package com.supwisdom.insititute.attest.server.guard.webapi.controller;

import com.alibaba.fastjson.JSONObject;
import com.supwisdom.insititute.attest.server.guard.domain.core.GuardService;
import com.supwisdom.insititute.attest.server.guard.domain.core.utils.RSAUtils;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.FaceVerifyGuardInitRequest;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.FaceVerifyGuardSendRequest;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.FaceVerifyGuardStatusRequest;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.FaceVerifyGuardSubmitRequest;
import com.supwisdom.insititute.attest.server.guard.webapi.vo.request.FaceVerifyGuardVerifyRequest;
import com.supwisdom.insititute.attest.server.remote.domain.securitykey.service.SecurityKeyService;
import java.security.interfaces.RSAPublicKey;
import java.util.Iterator;
import java.util.TreeSet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.BeanFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.interceptor.CacheOperationExpressionEvaluator;
import org.springframework.messaging.MessageHeaders;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.tags.BindTag;

@RequestMapping(path = {"/api/guard/faceverify"})
@Controller
/* loaded from: input_file:BOOT-INF/lib/attest-server-guard-web-api-1.5.2-RELEASE.jar:com/supwisdom/insititute/attest/server/guard/webapi/controller/FaceVerifyGuardController.class */
public class FaceVerifyGuardController {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) FaceVerifyGuardController.class);

    @Value("${attest-server.prefix:http://localhost:8071/attest}")
    private String attestServerPrefix;

    @Autowired
    @Qualifier("faceVerifyGuardService")
    private GuardService faceVerifyGuardService;

    @Autowired
    private SecurityKeyService securityKeyService;

    @PostMapping(path = {"/init"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject initFaceVerifyGuard(@RequestBody FaceVerifyGuardInitRequest faceVerifyGuardInitRequest) {
        log.debug("FaceVerifyGuardInitRequest is {}", faceVerifyGuardInitRequest);
        int i = -1;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("attestServerUrl", (Object) this.attestServerPrefix);
        try {
            jSONObject.put("gid", (Object) this.faceVerifyGuardService.init(faceVerifyGuardInitRequest.getUsername(), faceVerifyGuardInitRequest.getState(), faceVerifyGuardInitRequest.getAllClaims()));
            i = 0;
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            str = e.getMessage();
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }

    @PostMapping(path = {"/send"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject send(@RequestBody FaceVerifyGuardSendRequest faceVerifyGuardSendRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = -1;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        try {
            httpServletRequest.getRemoteAddr();
            httpServletRequest.getHeader("user-agent");
            httpServletRequest.getHeader("X-Attest-Device-Id");
            String send = this.faceVerifyGuardService.send(faceVerifyGuardSendRequest.getGid());
            jSONObject.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) "ok");
            jSONObject.put("faceverifyUrl", (Object) send);
            i = 0;
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            str = e.getMessage();
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }

    @PostMapping(path = {"/status"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject status(@RequestBody FaceVerifyGuardStatusRequest faceVerifyGuardStatusRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = -1;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        try {
            httpServletRequest.getRemoteAddr();
            httpServletRequest.getHeader("user-agent");
            httpServletRequest.getHeader("X-Attest-Device-Id");
            jSONObject.put(BindTag.STATUS_VARIABLE_NAME, (Object) Integer.valueOf(this.faceVerifyGuardService.status(faceVerifyGuardStatusRequest.getGid()).getStatus()));
            i = 0;
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            str = e.getMessage();
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }

    @PostMapping(path = {"/verify"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject verify(@RequestBody FaceVerifyGuardVerifyRequest faceVerifyGuardVerifyRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i = -1;
        String str = null;
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put(BindTag.STATUS_VARIABLE_NAME, (Object) Integer.valueOf(this.faceVerifyGuardService.verify(faceVerifyGuardVerifyRequest.getGid(), faceVerifyGuardVerifyRequest.getUsername(), faceVerifyGuardVerifyRequest.getState(), faceVerifyGuardVerifyRequest.getAllClaims()).getStatus()));
            i = 0;
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            str = e.getMessage();
        }
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put("code", (Object) Integer.valueOf(i));
        jSONObject2.put("message", (Object) str);
        jSONObject2.put("data", (Object) jSONObject);
        return jSONObject2;
    }

    @PostMapping(path = {"/submit"}, consumes = {"application/json;charset=UTF-8"}, produces = {"application/json;charset=UTF-8"})
    @ResponseBody
    public JSONObject valid(@RequestHeader(name = "X-Id-Token", required = false) String str, @RequestParam(name = "idToken", required = false) String str2, @RequestBody FaceVerifyGuardSubmitRequest faceVerifyGuardSubmitRequest, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        int i;
        String str3;
        JSONObject jSONObject = new JSONObject();
        String str4 = null;
        JSONObject jSONObject2 = new JSONObject();
        try {
            httpServletRequest.getRemoteAddr();
            httpServletRequest.getHeader("user-agent");
            httpServletRequest.getHeader("X-Attest-Device-Id");
            str3 = null;
            if (0 == 0 && StringUtils.isNotBlank(str)) {
                str3 = str;
            }
            if (str3 == null && StringUtils.isNotBlank(str2)) {
                str3 = str2;
            }
        } catch (Exception e) {
            log.error(e.getMessage());
            e.printStackTrace();
            i = -1;
            str4 = e.getMessage();
        }
        if (StringUtils.isBlank(str3)) {
            log.error("Id-Token 为空.");
            JSONObject jSONObject3 = new JSONObject();
            jSONObject3.put("error", (Object) "Id-Token 为空.");
            jSONObject.put("code", (Object) 10000);
            jSONObject.put("message", (Object) null);
            jSONObject.put("error", (Object) jSONObject3);
            return jSONObject;
        }
        long timestamp = faceVerifyGuardSubmitRequest.getTimestamp();
        log.debug("timestamp is {}", Long.valueOf(timestamp));
        String sign = faceVerifyGuardSubmitRequest.getSign();
        log.debug("sign is {}", sign);
        if (Math.abs(timestamp - System.currentTimeMillis()) > 300000) {
            log.error("Timestamp 已过期.");
            JSONObject jSONObject4 = new JSONObject();
            jSONObject4.put("error", (Object) "Timestamp 已过期.");
            jSONObject.put("code", (Object) 10001);
            jSONObject.put("message", (Object) null);
            jSONObject.put("error", (Object) jSONObject4);
            return jSONObject;
        }
        RSAPublicKey publicKey = RSAUtils.getPublicKey(this.securityKeyService.loadClientPublicKey(str3));
        TreeSet treeSet = new TreeSet();
        treeSet.add(String.format("%s=%s", MessageHeaders.TIMESTAMP, Long.valueOf(timestamp)));
        treeSet.add(String.format("%s=%s", "gid", faceVerifyGuardSubmitRequest.getGid()));
        treeSet.add(String.format("%s=%s", "code", faceVerifyGuardSubmitRequest.getCode()));
        treeSet.add(String.format("%s=%s", "photoFileBase64", faceVerifyGuardSubmitRequest.getPhotoFileBase64()));
        StringBuffer stringBuffer = new StringBuffer();
        Iterator it = treeSet.iterator();
        while (it.hasNext()) {
            stringBuffer.append(it.next());
            if (it.hasNext()) {
                stringBuffer.append(BeanFactory.FACTORY_BEAN_PREFIX);
            }
        }
        if (!RSAUtils.verify(sign, stringBuffer.toString(), publicKey)) {
            log.error("签名无效.");
            JSONObject jSONObject5 = new JSONObject();
            jSONObject5.put("error", (Object) "签名无效.");
            jSONObject.put("code", (Object) 10002);
            jSONObject.put("message", (Object) null);
            jSONObject.put("error", (Object) jSONObject5);
            return jSONObject;
        }
        jSONObject2.put(BindTag.STATUS_VARIABLE_NAME, (Object) Integer.valueOf(this.faceVerifyGuardService.valid(faceVerifyGuardSubmitRequest.getGid(), faceVerifyGuardSubmitRequest.getCode(), faceVerifyGuardSubmitRequest.getPhotoFileBase64(), null).getStatus()));
        jSONObject2.put(CacheOperationExpressionEvaluator.RESULT_VARIABLE, (Object) "ok");
        i = 0;
        jSONObject.put("code", (Object) Integer.valueOf(i));
        jSONObject.put("message", (Object) str4);
        jSONObject.put("data", (Object) jSONObject2);
        return jSONObject;
    }
}
