package com.gccloud.uc.sdk;

import com.github.benmanes.caffeine.cache.Cache;
import com.github.benmanes.caffeine.cache.Caffeine;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.digest.HmacAlgorithms;
import org.apache.commons.codec.digest.HmacUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.Assert;

/* loaded from: input_file:com/gccloud/uc/sdk/SignUtils.class */
public class SignUtils {
    public static final String U_SIGN = "u-sign";
    public static final String U_APP_KEY = "u-appKey";
    public static final String U_ONCE = "u-once";
    public static final String U_TIMESTAMP = "u-timestamp";
    public static final String U_NAME = "u-uname";
    public static final String U_SIGNATURE = "u-signature";
    public static final String DEFAULT_SIGN = "sign";
    private static final Logger log = LoggerFactory.getLogger(SignUtils.class);
    public static final long TIME_OUT = 1800000;
    private static final Cache<String, Boolean> ONCE_KEY_CACHE = Caffeine.newBuilder().expireAfterWrite(TIME_OUT, TimeUnit.MILLISECONDS).build();

    public static String sign(Map<String, String> map, String str) {
        String str2 = map.get(U_APP_KEY);
        Assert.isTrue(StringUtils.isNotBlank(str2), "u-appKey为空");
        Assert.isTrue(StringUtils.isNotBlank(map.get(U_SIGN)), "u-sign为空");
        String str3 = map.get(U_ONCE);
        Assert.isTrue(StringUtils.isNotBlank(str3), "u-once为空");
        String str4 = map.get(U_TIMESTAMP);
        Assert.isTrue(StringUtils.isNotBlank(str4), "u-timestamp为空");
        String str5 = map.get(U_NAME);
        Assert.isTrue(StringUtils.isNotBlank(str5), "u-uname为空");
        return new HmacUtils(HmacAlgorithms.HMAC_SHA_256, str).hmacHex(str2 + str3 + str4 + str5);
    }

    public static void validateSign(HttpServletRequest httpServletRequest, String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(U_APP_KEY, httpServletRequest.getHeader(U_APP_KEY));
        hashMap.put(U_TIMESTAMP, httpServletRequest.getHeader(U_TIMESTAMP));
        hashMap.put(U_ONCE, httpServletRequest.getHeader(U_ONCE));
        hashMap.put(U_NAME, httpServletRequest.getHeader(U_NAME));
        hashMap.put(U_SIGNATURE, httpServletRequest.getHeader(U_SIGNATURE));
        validateSign(hashMap, str);
    }

    public static void validateSign(Map<String, String> map, String str) {
        String str2 = map.get(U_APP_KEY);
        Assert.isTrue(StringUtils.isNotBlank(str2), "u-appKey为空");
        String str3 = map.get(U_TIMESTAMP);
        Assert.isTrue(StringUtils.isNotBlank(str3), "u-timestamp为空");
        long parseLong = Long.parseLong(str3);
        Assert.isTrue(Math.abs(System.currentTimeMillis() - parseLong) <= TIME_OUT, "u-timestamp有效期不对");
        String str4 = map.get(U_ONCE);
        Assert.isTrue(StringUtils.isNotBlank(str4), "u-once为空");
        String str5 = map.get(U_NAME);
        Assert.isTrue(StringUtils.isNotBlank(str5), "u-uname为空");
        String str6 = map.get(U_SIGNATURE);
        Assert.isTrue(StringUtils.isNotBlank(str6), "u-signature为空");
        Assert.isTrue(str6.equals(new HmacUtils(HmacAlgorithms.HMAC_SHA_256, str).hmacHex(str2 + str4 + parseLong + str5)), "签名不一致");
        Assert.isTrue(((Boolean) ONCE_KEY_CACHE.getIfPresent(str4)) == null, "非法重放攻击");
        ONCE_KEY_CACHE.put(str4, true);
    }

    public static void main(String[] strArr) {
        HashMap hashMap = new HashMap();
        hashMap.put(U_SIGN, DEFAULT_SIGN);
        hashMap.put(U_APP_KEY, "zREjZx9tT1eg5bPkSMsrqp03HLo9Mtad");
        hashMap.put(U_ONCE, UUID.randomUUID().toString().replaceAll("-", ""));
        hashMap.put(U_TIMESTAMP, System.currentTimeMillis() + "");
        hashMap.put(U_NAME, "admin");
        hashMap.put(U_SIGNATURE, sign(hashMap, "4ua4uQggI0g5DRIxc3oP5hDElUX8TcYW"));
        log.info("header:{}", hashMap);
        validateSign(hashMap, "4ua4uQggI0g5DRIxc3oP5hDElUX8TcYW");
    }
}
