package com.tydic.newretail.wechat.filter;

import java.io.IOException;
import java.security.MessageDigest;
import java.util.Arrays;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:com/tydic/newretail/wechat/filter/SecurityFilter.class */
public class SecurityFilter implements Filter {
    private final Log logger = LogFactory.getLog(getClass());
    private final boolean isDebugEnabled = this.logger.isDebugEnabled();
    private String token;

    public void destroy() {
        this.token = null;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (this.isDebugEnabled) {
            this.logger.debug("收到请求");
        }
        String parameter = servletRequest.getParameter("signature");
        String parameter2 = servletRequest.getParameter("timestamp");
        String parameter3 = servletRequest.getParameter("nonce");
        String parameter4 = servletRequest.getParameter("echostr");
        if (parameter == null || parameter2 == null || parameter3 == null) {
            this.logger.warn("认证失败：非法请求=>{signature:" + parameter + ",timestamp:" + parameter2 + ",nonce:" + parameter3 + ",echostr:" + parameter4 + "}");
            throw new IllegalArgumentException("认证失败：非法请求");
        }
        if (this.isDebugEnabled) {
            this.logger.debug("进行字典排序");
        }
        String[] strArr = {this.token, parameter2, parameter3};
        Arrays.sort(strArr);
        String str = strArr[0] + strArr[1] + strArr[2];
        if (this.isDebugEnabled) {
            this.logger.debug("生成认证消息");
        }
        try {
            String hexString = toHexString(MessageDigest.getInstance("sha1").digest(str.getBytes()));
            if (this.isDebugEnabled) {
                this.logger.debug("进行认证");
            }
            if (!parameter.equalsIgnoreCase(hexString)) {
                this.logger.warn("认证失败=>{signature:" + parameter + ",timestamp:" + parameter2 + ",nonce:" + parameter3 + ",echostr:" + parameter4 + "}");
                throw new IllegalArgumentException("认证失败");
            }
            if (parameter4 == null || "".equals(parameter4)) {
                if (this.isDebugEnabled) {
                    this.logger.debug("认证成功：业务处理");
                }
                filterChain.doFilter(servletRequest, servletResponse);
            } else {
                if (this.isDebugEnabled) {
                    this.logger.debug("认证成功:" + parameter4);
                }
                servletResponse.getOutputStream().print(parameter4);
            }
        } catch (Throwable th) {
            this.logger.warn("认证失败：认证过程发生未知异常=>{signature:" + parameter + ",timestamp:" + parameter2 + ",nonce:" + parameter3 + ",echostr:" + parameter4 + "}");
            throw new IllegalStateException("认证失败：认证过程发生未知异常");
        }
    }

    public static String toHexString(byte[] bArr) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
        char[] cArr2 = new char[bArr.length * 2];
        int i = 0;
        for (int i2 = 0; i2 < bArr.length; i2++) {
            int i3 = i;
            int i4 = i + 1;
            cArr2[i3] = cArr[(bArr[i2] >>> 4) & 15];
            i = i4 + 1;
            cArr2[i4] = cArr[bArr[i2] & 15];
        }
        return new String(cArr2);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.token = "ceshiToken";
    }
}
