package com.ks.app.aop;

import com.ks.app.entity.config.SystemConfigKey;
import com.ks.app.service.inter.config.SystemConfigService;
import com.ks.app.utils.ApiCodeConstant;
import com.ks.app.utils.SystemInfoUtil;
import com.ks.app.vo.AcceptData;
import net.sf.json.JSONObject;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.yeshi.utils.JsonUtil;
import org.yeshi.utils.StringUtil;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.io.PrintWriter;
import java.util.*;

//客户端接口签名验证
@Component
@Aspect
@Order(2)
public class SignValidate {

    public static final String EDP = "execution(* com.yeshi.makemoney.app.controller.client..*.*(..))";

    private Logger logger = LoggerFactory.getLogger(SignValidate.class);

    @Resource
    private SystemConfigService systemConfigService;


    @Around(EDP)
    public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
        Object[] args = joinPoint.getArgs();
        PrintWriter out = null;
        ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder
                .getRequestAttributes();
        servletContainer.getResponse().setCharacterEncoding("UTF-8");

        HttpServletRequest request = servletContainer.getRequest();

        AcceptData acceptData = null;
        for (Object obj : args) {
            if (obj instanceof AcceptData) {
                acceptData = (AcceptData) obj;
            } else if (obj instanceof HttpServletRequest) {
                request = (HttpServletRequest) obj;
            }
        }

        if (acceptData == null) {
            out = servletContainer.getResponse().getWriter();
            out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_FAIL_SIGN_ERROR, "签名错误"));
            return null;
        }

        boolean isRight = signIsRight(request, acceptData);
        // 签名是否正确
        if (isRight) {
            // 判断签名超时
            if (Math.abs((acceptData.getTimestamp() - System.currentTimeMillis())) > 1000 * 60 * 10) {
                out = servletContainer.getResponse().getWriter();
                out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_FAIL_OUT_TIME, "时间错误"));
                return null;
            }

            if (acceptData != null) {
                acceptData.setSystem(SystemInfoUtil.getSystem(acceptData.getPlatform(), acceptData.getPackages()));
            }
//            final String url = request.getRequestURI();
//            final Map<String, String[]> params = request.getParameterMap();
//            ThreadUtil.run(new Runnable() {
//                @Override
//                public void run() {
//                    // 记录请求日志
//                    LogHelper.requestInfo(url, params);
//                }
//            });

            Object obj = null;
            try {
                long startTime = System.currentTimeMillis();
                obj = joinPoint.proceed(args);


            } catch (Throwable e) {
                e.printStackTrace();
                out = servletContainer.getResponse().getWriter();
                out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_ERROR_IN_SERVER, "服务器内部错误"));
                logger.error("api:{} params:{}", request.getRequestURI(), JsonUtil.getSimpleGson().toJson(request.getParameterMap()), e);
                return null;
            }
            return obj;
        } else {
            out = servletContainer.getResponse().getWriter();
            out.print(JsonUtil.loadFalseResult(ApiCodeConstant.CODE_FAIL_SIGN_ERROR, "签名错误"));
            return null;
        }
    }

    private String getHttpServletParams(HttpServletRequest request) {
        if (request == null) {
            return "";
        }
        Map map = request.getParameterMap();
        if (map != null) {
            Iterator<String> its = map.keySet().iterator();
            JSONObject json = new JSONObject();
            while (its.hasNext()) {
                String next = its.next();
                if (map.get(next) != null) {
                    Object[] objects = (Object[]) map.get(next);
                    if (objects != null && objects.length > 0) {
                        json.put(next, objects[0].toString());
                    }
                }
            }
            return json.toString();
        }
        return "";
    }


    /**
     * 判断签名的正确性 Android version>50
     *
     * @param request
     * @return
     */
    private boolean signIsRight(HttpServletRequest request, AcceptData acceptData) {
        Map<String, String[]> map = request.getParameterMap();
        Iterator<String> its = map.keySet().iterator();
        List<String> list = new ArrayList<>();

        while (its.hasNext()) {
            String key = its.next();
            if (key.equalsIgnoreCase("sign") || key.equalsIgnoreCase("callback") || key.equalsIgnoreCase("_")) {
                continue;
            }
            String[] values = map.get(key);
            list.add(key + "=" + values[0]);
        }
        Collections.sort(list);
        String str = "";
        for (String st : list) {
            str += st + "&";
        }
        String key = systemConfigService.getValueCache(acceptData.getSystem(), SystemConfigKey.signKey);
        String sign = StringUtil.Md5(str + key);
        if (sign.equalsIgnoreCase(request.getParameter("sign") + "")) {
            return true;
        } else {
            return false;
        }
    }


}