package com.jxdinfo.hussar.common.core.intercept;

import com.alibaba.fastjson.JSONObject;
import com.jxdinfo.hussar.common.properties.SecureAssesmentProperties;
import com.jxdinfo.hussar.encrypt.util.SM3Util;
import com.jxdinfo.hussar.platform.core.utils.HussarUtils;
import com.jxdinfo.hussar.support.exception.HussarException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.LinkedHashMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

@Component
/* loaded from: input_file:com/jxdinfo/hussar/common/core/intercept/GetRequestInterceptor.class */
public class GetRequestInterceptor implements HandlerInterceptor {

    @Autowired
    private SecureAssesmentProperties secureAssesmentProperties;

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        String header;
        if (!this.secureAssesmentProperties.isOpen() || (header = httpServletRequest.getHeader("Authorization")) == null) {
            return true;
        }
        String header2 = httpServletRequest.getHeader("data-digest");
        if (!HussarUtils.isNotBlank(header2)) {
            throw new HussarException("检测到越权操作！");
        }
        JSONObject jSONObject = new JSONObject(new LinkedHashMap());
        jSONObject.put("token", header);
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null) {
            try {
                queryString = URLDecoder.decode(queryString, "UTF-8");
            } catch (UnsupportedEncodingException e) {
                e.printStackTrace();
            }
            String[] split = queryString.split("&");
            StringBuffer stringBuffer = new StringBuffer();
            for (int i = 0; i < split.length; i++) {
                if (HussarUtils.isNotBlank(StringUtils.substringAfter(split[i], "="))) {
                    stringBuffer.append(split[i]).append("&");
                }
            }
            if (stringBuffer.length() > 0) {
                jSONObject.put("param", stringBuffer.substring(0, stringBuffer.length() - 1));
            }
        }
        if (SM3Util.digest(jSONObject.toString()).equals(header2)) {
            return true;
        }
        throw new HussarException("检测到越权操作！");
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }
}
