package com.fit2cloud.commons.server.security;

import com.fit2cloud.commons.server.base.domain.UserKey;
import com.fit2cloud.commons.server.service.UserKeysService;
import com.fit2cloud.commons.utils.CodingUtil;
import com.fit2cloud.commons.utils.CommonBeanFactory;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:com/fit2cloud/commons/server/security/ApiKeyHandler.class */
public class ApiKeyHandler {
    public static final String API_ACCESS_KEY = "accessKey";
    public static final String API_SIGNATURE = "signature";

    public static String getUser(HttpServletRequest httpServletRequest) {
        return getUser(httpServletRequest.getHeader(API_ACCESS_KEY), httpServletRequest.getHeader(API_SIGNATURE));
    }

    public static Boolean isApiKeyCall(HttpServletRequest httpServletRequest) {
        return (StringUtils.isBlank(httpServletRequest.getHeader(API_ACCESS_KEY)) || StringUtils.isBlank(httpServletRequest.getHeader(API_SIGNATURE))) ? false : true;
    }

    public static String getUser(String str, String str2) {
        String str3;
        if (StringUtils.isBlank(str) || StringUtils.isBlank(str2)) {
            return null;
        }
        UserKey userKey = ((UserKeysService) CommonBeanFactory.getBean(UserKeysService.class)).getUserKey(str);
        if (userKey == null) {
            throw new RuntimeException("invalid accessKey");
        }
        try {
            String[] split = StringUtils.split(StringUtils.trimToNull(CodingUtil.aesDecrypt(str2, userKey.getSecretKey(), str)), "|");
            if (split.length < 2) {
                throw new RuntimeException(str3);
            }
            if (!StringUtils.equals(str, split[0])) {
                throw new RuntimeException(str3);
            }
            try {
                if (Math.abs(System.currentTimeMillis() - Long.valueOf(split[split.length - 1]).longValue()) > 1800000) {
                    throw new RuntimeException("expired signature");
                }
                return userKey.getUserId();
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } finally {
            RuntimeException runtimeException = new RuntimeException("invalid signature");
        }
    }
}
