package org.apache.shenyu.admin.controller;

import com.google.common.collect.Maps;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.time.LocalDateTime;
import java.time.ZoneOffset;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import okhttp3.Response;
import okhttp3.ResponseBody;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shenyu.admin.mapper.AppAuthMapper;
import org.apache.shenyu.admin.model.entity.AppAuthDO;
import org.apache.shenyu.admin.utils.HttpUtils;
import org.apache.shenyu.admin.utils.ShenyuSignatureUtils;
import org.apache.shenyu.admin.utils.UploadUtils;
import org.apache.shenyu.common.utils.JsonUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.util.UriUtils;

@RequestMapping({"/sandbox"})
@RestController
/* loaded from: input_file:org/apache/shenyu/admin/controller/SandboxController.class */
public class SandboxController {
    private static final Logger LOG = LoggerFactory.getLogger(SandboxController.class);
    private static final HttpUtils HTTP_UTILS = new HttpUtils();

    @Resource
    private AppAuthMapper appAuthMapper;

    @RequestMapping({"/proxyGateway"})
    public void proxyGateway(@RequestParam(required = false) String str, @RequestParam String str2, @RequestParam String str3, @RequestParam String str4, @RequestParam String str5, @RequestParam(defaultValue = "get") String str6, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Assert.isTrue(StringUtils.isNotBlank(str3), "method cannot be empty.");
        Assert.isTrue(StringUtils.isNotBlank(str), "gatewayUrl cannot be empty.");
        String str7 = str + str3;
        HashMap hashMap = new HashMap();
        try {
            Map<? extends String, ? extends String> map = JsonUtils.toMap(StringEscapeUtils.escapeHtml4(str5));
            LOG.info("bizParam toMap= {}", JsonUtils.toJson(map));
            if (map != null) {
                hashMap.putAll(map);
            }
        } catch (Exception e) {
            LOG.error("JsonUtils.toMap error={}", e);
        }
        String buildParamQuery = buildParamQuery(hashMap);
        List<HttpUtils.UploadFile> list = (List) UploadUtils.getUploadFiles(httpServletRequest).stream().map(multipartFile -> {
            try {
                return new HttpUtils.UploadFile(multipartFile.getName(), multipartFile.getOriginalFilename(), multipartFile.getBytes());
            } catch (IOException e2) {
                LOG.error("upload file fail", e2);
                return null;
            }
        }).filter((v0) -> {
            return Objects.nonNull(v0);
        }).collect(Collectors.toList());
        HashMap hashMap2 = new HashMap();
        hashMap2.put("Cookie", str4);
        String str8 = null;
        String str9 = null;
        if (StringUtils.isNotEmpty(str2)) {
            String valueOf = String.valueOf(LocalDateTime.now().toInstant(ZoneOffset.of("+8")).toEpochMilli());
            str8 = ShenyuSignatureUtils.getSignContent(getSecureKey(str2), valueOf, str3);
            str9 = ShenyuSignatureUtils.generateSign(str8);
            hashMap2.put("timestamp", valueOf);
            hashMap2.put("appKey", str2);
            hashMap2.put("sign", str9);
            hashMap2.put("version", ShenyuSignatureUtils.VERSION);
        }
        try {
            Response requestCall = HTTP_UTILS.requestCall(str7, hashMap, hashMap2, HttpUtils.HTTPMethod.fromValue(str6), list);
            ResponseBody body = requestCall.body();
            if (Objects.isNull(body)) {
                return;
            }
            Map multimap = requestCall.headers().toMultimap();
            HashMap newHashMapWithExpectedSize = Maps.newHashMapWithExpectedSize(multimap.size());
            multimap.forEach((str10, list2) -> {
                String join = String.join(",", list2);
                httpServletResponse.setHeader(str10, join);
                newHashMapWithExpectedSize.put(str10, join);
            });
            httpServletResponse.addHeader("response-headers", JsonUtils.toJson(newHashMapWithExpectedSize));
            httpServletResponse.addHeader("sendbox-params", UriUtils.encode(buildParamQuery, StandardCharsets.UTF_8));
            httpServletResponse.addHeader("sendbox-beforesign", UriUtils.encode(str8, StandardCharsets.UTF_8));
            httpServletResponse.addHeader("sendbox-sign", UriUtils.encode(str9, StandardCharsets.UTF_8));
            IOUtils.copy(body.byteStream(), httpServletResponse.getOutputStream());
            httpServletResponse.flushBuffer();
        } catch (Exception e2) {
            LOG.error("request error", e2);
            throw new RuntimeException(e2.getMessage());
        }
    }

    private String getSecureKey(String str) {
        AppAuthDO findByAppKey = this.appAuthMapper.findByAppKey(str);
        if (Objects.isNull(findByAppKey) || StringUtils.isEmpty(findByAppKey.getAppSecret())) {
            throw new RuntimeException("security key not found.");
        }
        return findByAppKey.getAppSecret();
    }

    protected String buildParamQuery(Map<String, String> map) {
        StringBuilder sb = new StringBuilder();
        for (Map.Entry<String, String> entry : map.entrySet()) {
            sb.append("&").append(entry.getKey()).append("=").append(entry.getValue());
        }
        return sb.substring(1);
    }
}
