package com.bokesoft.scm.yigo.frontend.controller;

import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONArray;
import com.alibaba.fastjson2.JSONObject;
import com.bokesoft.scm.yigo.api.attachment.AttachmentCheckHandler;
import com.bokesoft.scm.yigo.api.exception.YigoCommonException;
import com.bokesoft.scm.yigo.api.response.ServiceProcessResponse;
import com.bokesoft.scm.yigo.exchange.service.MobileServiceProcess;
import com.bokesoft.scm.yigo.frontend.utils.FrontendUtils;
import com.bokesoft.scm.yigo.frontend.utils.ProcessXSSUtil;
import com.gitlab.summercattle.commons.exception.CommonException;
import com.gitlab.summercattle.commons.exception.CommonRuntimeException;
import com.gitlab.summercattle.commons.exception.ExceptionWrapUtils;
import com.gitlab.summercattle.commons.security.crypto.CommonEncryptUtils;
import com.gitlab.summercattle.commons.security.crypto.constants.CommonEncryptType;
import com.gitlab.summercattle.commons.security.crypto.constants.PaddingType;
import com.gitlab.summercattle.commons.utils.auxiliary.CompressUtils;
import com.gitlab.summercattle.commons.utils.auxiliary.HttpUtils;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URL;
import java.net.URLEncoder;
import java.util.Map;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.multipart.MultipartFile;

@RequestMapping({"/mobile"})
@RestController
/* loaded from: input_file:com/bokesoft/scm/yigo/frontend/controller/MobileServiceController.class */
public class MobileServiceController {
    private static final Logger logger = LoggerFactory.getLogger(MobileServiceController.class);

    @Value("${yigo.frontend.aes.key:1234567812345678}")
    private String secretKey;

    @Autowired
    private MobileServiceProcess mobileServiceProcess;

    @Value("${yigo.frontend.aes.enabled:false}")
    private boolean aesEnabled;

    @Autowired(required = false)
    private AttachmentCheckHandler attachmentCheckHandler;

    @PostMapping(path = {"/invoke"})
    public void invoke(@RequestHeader(name = "user-agent") String str, @RequestParam(required = false) Map<String, Object> map, @RequestParam(name = "files", required = false) MultipartFile[] multipartFileArr, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            if (map == null) {
                throw new CommonException("参数为空");
            }
            String str2 = null;
            String str3 = null;
            String str4 = null;
            JSONObject jSONObject = new JSONObject();
            String locale = FrontendUtils.getLocale(httpServletRequest);
            String clientID = FrontendUtils.getClientID(httpServletRequest);
            String tenant = FrontendUtils.getTenant(httpServletRequest);
            if (StringUtils.isNotBlank(tenant)) {
                jSONObject.put("tenant", tenant);
            }
            String paramValue = FrontendUtils.getParamValue(httpServletRequest, "application");
            if (StringUtils.isNotBlank(paramValue)) {
                jSONObject.put("application", paramValue);
            }
            String ipAddress = HttpUtils.getIpAddress(httpServletRequest);
            String header = httpServletRequest.getHeader("Origin");
            if (StringUtils.isBlank(header)) {
                header = httpServletRequest.getHeader("Referer");
            }
            if (StringUtils.isBlank(header)) {
                header = httpServletRequest.getRequestURL().toString();
            }
            URL url = new URL(header);
            String host = url.getHost();
            int port = url.getPort();
            if (port == -1) {
                port = url.getDefaultPort();
            }
            jSONObject.put("reqIP", ipAddress);
            jSONObject.put("host", host);
            jSONObject.put("port", Integer.valueOf(port));
            if (this.aesEnabled && StringUtils.isNotBlank(this.secretKey) && map.containsKey("needDecrypt")) {
                String str5 = (String) map.get("data");
                if (StringUtils.isBlank(str5)) {
                    throw new CommonException("加密数据为空");
                }
                String newStringUtf8 = org.apache.commons.codec.binary.StringUtils.newStringUtf8(CommonEncryptUtils.decyrptECB(CommonEncryptType.AES, Base64.decodeBase64(str5.getBytes()), this.secretKey.getBytes(), PaddingType.PKCS5Padding));
                if (!JSON.isValidObject(newStringUtf8)) {
                    throw new CommonException("数据内容'" + newStringUtf8 + "'异常");
                }
                for (String str6 : map.keySet()) {
                    if (str6.equals("name")) {
                        str2 = (String) map.get("name");
                    } else if (str6.equals("entry")) {
                        str3 = (String) map.get("entry");
                    } else if (str6.equals("action")) {
                        str4 = (String) map.get("action");
                    } else if (!str6.equals("needDecrypt") && !str6.equals("data") && !str6.equals("locale") && !str6.equals("clientID") && !str6.equals("tenant")) {
                        jSONObject.put(str6, map.get(str6));
                    }
                }
                JSONObject parseObject = JSON.parseObject(newStringUtf8);
                for (String str7 : parseObject.keySet()) {
                    if (str7.equals("name")) {
                        str2 = parseObject.getString("name");
                    } else if (str7.equals("entry")) {
                        str3 = parseObject.getString("entry");
                    } else if (str7.equals("action")) {
                        str4 = parseObject.getString("action");
                    } else if (!str7.equals("locale") && !str7.equals("clientID") && !str7.equals("tenant")) {
                        jSONObject.put(str7, parseObject.get(str7));
                    }
                }
            } else {
                str2 = (String) map.get("name");
                str3 = (String) map.get("entry");
                str4 = (String) map.get("action");
                for (String str8 : map.keySet()) {
                    if (!str8.equals("locale") && !str8.equals("clientID") && !str8.equals("tenant") && !str8.equals("name") && !str8.equals("entry") && !str8.equals("action")) {
                        jSONObject.put(str8, map.get(str8));
                    }
                }
            }
            String substring = StringUtils.isNotBlank(locale) ? locale.substring(0, locale.indexOf(45)) : null;
            if (StringUtils.isNotBlank(locale)) {
                jSONObject.put("locale", locale);
                jSONObject.put("language", substring);
            }
            if (StringUtils.isBlank(str2)) {
                throw new CommonException("服务名为空");
            }
            if (StringUtils.isBlank(str3)) {
                throw new CommonException("入口为空");
            }
            JSONArray jSONArray = new JSONArray();
            if (multipartFileArr != null && multipartFileArr.length > 0) {
                for (MultipartFile multipartFile : multipartFileArr) {
                    String originalFilename = multipartFile.getOriginalFilename();
                    byte[] bytes = multipartFile.getBytes();
                    if (this.attachmentCheckHandler != null) {
                        this.attachmentCheckHandler.check(originalFilename, bytes);
                    }
                    JSONObject jSONObject2 = new JSONObject();
                    jSONObject2.put("fileName", originalFilename);
                    jSONObject2.put("data", Base64.encodeBase64URLSafeString(CompressUtils.compress("gz", bytes)));
                    jSONArray.add(jSONObject2);
                }
            }
            ServiceProcessResponse process = this.mobileServiceProcess.process(clientID, str3, str4, str2, jSONArray.toString(), jSONObject.toString());
            if (process != null) {
                processResponse(process, str, httpServletResponse);
            }
        } catch (Throwable th) {
            processException(th, httpServletResponse);
        }
    }

    private String processResp(String str) {
        if (!this.aesEnabled || !StringUtils.isNotBlank(this.secretKey)) {
            return str;
        }
        try {
            String encodeBase64String = Base64.encodeBase64String(CommonEncryptUtils.encryptECB(CommonEncryptType.AES, str.getBytes(), this.secretKey.getBytes(), PaddingType.PKCS5Padding));
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("data", encodeBase64String);
            jSONObject.put("needDecrypt", true);
            return jSONObject.toString();
        } catch (CommonException e) {
            throw ExceptionWrapUtils.wrapRuntime(e);
        }
    }

    private void processException(Throwable th, HttpServletResponse httpServletResponse) {
        logger.error(th.getMessage(), th);
        int i = -1;
        int i2 = -1;
        if (th instanceof YigoCommonException) {
            YigoCommonException yigoCommonException = (YigoCommonException) th;
            if (yigoCommonException.getCode() == 101) {
                i2 = yigoCommonException.getExceptionCode();
            }
        }
        if (th instanceof CommonException) {
            i = ((CommonException) th).getCode();
            Throwable cause = th.getCause();
            if (cause != null && (cause instanceof IllegalStateException)) {
                i = 103;
            }
        } else if (th instanceof CommonRuntimeException) {
            i = ((CommonRuntimeException) th).getCode();
            Throwable cause2 = th.getCause();
            if (cause2 != null && (cause2 instanceof IllegalStateException)) {
                i = 103;
            }
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("code", Integer.valueOf(i));
        jSONObject.put("error_code", Integer.valueOf(i2));
        jSONObject.put("error_info", ProcessXSSUtil.stripXss(th.getMessage()));
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("success", false);
        jSONObject2.put("error", jSONObject);
        httpServletResponse.setStatus(500);
        httpServletResponse.setContentType("text/plain;charset=UTF-8");
        try {
            PrintWriter writer = httpServletResponse.getWriter();
            Throwable th2 = null;
            try {
                try {
                    writer.write(processResp(jSONObject2.toString()));
                    writer.flush();
                    if (writer != null) {
                        if (0 != 0) {
                            try {
                                writer.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            writer.close();
                        }
                    }
                } catch (Throwable th4) {
                    th2 = th4;
                    throw th4;
                }
            } finally {
            }
        } catch (IOException e) {
        }
    }

    private void processResponse(ServiceProcessResponse serviceProcessResponse, String str, HttpServletResponse httpServletResponse) throws IOException, CommonException {
        String replaceAll;
        if (!serviceProcessResponse.isFile()) {
            httpServletResponse.setContentType("text/plain;charset=UTF-8");
            PrintWriter writer = httpServletResponse.getWriter();
            Throwable th = null;
            try {
                try {
                    writer.write(processResp(serviceProcessResponse.getResponse()));
                    writer.flush();
                    if (writer != null) {
                        if (0 == 0) {
                            writer.close();
                            return;
                        }
                        try {
                            writer.close();
                            return;
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                            return;
                        }
                    }
                    return;
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } catch (Throwable th4) {
                if (writer != null) {
                    if (th != null) {
                        try {
                            writer.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    } else {
                        writer.close();
                    }
                }
                throw th4;
            }
        }
        JSONObject parseObject = JSON.parseObject(serviceProcessResponse.getResponse());
        byte[] decompress = CompressUtils.decompress("gz", Base64.decodeBase64(parseObject.getString("data")));
        if (parseObject.getBooleanValue("isImage")) {
            String string = parseObject.getString("format");
            if (StringUtils.isBlank(string)) {
                throw new CommonException("图片格式为空");
            }
            httpServletResponse.setContentType("image/" + string);
        } else {
            String string2 = parseObject.getString("fileName");
            httpServletResponse.setContentType("application/octet-stream");
            httpServletResponse.setHeader("filename", URLEncoder.encode(string2, "UTF-8"));
            if (parseObject.containsKey("checkCode")) {
                httpServletResponse.setHeader("checkCode", parseObject.getString("checkCode"));
            }
            if (str.toLowerCase().contains("msie") || str.toLowerCase().contains("like gecko")) {
                URLEncoder.encode(string2, "UTF-8");
                replaceAll = string2.replaceAll("\\+", "%20");
            } else {
                replaceAll = org.apache.commons.codec.binary.StringUtils.newStringIso8859_1(org.apache.commons.codec.binary.StringUtils.getBytesUtf8(string2));
            }
            httpServletResponse.setHeader("Content-Disposition", "attachment;filename=".concat(replaceAll));
        }
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        Throwable th6 = null;
        try {
            try {
                outputStream.write(decompress);
                outputStream.flush();
                if (outputStream != null) {
                    if (0 == 0) {
                        outputStream.close();
                        return;
                    }
                    try {
                        outputStream.close();
                    } catch (Throwable th7) {
                        th6.addSuppressed(th7);
                    }
                }
            } catch (Throwable th8) {
                th6 = th8;
                throw th8;
            }
        } catch (Throwable th9) {
            if (outputStream != null) {
                if (th6 != null) {
                    try {
                        outputStream.close();
                    } catch (Throwable th10) {
                        th6.addSuppressed(th10);
                    }
                } else {
                    outputStream.close();
                }
            }
            throw th9;
        }
    }
}
