package io.datarouter.httpclient.security;

import java.io.ByteArrayOutputStream;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
import java.util.TreeMap;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testng.Assert;
import org.testng.annotations.BeforeTest;
import org.testng.annotations.Test;

/* loaded from: input_file:io/datarouter/httpclient/security/DefaultSignatureValidator.class */
public class DefaultSignatureValidator implements SignatureValidator {
    private static final Logger logger = LoggerFactory.getLogger(DefaultSignatureValidator.class);
    private static final String HASHING_ALGORITHM = "SHA-256";
    private String salt;

    /* loaded from: input_file:io/datarouter/httpclient/security/DefaultSignatureValidator$DefaultSignatureValidatorTests.class */
    public static class DefaultSignatureValidatorTests {
        Map<String, String> params;
        DefaultSignatureValidator validator;

        @BeforeTest
        public void setup() {
            this.validator = new DefaultSignatureValidator("329jfsJLKFj2fjjfL2319Jvn2332we");
            this.params = new LinkedHashMap();
            this.params.put("param1", "test1");
            this.params.put("param2", "test2");
            this.params.put(SecurityParameters.CSRF_TOKEN, "B8kgUfjdsa1234jsl9sdfkJ==");
            this.params.put(SecurityParameters.API_KEY, "jklfds90j2r13kjJfjklJF923j2rjLKJfjs");
            this.params.put(SecurityParameters.CSRF_IV, "x92jfjJdslSJFj29lsfjsf==");
        }

        @Test
        public void testSettingParameterOrder() {
            Assert.assertEquals(this.validator.getHexSignature(this.params), this.validator.getHexSignature(new HashMap(this.params)));
        }

        @Test
        public void testNotSettingParameterOrder() {
            Assert.assertNotEquals(this.validator.getHexSignatureWithoutSettingParameterOrder(this.params), this.validator.getHexSignatureWithoutSettingParameterOrder(new HashMap(this.params)));
        }

        @Test
        public void testCheckHexSignatureHandlesBothCases() {
            String hexSignatureWithoutSettingParameterOrder = this.validator.getHexSignatureWithoutSettingParameterOrder(this.params);
            HashMap hashMap = new HashMap(this.params);
            String hexSignatureWithoutSettingParameterOrder2 = this.validator.getHexSignatureWithoutSettingParameterOrder(hashMap);
            Assert.assertTrue(this.validator.checkHexSignature(this.params, hexSignatureWithoutSettingParameterOrder));
            Assert.assertTrue(this.validator.checkHexSignature(hashMap, hexSignatureWithoutSettingParameterOrder2));
            Assert.assertFalse(this.validator.checkHexSignature(hashMap, hexSignatureWithoutSettingParameterOrder));
            String hexSignature = this.validator.getHexSignature(this.params);
            Assert.assertTrue(this.validator.checkHexSignature(this.params, this.validator.getHexSignature(hashMap)));
            Assert.assertTrue(this.validator.checkHexSignature(hashMap, hexSignature));
        }
    }

    public DefaultSignatureValidator(String str) {
        this.salt = str;
    }

    public boolean checkHexSignature(Map<String, String> map, String str) {
        if (!getHexSignatureWithoutSettingParameterOrder(map).equals(str)) {
            return getHexSignature(map).equals(str);
        }
        logger.warn("Successfully checked signature without checking parameter order");
        return true;
    }

    @Override // io.datarouter.httpclient.security.SignatureValidator
    public boolean checkHexSignatureMulti(HttpServletRequest httpServletRequest) {
        return checkHexSignature(multiToSingle(httpServletRequest.getParameterMap()), httpServletRequest.getParameter(SecurityParameters.SIGNATURE));
    }

    public byte[] sign(Map<String, String> map) {
        return signWithoutSettingParameterOrder(new TreeMap(map));
    }

    public byte[] signWithoutSettingParameterOrder(Map<String, String> map) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(HASHING_ALGORITHM);
            for (String str : map.keySet()) {
                if (!str.equals(SecurityParameters.SIGNATURE) && !"submitAction".equals(str)) {
                    try {
                        messageDigest.update(str.concat(map.get(str)).concat(this.salt).getBytes(StandardCharsets.UTF_8));
                        byteArrayOutputStream.write(messageDigest.digest());
                    } catch (Exception e) {
                        throw new RuntimeException(e);
                    }
                }
            }
            return byteArrayOutputStream.toByteArray();
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    public String getHexSignature(Map<String, String> map) {
        return Hex.encodeHexString(sign(map));
    }

    public String getHexSignatureWithoutSettingParameterOrder(Map<String, String> map) {
        return Hex.encodeHexString(signWithoutSettingParameterOrder(map));
    }

    private Map<String, String> multiToSingle(Map<String, String[]> map) {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, String[]> entry : map.entrySet()) {
            hashMap.put(entry.getKey(), entry.getValue()[0]);
        }
        return hashMap;
    }
}
