package com.cssw.bootx.security.api.crypto.core;

import cn.hutool.core.collection.CollUtil;
import com.cssw.bootx.security.api.crypto.autoconfigure.ApiCryptoProperties;
import com.cssw.bootx.security.api.crypto.enums.CryptoType;
import com.cssw.bootx.security.api.crypto.util.ApiEncryptUtil;
import com.cssw.bootx.security.api.crypto.util.UrlUtil;
import com.cssw.bootx.web.model.R;
import com.fasterxml.jackson.databind.ObjectMapper;
import io.micrometer.common.lang.NonNull;
import io.micrometer.common.lang.Nullable;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.server.ServerHttpRequest;
import org.springframework.http.server.ServerHttpResponse;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.springframework.web.servlet.mvc.method.annotation.ResponseBodyAdvice;

@ControllerAdvice
/* loaded from: input_file:com/cssw/bootx/security/api/crypto/core/ApiEncryptResponseBodyAdvice.class */
public class ApiEncryptResponseBodyAdvice implements ResponseBodyAdvice<Object> {
    private static final Logger log = LoggerFactory.getLogger(ApiEncryptResponseBodyAdvice.class);
    private final ApiCryptoProperties properties;
    private final ClientDetailsProvider clientDetailsProvider;
    private final ObjectMapper objectMapper;

    public boolean supports(@NonNull MethodParameter methodParameter, @NonNull Class<? extends HttpMessageConverter<?>> cls) {
        ServletRequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        if (requestAttributes != null) {
            return UrlUtil.notMatch(requestAttributes.getRequest(), this.properties.getExcludeUrls());
        }
        return false;
    }

    public Object beforeBodyWrite(@Nullable Object obj, @NonNull MethodParameter methodParameter, @NonNull MediaType mediaType, @NonNull Class<? extends HttpMessageConverter<?>> cls, @NonNull ServerHttpRequest serverHttpRequest, @NonNull ServerHttpResponse serverHttpResponse) {
        if (obj == null) {
            return null;
        }
        try {
            String appKey = getAppKey(serverHttpRequest);
            CryptoType crypto = this.properties.getCrypto();
            ClientDetails load = this.clientDetailsProvider.load(appKey);
            serverHttpResponse.getHeaders().setContentType(MediaType.TEXT_PLAIN);
            return encrypt(this.objectMapper.writeValueAsBytes(obj), crypto, load);
        } catch (Exception e) {
            log.error("", e);
            return R.fail(HttpStatus.FORBIDDEN.value(), "请求被拒绝");
        }
    }

    private String encrypt(byte[] bArr, CryptoType cryptoType, ClientDetails clientDetails) throws Exception {
        String str = null;
        if (cryptoType == CryptoType.AES || cryptoType == CryptoType.DES) {
            str = clientDetails.getAppSecret();
        } else if (cryptoType == CryptoType.RSA) {
            str = clientDetails.getPublicKey();
        }
        return ApiEncryptUtil.encrypt(cryptoType, bArr, str);
    }

    private String getAppKey(ServerHttpRequest serverHttpRequest) {
        List list = serverHttpRequest.getHeaders().get(this.properties.getAppKey());
        if (CollUtil.isNotEmpty(list)) {
            return (String) list.get(0);
        }
        return null;
    }

    public ApiEncryptResponseBodyAdvice(ApiCryptoProperties apiCryptoProperties, ClientDetailsProvider clientDetailsProvider, ObjectMapper objectMapper) {
        this.properties = apiCryptoProperties;
        this.clientDetailsProvider = clientDetailsProvider;
        this.objectMapper = objectMapper;
    }
}
