package com.yqbsoft.laser.service.ext.channel.yb.util;

import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import com.yqbsoft.laser.service.ext.channel.com.domain.ChannelRequest;
import com.yqbsoft.laser.service.ext.channel.yb.YbConstants;
import com.yqbsoft.laser.service.ext.channel.yb.dto.DigitalSignatureDTO;
import com.yqbsoft.laser.service.tool.util.DateUtil;
import java.nio.charset.StandardCharsets;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.BitSet;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.SortedMap;
import java.util.TreeMap;
import java.util.UUID;

/* loaded from: input_file:com/yqbsoft/laser/service/ext/channel/yb/util/AuthorizationUtil.class */
public class AuthorizationUtil {
    private static final Joiner headerJoiner = Joiner.on('\n');
    private static BitSet URI_UNRESERVED_CHARACTERS = new BitSet();
    private static String[] PERCENT_ENCODED_STRINGS = new String[256];
    private static final Joiner queryStringJoiner = Joiner.on('&');
    private static final Joiner signedHeaderStringJoiner = Joiner.on(';');
    private static final Set<String> defaultHeadersToSign = Sets.newHashSet();

    public static Map<String, String> defaultHeader() {
        HashMap hashMap = new HashMap();
        hashMap.put("x-yop-session-id", YbConstants.SESSION_ID);
        hashMap.put("x-yop-request-id", UUID.randomUUID().toString());
        return hashMap;
    }

    public static String getAuthorization(ChannelRequest channelRequest, String str, Map<String, Object> map, Map<String, String> map2) throws InvalidKeySpecException, NoSuchAlgorithmException {
        Map configMap = channelRequest.getConfigMap();
        String str2 = "yop-auth-v2/" + ((String) configMap.get("appKey")) + "/" + DateUtil.getDateString(new Date(), "YYYYMMDD'T'HHMMSS'Z'") + "/1800";
        String canonicalURIPath = getCanonicalURIPath(str);
        String canonicalQueryString = getCanonicalQueryString(map, true);
        HashSet hashSet = new HashSet();
        hashSet.add("x-yop-request-id");
        SortedMap<String, Object> headersToSign = getHeadersToSign(map2, hashSet);
        String canonicalHeaders = getCanonicalHeaders(headersToSign);
        String lowerCase = signedHeaderStringJoiner.join(headersToSign.keySet()).trim().toLowerCase();
        String str3 = str2 + "\n" + channelRequest.getApiRetype() + "\n" + canonicalURIPath + "\n" + canonicalQueryString + "\n" + canonicalHeaders;
        PrivateKey string2PrivateKey = RSAKeyUtils.string2PrivateKey((String) configMap.get("privateKey"));
        DigitalSignatureDTO digitalSignatureDTO = new DigitalSignatureDTO();
        digitalSignatureDTO.setPlainText(str3);
        return "YOP-RSA2048-SHA256 " + str2 + "/" + lowerCase + "/" + DigitalEnvelopeUtils.sign(digitalSignatureDTO, string2PrivateKey).getSignature();
    }

    public static String signature(String str, String str2) throws InvalidKeySpecException, NoSuchAlgorithmException {
        PrivateKey string2PrivateKey = RSAKeyUtils.string2PrivateKey(str);
        DigitalSignatureDTO digitalSignatureDTO = new DigitalSignatureDTO();
        digitalSignatureDTO.setAppKey(str);
        digitalSignatureDTO.setPlainText(str2);
        return DigitalEnvelopeUtils.sign0(digitalSignatureDTO, string2PrivateKey);
    }

    public static String signature1(String str, String str2) {
        return null;
    }

    public static String normalizePath(String str) {
        return normalize(str).replace("%2F", "/");
    }

    public static String normalize(String str) {
        StringBuilder sb = new StringBuilder();
        for (byte b : str.getBytes(StandardCharsets.UTF_8)) {
            if (URI_UNRESERVED_CHARACTERS.get(b & 255)) {
                sb.append((char) b);
            } else {
                sb.append(PERCENT_ENCODED_STRINGS[b & 255]);
            }
        }
        return sb.toString();
    }

    public static String getCanonicalURIPath(String str) {
        return str == null ? "/" : str.startsWith("/") ? normalizePath(str) : "/" + normalizePath(str);
    }

    private static SortedMap<String, Object> getHeadersToSign(Map<String, String> map, Set<String> set) {
        TreeMap newTreeMap = Maps.newTreeMap();
        if (set != null) {
            HashSet newHashSet = Sets.newHashSet();
            Iterator<String> it = set.iterator();
            while (it.hasNext()) {
                newHashSet.add(it.next().trim().toLowerCase());
            }
            set = newHashSet;
        }
        for (Map.Entry<String, String> entry : map.entrySet()) {
            String key = entry.getKey();
            if (entry.getValue() != null && !entry.getValue().isEmpty() && ((set != null && set.contains(key.toLowerCase()) && !"Authorization".equalsIgnoreCase(key)) || (set == null && isDefaultHeaderToSign(key)))) {
                newTreeMap.put(key, entry.getValue());
            }
        }
        return newTreeMap;
    }

    private static String getCanonicalHeaders(SortedMap<String, Object> sortedMap) {
        if (sortedMap.isEmpty()) {
            return "";
        }
        ArrayList newArrayList = Lists.newArrayList();
        for (Map.Entry<String, Object> entry : sortedMap.entrySet()) {
            String key = entry.getKey();
            if (key != null) {
                String str = (String) entry.getValue();
                if (str == null) {
                    str = "";
                }
                newArrayList.add(normalize(key.trim().toLowerCase()) + ':' + normalize(str.trim()));
            }
        }
        Collections.sort(newArrayList);
        return headerJoiner.join(newArrayList);
    }

    public static String getCanonicalQueryString(Map<String, Object> map, boolean z) {
        if (map.isEmpty()) {
            return "";
        }
        ArrayList newArrayList = Lists.newArrayList();
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            if (!z || !"Authorization".equalsIgnoreCase(entry.getKey())) {
                String key = entry.getKey();
                Preconditions.checkNotNull(key, "parameter key should not be null");
                Collection collection = (Collection) entry.getValue();
                if (null != collection && 0 != collection.size()) {
                    Iterator it = collection.iterator();
                    while (it.hasNext()) {
                        newArrayList.add(normalize(key) + '=' + normalize((String) it.next()));
                    }
                } else if (z) {
                    newArrayList.add(normalize(key) + '=');
                } else {
                    newArrayList.add(normalize(key));
                }
            }
        }
        Collections.sort(newArrayList);
        return queryStringJoiner.join(newArrayList);
    }

    private static boolean isDefaultHeaderToSign(String str) {
        String lowerCase = str.trim().toLowerCase();
        return lowerCase.startsWith("x-yop-") || defaultHeadersToSign.contains(lowerCase);
    }
}
