package com.youzan.cloud.open.security;

import com.alibaba.fastjson.JSON;
import com.google.common.collect.Lists;
import com.youzan.cloud.open.security.exception.DataSecurityException;
import com.youzan.cloud.open.security.exception.ErrorMessage;
import com.youzan.cloud.open.security.response.GatewayErrorResponse;
import com.youzan.cloud.open.security.response.PlainResult;
import com.youzan.cloud.open.security.response.PlainResultUtil;
import com.youzan.cloud.open.security.secret.SecretData;
import com.youzan.cloud.open.security.secret.SecretInvoker;
import com.youzan.cloud.open.security.secret.SecretParam;
import com.youzan.cloud.open.security.utils.Base64_;
import com.youzan.cloud.open.security.utils.HttpUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import okhttp3.ResponseBody;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/youzan/cloud/open/security/HttpSecretInvoker.class */
public class HttpSecretInvoker<T> implements SecretInvoker {
    private String secretQueryUrl = "https://open.youzanyun.com/api/auth_exempt/youzan.cloud.client.query.encryptconfig/1.0.0";

    public PlainResult<T> _invoker(SecretParam secretParam) throws DataSecurityException {
        try {
            String body = getBody(HttpUtils.post(this.secretQueryUrl, JSON.toJSONString(RequestFactory.buildSecretKeyQueryRequest(secretParam, new Date()))).body());
            if (StringUtils.isBlank(body)) {
                return PlainResultUtil.fail(ErrorMessage.IO_ERROR.getCode(), " response body is null");
            }
            PlainResult plainResult = (PlainResult) JSON.parseObject(body, PlainResult.class);
            return (!plainResult.isSuccess() || null == plainResult.getData()) ? PlainResultUtil.fail(ErrorMessage.INIT_ERROR.getCode(), "初始化未找到应用加密配置信息") : PlainResultUtil.success(connvertToClientEncryptConfig((ClientEncryptConfigDTO) JSON.parseObject(JSON.toJSONString(plainResult.getData()), ClientEncryptConfigDTO.class)));
        } catch (Exception e) {
            throw new DataSecurityException(e, ErrorMessage.INIT_ERROR, String.format("初始化应用信息失败 secretParam:%s", JSON.toJSONString(secretParam)));
        }
    }

    private String getBody(ResponseBody responseBody) throws IOException, DataSecurityException {
        String string = responseBody.string();
        if (!StringUtils.isNotBlank(string)) {
            return null;
        }
        if (!string.contains("gw_err_resp")) {
            return string;
        }
        GatewayErrorResponse.ErrorResponse gwErrResp = ((GatewayErrorResponse) JSON.parseObject(string, GatewayErrorResponse.class)).getGwErrResp();
        throw new DataSecurityException(gwErrResp.getErrCode(), gwErrResp.getErrMsg());
    }

    private ClientEncryptConfig connvertToClientEncryptConfig(ClientEncryptConfigDTO clientEncryptConfigDTO) {
        ClientEncryptConfig clientEncryptConfig = new ClientEncryptConfig();
        clientEncryptConfig.setClientId(clientEncryptConfigDTO.getClientId());
        clientEncryptConfig.setEncryptType(clientEncryptConfigDTO.getEncryptType());
        clientEncryptConfig.setWhiteList(clientEncryptConfig.getWhiteList());
        clientEncryptConfig.setSecretDataList(convertToSecretData(clientEncryptConfigDTO.getSecretKeyInfoList()));
        return clientEncryptConfig;
    }

    private List<SecretData> convertToSecretData(List<SecretKeyInfoDTO> list) {
        if (null == list) {
            return Lists.newArrayList();
        }
        ArrayList newArrayList = Lists.newArrayList();
        for (SecretKeyInfoDTO secretKeyInfoDTO : list) {
            SecretData secretData = new SecretData();
            secretData.setClientId(secretKeyInfoDTO.getClientId());
            secretData.setKdtId(secretKeyInfoDTO.getKdtId());
            secretData.setVersion(secretKeyInfoDTO.getVersion());
            secretData.setSecret(Base64_.decode(secretKeyInfoDTO.getSecretKey()));
            newArrayList.add(secretData);
        }
        return newArrayList;
    }
}
