package org.apache.shenyu.plugin.sign.service;

import cn.hutool.core.util.ObjectUtil;
import cn.hutool.crypto.digest.MD5;
import com.alibaba.fastjson.JSON;
import java.nio.charset.StandardCharsets;
import java.util.List;
import org.apache.shenyu.plugin.api.ShenyuPluginChain;
import org.apache.shenyu.plugin.api.result.ShenyuResultEnum;
import org.apache.shenyu.plugin.api.result.ShenyuResultWrap;
import org.apache.shenyu.plugin.api.utils.WebFluxResultUtils;
import org.apache.shenyu.plugin.sign.api.SignService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.http.HttpCookie;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.codec.HttpMessageReader;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.util.StringUtils;
import org.springframework.web.reactive.function.server.HandlerStrategies;
import org.springframework.web.reactive.function.server.ServerRequest;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/apache/shenyu/plugin/sign/service/DefaultSignService.class */
public class DefaultSignService implements SignService {
    private static final String TOKEN = "auth-token";
    private static final String SIGN = "sign";
    private static final String PN = "pn";

    @Value("${shenyu.sign.delay:5}")
    private int delay;
    private static final Logger LOG = LoggerFactory.getLogger(DefaultSignService.class);
    private static final List<HttpMessageReader<?>> MESSAGE_READERS = HandlerStrategies.builder().build().messageReaders();

    @Override // org.apache.shenyu.plugin.sign.api.SignService
    public Mono<Void> signVerify(ServerWebExchange serverWebExchange, ShenyuPluginChain shenyuPluginChain) {
        ServerRequest create = ServerRequest.create(serverWebExchange, MESSAGE_READERS);
        return HttpMethod.POST.equals(create.method()) ? create.bodyToMono(String.class).flatMap(str -> {
            return doVerify(str, serverWebExchange, shenyuPluginChain);
        }) : HttpMethod.GET.equals(create.method()) ? Mono.just(JSON.toJSONString(create.exchange().getRequest().getQueryParams().toSingleValueMap())).flatMap(str2 -> {
            return doVerify(str2, serverWebExchange, shenyuPluginChain);
        }) : WebFluxResultUtils.result(serverWebExchange, ShenyuResultWrap.error(serverWebExchange, ShenyuResultEnum.ILLEGAL_REQUEST.getCode(), ShenyuResultEnum.ILLEGAL_REQUEST.getMsg(), (Object) null));
    }

    private Mono<Void> doVerify(String str, ServerWebExchange serverWebExchange, ShenyuPluginChain shenyuPluginChain) {
        final HttpHeaders headers = serverWebExchange.getRequest().getHeaders();
        String str2 = "";
        if (StringUtils.hasLength(serverWebExchange.getRequest().getHeaders().getFirst(TOKEN))) {
            str2 = serverWebExchange.getRequest().getHeaders().getFirst(TOKEN);
        } else if (ObjectUtil.isNotEmpty(serverWebExchange.getRequest().getCookies().getFirst(TOKEN))) {
            str2 = ((HttpCookie) serverWebExchange.getRequest().getCookies().getFirst(TOKEN)).getValue();
        }
        LOG.info("获取到的token： {}", str2);
        String first = headers.getFirst(SIGN);
        LOG.info("获取到的签名： {}", first);
        String first2 = headers.getFirst(PN);
        LOG.info("获取到的PN： {}", first2);
        if (!StringUtils.hasLength(first) || !StringUtils.hasLength(str2) || !StringUtils.hasLength(first2)) {
            return WebFluxResultUtils.result(serverWebExchange, ShenyuResultWrap.error(serverWebExchange, ShenyuResultEnum.SIGN_IS_NOT_PASS.getCode(), ShenyuResultEnum.SIGN_IS_NOT_PASS.getMsg(), (Object) null));
        }
        String buildSign = buildSign(str, str2, first2);
        LOG.info("加密后sign: {}", buildSign);
        if (!first.equals(buildSign)) {
            return WebFluxResultUtils.result(serverWebExchange, ShenyuResultWrap.error(serverWebExchange, ShenyuResultEnum.SIGN_IS_NOT_PASS.getCode(), ShenyuResultEnum.SIGN_IS_NOT_PASS.getMsg(), (Object) null));
        }
        LOG.info("验签通过");
        final Flux defer = Flux.defer(() -> {
            return Mono.just(serverWebExchange.getResponse().bufferFactory().wrap(str.getBytes(StandardCharsets.UTF_8)));
        });
        return shenyuPluginChain.execute(serverWebExchange.mutate().request(new ServerHttpRequestDecorator(serverWebExchange.getRequest()) { // from class: org.apache.shenyu.plugin.sign.service.DefaultSignService.1
            public HttpHeaders getHeaders() {
                HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.putAll(headers);
                return httpHeaders;
            }

            public Flux<DataBuffer> getBody() {
                return defer;
            }
        }).build());
    }

    public String buildSign(String str, String str2, String str3) {
        return getSignature(str, str2, str3);
    }

    public static String getSignature(String str, String str2, String str3) {
        StringBuilder append = new StringBuilder(str).append((CharSequence) new StringBuilder(str).reverse()).append(str3).append(str2);
        LOG.info("sign加密前： {}", append);
        return new MD5().digestHex(append.toString(), StandardCharsets.UTF_8);
    }
}
