package com.huawei.trip.sdk.spring;

import com.huawei.trip.sdk.SdkUtil;
import com.huawei.trip.sdk.auth.ClientAuth;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import javax.security.auth.message.AuthException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;

/* loaded from: input_file:com/huawei/trip/sdk/spring/TripApiFilter.class */
public class TripApiFilter implements Filter {
    private final ClientAuth clientAuth;

    public TripApiFilter(ClientAuth clientAuth) {
        this.clientAuth = clientAuth;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header;
        String body;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpRequestWrapper httpRequestWrapper = new HttpRequestWrapper(httpServletRequest);
        HttpResponseWrapper httpResponseWrapper = new HttpResponseWrapper(httpServletResponse);
        SdkUtil.logInfo("do open api auth filter for {}", httpServletRequest.getRequestURI());
        try {
            String method = httpServletRequest.getMethod();
            if ("GET".equals(method)) {
                header = httpServletRequest.getQueryString();
                body = "{\"encrypt\":\"" + httpServletRequest.getParameter("encrypt") + "\"}";
            } else {
                header = httpServletRequest.getHeader("Authorization");
                body = httpRequestWrapper.getBody();
            }
            SdkUtil.logDebug("receive authorization: {}", header);
            SdkUtil.logDebug("receive encrypted: {}", body);
            String verifyClientRequest = this.clientAuth.verifyClientRequest(httpServletRequest.getMethod(), httpServletRequest.getRequestURI(), header, body);
            httpRequestWrapper.setBody(verifyClientRequest);
            if ("GET".equals(method)) {
                HashMap hashMap = new HashMap();
                ((Map) SdkUtil.fromJson(verifyClientRequest, Map.class)).forEach((str, str2) -> {
                });
                httpRequestWrapper.setParamsMap(hashMap);
            }
            filterChain.doFilter(httpRequestWrapper, httpResponseWrapper);
            String captureBody = httpResponseWrapper.getCaptureBody();
            String signServerResponse = this.clientAuth.signServerResponse(httpServletRequest.getMethod(), httpServletRequest.getRequestURI(), captureBody);
            SdkUtil.logDebug("response authorization: {}", signServerResponse);
            String encryptServerResponse = this.clientAuth.encryptServerResponse(captureBody);
            SdkUtil.logDebug("response body: {}", encryptServerResponse);
            httpServletResponse.addHeader("Authorization", signServerResponse);
            httpServletResponse.getWriter().write(encryptServerResponse);
        } catch (AuthException e) {
            SdkUtil.logError(e.getMessage(), e);
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), e.getMessage());
        } catch (Exception e2) {
            SdkUtil.logError(e2.getMessage(), e2);
            httpServletResponse.sendError(HttpStatus.UNAUTHORIZED.value(), e2.getMessage());
        }
    }
}
