v1/negotiation", str);
            return NegotiationConstants.DEFAULT_NEGOTIATION_URL;
        });
    }

    public void addNegotiationUrl(TransportNegotiationInfo transportNegotiationInfo) {
        this.negotiationUrls.put(transportNegotiationInfo.getAppId(), transportNegotiationInfo.getNegotiationUrl());
    }

    @Override // org.shoulder.crypto.negotiation.support.service.TransportNegotiationService
    public boolean isNegotiationUrl(@Nonnull URI uri) {
        return uri.getPath().equalsIgnoreCase(this.negotiationUrls.get(this.appIdExtractor.extract(uri)));
    }

    static {
        $assertionsDisabled = !TransportNegotiationServiceImpl.class.desiredAssertionStatus();
    }
}
