package kd.bos.web.actions;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import kd.bos.actiondispatcher.ActionUtil;
import kd.bos.dataentity.utils.StringUtils;
import kd.bos.encrypt.Encrypters;
import kd.bos.ksql.util.Base64;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.session.SystemPropertyUtils;
import kd.bos.web.DispatchServiceHelper;

/* loaded from: input_file:kd/bos/web/actions/ManagerCenterMetadataAction.class */
public class ManagerCenterMetadataAction {
    private static final String FORM_ID = "formId";
    private static final String METADATA_SERVICE = "MetadataService";
    private static final String MESSAGE = "formId is null";
    private static final Log logger = LogFactory.getLog(ManagerCenterMetadataAction.class);
    private static final String HMAC_SHA1_ALGORITHM = "HmacSHA256";

    private String getAppId(HttpServletRequest httpServletRequest) {
        String parameter = httpServletRequest.getParameter("appId");
        return parameter == null ? "bos" : parameter;
    }

    public void getFormFunctions(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (!signVerify(httpServletRequest)) {
            ActionUtil.writeResponseJson(httpServletResponse, "Illegal request.");
            return;
        }
        String parameter = httpServletRequest.getParameter(FORM_ID);
        if (parameter == null) {
            ActionUtil.writeResponseResult(httpServletResponse, MESSAGE);
        } else {
            ActionUtil.writeResponseJson(httpServletResponse, (CharSequence) DispatchServiceHelper.invokeBOSServiceByAppId(getAppId(httpServletRequest), METADATA_SERVICE, "loadFormFunctions", parameter));
        }
    }

    private boolean signVerify(HttpServletRequest httpServletRequest) throws IOException {
        if (!Boolean.parseBoolean(System.getProperty("kd.upgrade.signverify.enable"))) {
            return true;
        }
        String header = httpServletRequest.getHeader("tenantId");
        String header2 = httpServletRequest.getHeader("upgradesign");
        String parameter = httpServletRequest.getParameter("timeStamp");
        byte[] key = getKey(header);
        if (key == null || StringUtils.isBlank(parameter)) {
            logger.info("SystemProperty:mc_value_secret is null or timeStamp is null");
            return false;
        }
        String computeSign = computeSign(parameter, key);
        return computeSign != null && computeSign.equals(header2);
    }

    private String computeSign(String str, byte[] bArr) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, HMAC_SHA1_ALGORITHM);
            Mac mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
            mac.init(secretKeySpec);
            return Base64.encodeBytes(mac.doFinal(str.getBytes("UTF-8")));
        } catch (Exception e) {
            logger.error(e);
            return null;
        }
    }

    private byte[] getKey(String str) {
        String proptyByTenant = SystemPropertyUtils.getProptyByTenant("mc_value_secret", str);
        if (StringUtils.isBlank(proptyByTenant)) {
            return null;
        }
        if (Encrypters.isEncrypted(proptyByTenant)) {
            proptyByTenant = Encrypters.decode(proptyByTenant);
        }
        return proptyByTenant.getBytes(StandardCharsets.UTF_8);
    }
}
