package org.springblade.gateway.filter;

import cn.hutool.core.codec.Base64;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.Mode;
import cn.hutool.crypto.Padding;
import cn.hutool.crypto.symmetric.AES;
import cn.hutool.http.HttpUtil;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.util.UriComponentsBuilder;
import reactor.core.publisher.Mono;

@RefreshScope
@Component
/* loaded from: input_file:org/springblade/gateway/filter/AesDecodeFilter.class */
public class AesDecodeFilter implements GlobalFilter, Ordered {
    private static final Logger log = LoggerFactory.getLogger(AesDecodeFilter.class);
    private static final String PASSWORD = "password";
    private static final String KEY_ALGORITHM = "AES";

    @Value("${aes.encode.key:newcapecnewcapec}")
    private String aesKey;

    private static String decryptAES(String str, String str2) {
        return new String(new AES(Mode.CBC, Padding.NoPadding, new SecretKeySpec(str2.getBytes(), KEY_ALGORITHM), new IvParameterSpec(str2.getBytes())).decrypt(Base64.decode(str.getBytes(StandardCharsets.UTF_8))), StandardCharsets.UTF_8);
    }

    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        if (!StrUtil.containsAnyIgnoreCase(request.getURI().getPath(), new CharSequence[]{"/oauth/token"})) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        HashMap decodeParamMap = HttpUtil.decodeParamMap(request.getURI().getRawQuery(), "UTF-8");
        String str = (String) decodeParamMap.get(PASSWORD);
        if (StrUtil.isNotBlank(str)) {
            try {
                str = decryptAES(str, this.aesKey);
                decodeParamMap.put(PASSWORD, str.trim());
            } catch (Exception e) {
                log.error("密码解密失败:{}", str);
                return Mono.error(e);
            }
        }
        return gatewayFilterChain.filter(serverWebExchange.mutate().request(serverWebExchange.getRequest().mutate().uri(UriComponentsBuilder.fromUri(request.getURI()).replaceQuery(HttpUtil.toParams(decodeParamMap)).build(true).toUri()).build()).build());
    }

    public int getOrder() {
        return -800;
    }
}
