package cn.com.summall.signature.helper;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.security.SignatureException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Map;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.b.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.apache.http.b.NameValuePair;
import org.apache.http.b.client.utils.URLEncodedUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.slf4j.Marker;

/* loaded from: classes.dex */
public class RequestSignatureValidator {
    private static final String ENCODING = "UTF-8";
    private static final String FORM_CONTENT_TYPE = "application/x-www-form-urlencoded";
    private static final String HEADER_NAME_APPKET = "sm-appkey";
    private static final String HEADER_NAME_NONCE = "sm-nonce";
    private static final String HEADER_NAME_SIGNATURE = "sm-signature";
    private static final String HEADER_NAME_TIMESTAMP = "sm-timestamp";
    private static final String HEADER_PREFIX = "sm-";
    private static final String HMAC_SHA256_ALGORITHM = "HmacSHA256";
    private static final Charset CHARSET = Charset.forName("UTF-8");
    private static Logger logger = LoggerFactory.getLogger(RequestSignatureValidator.class);

    private static String calculateRFC2104HMAC(String str, String str2) throws SignatureException {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(str2.getBytes("UTF-8"), HMAC_SHA256_ALGORITHM);
            Mac mac = Mac.getInstance(HMAC_SHA256_ALGORITHM);
            mac.init(secretKeySpec);
            return Base64.encodeBase64String(mac.doFinal(str.getBytes("UTF-8")));
        } catch (Exception e) {
            throw new SignatureException("Failed to generate HMAC : " + e.getMessage());
        }
    }

    private static String getCanonicalizedHeaderString(HttpServletRequest httpServletRequest) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(getHeaderString(httpServletRequest, HEADER_NAME_APPKET));
        arrayList.add(getHeaderString(httpServletRequest, HEADER_NAME_TIMESTAMP));
        arrayList.add(getHeaderString(httpServletRequest, HEADER_NAME_NONCE));
        Collections.sort(arrayList);
        return StringUtils.join(arrayList, "\n");
    }

    private static String getCanonicalizedQueryString(HttpServletRequest httpServletRequest) {
        try {
            ArrayList arrayList = new ArrayList();
            if (httpServletRequest.getContentType() == null || !httpServletRequest.getContentType().startsWith("application/x-www-form-urlencoded")) {
                for (NameValuePair nameValuePair : URLEncodedUtils.parse(httpServletRequest.getQueryString(), CHARSET)) {
                    arrayList.add(getPercentEncodedParameterString(nameValuePair.getName(), nameValuePair.getValue()));
                }
            } else {
                for (Map.Entry entry : httpServletRequest.getParameterMap().entrySet()) {
                    for (String str : (String[]) entry.getValue()) {
                        arrayList.add(getPercentEncodedParameterString((String) entry.getKey(), str));
                    }
                }
            }
            Collections.sort(arrayList);
            return StringUtils.join(arrayList, "&");
        } catch (Exception e) {
            throw new RuntimeException("获取规格化查询参数字符串出现异常", e);
        }
    }

    private static String getCanonicalizedRequestPath(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        return StringUtils.isEmpty(requestURI) ? "/" : requestURI;
    }

    private static String getHeaderString(HttpServletRequest httpServletRequest, String str) {
        return str.toLowerCase() + ":" + retrieveHeaderValue(httpServletRequest, str);
    }

    private static String getHttpRequestMethod(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getMethod().toUpperCase();
    }

    private static String getPercentEncodedParameterString(String str, String str2) {
        return percentEncode(str) + "=" + percentEncode(str2);
    }

    private static String percentEncode(String str) {
        if (str == null) {
            return "";
        }
        try {
            return URLEncoder.encode(str, "UTF-8").replace(Marker.ANY_NON_NULL_MARKER, "%20").replace(Marker.ANY_MARKER, "%2A").replace("%7E", "~");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e.getMessage(), e);
        }
    }

    private static String retrieveHeaderValue(HttpServletRequest httpServletRequest, String str) {
        String header = httpServletRequest.getHeader(str);
        if (StringUtils.isEmpty(header)) {
            throw new IllegalArgumentException(str + "缺失");
        }
        return header.trim();
    }

    public static boolean validate(HttpServletRequest httpServletRequest, String str) {
        try {
            String retrieveHeaderValue = retrieveHeaderValue(httpServletRequest, HEADER_NAME_SIGNATURE);
            String str2 = getHttpRequestMethod(httpServletRequest) + "\n" + getCanonicalizedRequestPath(httpServletRequest) + "\n" + getCanonicalizedQueryString(httpServletRequest) + "\n" + getCanonicalizedHeaderString(httpServletRequest);
            logger.debug("BaseString：{}", str2);
            String calculateRFC2104HMAC = calculateRFC2104HMAC(str2, str);
            logger.debug("Signature Computed：{}, Signature in Request：{}", calculateRFC2104HMAC, retrieveHeaderValue);
            return StringUtils.equals(retrieveHeaderValue, calculateRFC2104HMAC);
        } catch (SignatureException e) {
            throw new RuntimeException("签名出现异常", e);
        }
    }
}
