package com.elitescloud.boot.web.common.support;

import com.elitescloud.boot.common.constant.EncryptAlgorithm;
import com.elitescloud.boot.common.constant.SignatureAlgorithm;
import com.elitescloud.boot.util.RsaUtil;
import com.elitescloud.boot.web.common.ApiSignatureProvider;
import com.elitescloud.boot.web.common.param.SignatureConfigParam;
import com.elitescloud.boot.web.common.param.SignatureModel;
import com.elitescloud.boot.web.config.WebProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpMethod;

/* loaded from: input_file:com/elitescloud/boot/web/common/support/DefaultApiSignatureProvider.class */
public class DefaultApiSignatureProvider implements ApiSignatureProvider {
    private static final Logger logger = LoggerFactory.getLogger(DefaultApiSignatureProvider.class);
    private final WebProperties webProperties;

    public DefaultApiSignatureProvider(WebProperties webProperties) {
        this.webProperties = webProperties;
    }

    @Override // com.elitescloud.boot.web.common.ApiSignatureProvider
    public SignatureConfigParam getConfig(HttpMethod httpMethod, String str, SignatureModel signatureModel) {
        SignatureConfigParam signatureConfigParam = new SignatureConfigParam();
        signatureConfigParam.setEncryptAlgorithm(EncryptAlgorithm.RSA);
        signatureConfigParam.setPublicKey(this.webProperties.getApiSign().getPublicKey());
        signatureConfigParam.setPrivateKey(this.webProperties.getApiSign().getPrivateKey());
        signatureConfigParam.setSignatureAlgorithm(this.webProperties.getApiSign().getSignatureAlgorithm());
        signatureConfigParam.setSignatureParamIn(this.webProperties.getApiSign().getSignatureParamIn());
        signatureConfigParam.setSignatureParamName(this.webProperties.getApiSign().getSignatureParamName());
        return signatureConfigParam;
    }

    @Override // com.elitescloud.boot.web.common.ApiSignatureProvider
    public boolean needSignature(HttpMethod httpMethod, String str) {
        return this.webProperties.getApiSign().isEnabled();
    }

    @Override // com.elitescloud.boot.web.common.ApiSignatureProvider
    public String sign(HttpMethod httpMethod, String str, String str2) {
        return sign(httpMethod, str, str2, null);
    }

    @Override // com.elitescloud.boot.web.common.ApiSignatureProvider
    public String sign(HttpMethod httpMethod, String str, String str2, SignatureConfigParam signatureConfigParam) {
        if (signatureConfigParam == null) {
            signatureConfigParam = getConfig(httpMethod, str, SignatureModel.SIGN);
        }
        try {
            String generateSignature = generateSignature(str2, signatureConfigParam.getEncryptAlgorithm(), signatureConfigParam.getPrivateKey(), signatureConfigParam.getSignatureAlgorithm());
            logger.info("生成签名：{}，{}", httpMethod + ":" + str, generateSignature);
            return generateSignature;
        } catch (Exception e) {
            throw new IllegalArgumentException("生成签名失败，" + e.getMessage(), e);
        }
    }

    @Override // com.elitescloud.boot.web.common.ApiSignatureProvider
    public boolean needVerifySignature(HttpMethod httpMethod, String str) {
        return this.webProperties.getApiSign().isEnabled();
    }

    @Override // com.elitescloud.boot.web.common.ApiSignatureProvider
    public boolean verifySign(HttpMethod httpMethod, String str, String str2, String str3) {
        return verifySign(httpMethod, str, str2, str3, null);
    }

    @Override // com.elitescloud.boot.web.common.ApiSignatureProvider
    public boolean verifySign(HttpMethod httpMethod, String str, String str2, String str3, SignatureConfigParam signatureConfigParam) {
        if (signatureConfigParam == null) {
            signatureConfigParam = getConfig(httpMethod, str, SignatureModel.VERIFY_SIGN);
        }
        try {
            boolean verifySignature = verifySignature(str2, str3, signatureConfigParam.getEncryptAlgorithm(), signatureConfigParam.getPublicKey(), signatureConfigParam.getSignatureAlgorithm().name());
            logger.info("校验签名：{}，{}，{}", new Object[]{httpMethod + ":" + str, str3, Boolean.valueOf(verifySignature)});
            return verifySignature;
        } catch (Exception e) {
            throw new IllegalArgumentException("验证签名失败，" + e.getMessage(), e);
        }
    }

    private String generateSignature(String str, EncryptAlgorithm encryptAlgorithm, String str2, SignatureAlgorithm signatureAlgorithm) {
        if (EncryptAlgorithm.RSA == encryptAlgorithm) {
            return RsaUtil.sign(RsaUtil.convert2PrivateKey(str2), signatureAlgorithm.name(), str);
        }
        throw new IllegalStateException("暂不支持的签名算法" + encryptAlgorithm);
    }

    private boolean verifySignature(String str, String str2, EncryptAlgorithm encryptAlgorithm, String str3, String str4) {
        if (EncryptAlgorithm.RSA == encryptAlgorithm) {
            return RsaUtil.verifySign(RsaUtil.convert2PublicKey(str3), str4, str, str2);
        }
        throw new IllegalStateException("暂不支持的签名算法" + encryptAlgorithm);
    }
}
