package com.yfxxt.web.controller.app.pay;

import com.alibaba.fastjson.JSONObject;
import com.taobao.api.internal.tmc.MessageFields;
import com.yfxxt.common.constant.BaseConstant;
import com.yfxxt.common.core.domain.AjaxResult;
import com.yfxxt.system.service.IAppOrderService;
import io.swagger.annotations.Api;
import java.io.BufferedReader;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.time.Instant;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.varia.ExternallyRolledFileAppender;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.client.RestTemplate;

@Api(tags = {"小米支付相关接口"})
@RequestMapping({"/ott/xiaomi"})
@RestController
/* loaded from: input_file:BOOT-INF/classes/com/yfxxt/web/controller/app/pay/XiaoMiController.class */
public class XiaoMiController {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) XiaoMiController.class);
    public static final String KEY_ALGORITHM = "RSA";
    public static final String SIGNATURE_ALGORITHM = "SHA1WithRSA";
    public static final String ENCODING = "utf-8";
    public static final String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIsNc5RaMW5IbsHbvXShq0INSL36HEEKR06wG9nKze9+K1wv6EEHFWpVS5m2Rzt/2B5doEJZNO5fua1z8ZBqVl2slSWtm2eqnRGBXsTUPRHsg7NHppleWd1+7cLJ+cU7Kl7Jck2eTqYyv5Pa3Ic/goIw9+ofoRkNq1tP37NrcwIQIDAQAB";
    public static final String PRIVATE_KEY = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBANl7HebYCXOtQETGMKt3Iurct+S+w2NY5rdBdH5l6DZv5wU9q7f51yu+K6AD6bOFZBRmw8/RUjff4VG4L8CVwzpk+kJWa3GqSt5T/aLlnHnpMhrVmEZQMsO4DJIwsXkjF+A4U8s20mnz0R7x28OVLmtFuBRREyuJw3DMXtQCwamLAgMBAAECgYAkeD7lbSj4mv8CCXIz7sCOPgEgfNTrHgdih7lvUMuGBXHqMRNQwLbSgQtzw/Q2xJGp0inX+bQd5o80Uvy/AN5B50iXy8kZPLkV5yKTeYzJ7HQkyhLc1nTbwIRmFJ3Wb59vOSTCRaW23mAIQoC4Vw0OQ3q7z1S+2QCB3innBJGWQQJBAPxLeVl8Q5szmegEfFgILL4Tfxc7oBkygNG3xPqASiZdpuJmbDvWpH8XU3iKydAEb3wwEwH2/DlnWf43U/O3UfsCQQDcrMG2JYYpID5//q4qzphVDAmXs79LgblXKdVvH9QPdXDO6orzKDQ9W8QN0L8TKoMQ1X9H7DH5rMJHhVjeEAGxAkB5Ns3Lt49Hvuf/+D/Bj9PnUrip8eS+lmwb1l4WOJLnkfE/LxRrP3ny8cMR1CSYA7mIghRvyjluXwB2yiBUpMwHAkAxc00dYh9ETAN1bz7cPNuKA16K7i6p3vIHhEpd0oYUyL50v75Pauz56vxuFB8dTmN8fDs/hMBWMM6AdHNLn86hAkEAkirN5jLexxVymjA9FsRZ/i8Fwwh1qXyEeKvZJbfDCvtvB4CUqf4DpwosyNnzjpPjNHamxcOb3jh18oTTvb5z5g==";

    @Autowired
    private IAppOrderService appOrderService;

    @Autowired
    private RestTemplate restTemplate;

    @RequestMapping({"/notify"})
    public String payNotify(HttpServletRequest httpServletRequest) throws Exception {
        BufferedReader reader = httpServletRequest.getReader();
        StringBuilder sb = new StringBuilder();
        while (true) {
            String readLine = reader.readLine();
            if (readLine == null) {
                break;
            }
            sb.append(readLine);
        }
        String sb2 = sb.toString();
        log.info("xiaomi notify param : {}", sb2);
        JSONObject parseObject = JSONObject.parseObject(sb2);
        String string = parseObject.getString(AjaxResult.DATA_TAG);
        String string2 = parseObject.getString("signature");
        JSONObject parseObject2 = JSONObject.parseObject(new String(Base64.decodeBase64(string)));
        String string3 = parseObject2.getString("msg_id");
        Long l = parseObject2.getLong("pay_order_id");
        String string4 = parseObject2.getString("cust_order_id");
        boolean verifySignByPublicKeyUrlBase64 = verifySignByPublicKeyUrlBase64(string, string2, PUBLIC_KEY);
        log.info("str check : flag={}", Boolean.valueOf(verifySignByPublicKeyUrlBase64));
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("msg_id", (Object) string3);
        jSONObject.put("err_code", (Object) "200");
        jSONObject.put("err_msg", (Object) ExternallyRolledFileAppender.OK);
        jSONObject.put(MessageFields.DATA_PUBLISH_TIME, (Object) Long.valueOf(Instant.now().getEpochSecond()));
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(AjaxResult.DATA_TAG, (Object) jSONObject);
        jSONObject2.put("signature", (Object) signByPrivateKey(jSONObject.toString(), PRIVATE_KEY));
        return (!verifySignByPublicKeyUrlBase64 || this.appOrderService.updateOrder(string4, l.toString(), "小米") == null) ? BaseConstant.FAILURE : BaseConstant.SUCCESS;
    }

    public static String signByPrivateKey(String str, String str2) {
        try {
            PrivateKey privateKey = getPrivateKey(str2);
            Signature signature = Signature.getInstance("SHA1WithRSA");
            signature.initSign(privateKey);
            signature.update(str.getBytes("utf-8"));
            return new String(Base64.encodeBase64(signature.sign()), "utf-8");
        } catch (Exception e) {
            log.error(e.toString());
            return null;
        }
    }

    public static PrivateKey getPrivateKey(String str) throws Exception {
        return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decodeBase64(str.getBytes("utf-8"))));
    }

    public static boolean verifySignByPublicKeyUrlBase64(String str, String str2, String str3) {
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decodeBase64(str3.getBytes("utf-8"))));
            Signature signature = Signature.getInstance("SHA1WithRSA");
            signature.initVerify(generatePublic);
            signature.update(str.getBytes("utf-8"));
            return signature.verify(Base64.decodeBase64(str2.getBytes("utf-8")));
        } catch (Exception e) {
            return false;
        }
    }
}
