package io.datarouter.httpclient.security;

import io.datarouter.httpclient.request.CachingHttpServletRequest;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.TreeMap;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Hex;
import org.apache.http.HttpEntity;
import org.apache.http.entity.ByteArrayEntity;
import org.apache.http.entity.ContentType;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/datarouter/httpclient/security/DefaultSignatureValidator.class */
public class DefaultSignatureValidator implements SignatureValidator {
    private static final Logger logger = LoggerFactory.getLogger(DefaultSignatureValidator.class);
    private static final String HASHING_ALGORITHM = "SHA-256";
    private String salt;

    public DefaultSignatureValidator(String str) {
        this.salt = str;
    }

    public boolean checkHexSignature(Map<String, String> map, String str) {
        if (!getHexSignatureWithoutSettingParameterOrder(map).equals(str)) {
            return getHexSignature(map).equals(str);
        }
        logger.warn("Successfully checked signature without checking parameter order");
        return true;
    }

    public boolean checkHexSignature(Map<String, String> map, HttpEntity httpEntity, String str) {
        if (!getHexSignatureWithoutSettingParameterOrder(map, httpEntity).equals(str)) {
            return getHexSignature(map, httpEntity).equals(str);
        }
        if (map.isEmpty()) {
            return true;
        }
        logger.warn("Successfully checked signature without checking parameter order");
        return true;
    }

    private boolean checkHexSignatureMulti(HttpServletRequest httpServletRequest, HttpEntity httpEntity) {
        return checkHexSignature(multiToSingle(httpServletRequest.getParameterMap()), httpEntity, getParameterOrHeader(httpServletRequest, SecurityParameters.SIGNATURE));
    }

    @Override // io.datarouter.httpclient.security.SignatureValidator
    public SecurityValidationResult validate(HttpServletRequest httpServletRequest) {
        if (isFormPost(httpServletRequest) || "GET".equalsIgnoreCase(httpServletRequest.getMethod())) {
            return new SecurityValidationResult(httpServletRequest, checkHexSignatureMulti(httpServletRequest, null), null);
        }
        try {
            Optional<CachingHttpServletRequest> optional = CachingHttpServletRequest.get(httpServletRequest);
            if (!optional.isPresent()) {
                optional = Optional.of(CachingHttpServletRequest.getOrCreate(httpServletRequest));
                httpServletRequest = (HttpServletRequest) optional.get();
            }
            return new SecurityValidationResult(httpServletRequest, checkHexSignatureMulti(httpServletRequest, new ByteArrayEntity(optional.get().getContent())), null);
        } catch (IOException unused) {
            throw new RuntimeException();
        }
    }

    private static String getParameterOrHeader(HttpServletRequest httpServletRequest, String str) {
        String parameter = httpServletRequest.getParameter(str);
        return parameter != null ? parameter : httpServletRequest.getHeader(str);
    }

    private boolean isFormPost(HttpServletRequest httpServletRequest) {
        String contentType = httpServletRequest.getContentType();
        return (contentType != null && contentType.contains(ContentType.APPLICATION_FORM_URLENCODED.getMimeType())) && "POST".equalsIgnoreCase(httpServletRequest.getMethod());
    }

    public byte[] sign(Map<String, String> map) {
        return signWithoutSettingParameterOrder(new TreeMap(map), null);
    }

    public byte[] sign(Map<String, String> map, HttpEntity httpEntity) {
        return signWithoutSettingParameterOrder(new TreeMap(map), httpEntity);
    }

    private byte[] signWithoutSettingParameterOrder(Map<String, String> map, HttpEntity httpEntity) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(HASHING_ALGORITHM);
            for (Map.Entry<String, String> entry : map.entrySet()) {
                String key = entry.getKey();
                if (!key.equals(SecurityParameters.SIGNATURE) && !"submitAction".equals(key)) {
                    String value = entry.getValue();
                    messageDigest.update(key.concat(value == null ? "" : value).concat(this.salt).getBytes(StandardCharsets.UTF_8));
                    byteArrayOutputStream.write(messageDigest.digest());
                }
            }
            if (httpEntity != null) {
                messageDigest.update(EntityUtils.toByteArray(httpEntity));
                messageDigest.update(this.salt.getBytes(StandardCharsets.UTF_8));
                byteArrayOutputStream.write(messageDigest.digest());
            }
            return byteArrayOutputStream.toByteArray();
        } catch (IOException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public String getHexSignature(Map<String, String> map, HttpEntity httpEntity) {
        return Hex.encodeHexString(sign(map, httpEntity));
    }

    public String getHexSignature(Map<String, String> map) {
        return Hex.encodeHexString(sign(map));
    }

    public String getHexSignatureWithoutSettingParameterOrder(Map<String, String> map) {
        return Hex.encodeHexString(signWithoutSettingParameterOrder(map, null));
    }

    private String getHexSignatureWithoutSettingParameterOrder(Map<String, String> map, HttpEntity httpEntity) {
        return Hex.encodeHexString(signWithoutSettingParameterOrder(map, httpEntity));
    }

    private Map<String, String> multiToSingle(Map<String, String[]> map) {
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, String[]> entry : map.entrySet()) {
            hashMap.put(entry.getKey(), entry.getValue()[0]);
        }
        return hashMap;
    }
}
