package com.els.oss;

import com.aliyun.oss.common.utils.BinaryUtil;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.net.URI;
import java.net.URLDecoder;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.X509EncodedKeySpec;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.DefaultHttpClient;

@WebServlet({"/CallbackServer"})
/* loaded from: input_file:com/els/oss/CallbackServer.class */
public class CallbackServer extends HttpServlet implements Servlet {
    private static final long serialVersionUID = 1;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        System.out.println("用户输入url:" + httpServletRequest.getRequestURI());
        response(httpServletRequest, httpServletResponse, "input get ", 200);
    }

    public String executeGet(String str) {
        BufferedReader bufferedReader = null;
        String str2 = null;
        try {
            DefaultHttpClient defaultHttpClient = new DefaultHttpClient();
            HttpGet httpGet = new HttpGet();
            httpGet.setURI(new URI(str));
            bufferedReader = new BufferedReader(new InputStreamReader(defaultHttpClient.execute((HttpUriRequest) httpGet).getEntity().getContent()));
            StringBuffer stringBuffer = new StringBuffer("");
            String property = System.getProperty("line.separator");
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                stringBuffer.append(String.valueOf(readLine) + property);
            }
            bufferedReader.close();
            str2 = stringBuffer.toString();
        } catch (Exception e) {
        } catch (Throwable unused) {
        }
        if (bufferedReader != null) {
            try {
                bufferedReader.close();
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
        return str2;
    }

    public String GetPostBody(InputStream inputStream, int i) {
        if (i <= 0) {
            return "";
        }
        int i2 = 0;
        byte[] bArr = new byte[i];
        while (i2 != i) {
            try {
                int read = inputStream.read(bArr, i2, i - i2);
                if (read == -1) {
                    break;
                }
                i2 += read;
            } catch (IOException e) {
                return "";
            }
        }
        return new String(bArr);
    }

    protected boolean VerifyOSSCallbackRequest(HttpServletRequest httpServletRequest, String str) throws NumberFormatException, IOException {
        String str2 = new String(httpServletRequest.getHeader("Authorization"));
        String header = httpServletRequest.getHeader("x-oss-pub-key-url");
        byte[] fromBase64String = BinaryUtil.fromBase64String(str2);
        String str3 = new String(BinaryUtil.fromBase64String(header));
        if (!str3.startsWith("http://gosspublic.alicdn.com/") && !str3.startsWith("https://gosspublic.alicdn.com/")) {
            System.out.println("pub key addr must be oss addrss");
            return false;
        }
        String replace = executeGet(str3).replace("-----BEGIN PUBLIC KEY-----", "").replace("-----END PUBLIC KEY-----", "");
        String queryString = httpServletRequest.getQueryString();
        String decode = URLDecoder.decode(httpServletRequest.getRequestURI(), "UTF-8");
        if (queryString != null && !queryString.equals("")) {
            decode = String.valueOf(decode) + "?" + queryString;
        }
        return doCheck(String.valueOf(decode) + "\n" + str, fromBase64String, replace);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String GetPostBody = GetPostBody(httpServletRequest.getInputStream(), Integer.parseInt(httpServletRequest.getHeader("content-length")));
        boolean VerifyOSSCallbackRequest = VerifyOSSCallbackRequest(httpServletRequest, GetPostBody);
        System.out.println("verify result:" + VerifyOSSCallbackRequest);
        System.out.println("OSS Callback Body:" + GetPostBody);
        if (VerifyOSSCallbackRequest) {
            response(httpServletRequest, httpServletResponse, "{\"Status\":\"OK\"}", 200);
        } else {
            response(httpServletRequest, httpServletResponse, "{\"Status\":\"verdify not ok\"}", 400);
        }
    }

    public static boolean doCheck(String str, byte[] bArr, String str2) {
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(BinaryUtil.fromBase64String(str2)));
            Signature signature = Signature.getInstance("MD5withRSA");
            signature.initVerify(generatePublic);
            signature.update(str.getBytes());
            return signature.verify(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private void response(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, int i) throws IOException {
        String parameter = httpServletRequest.getParameter("callback");
        httpServletResponse.addHeader("Content-Length", String.valueOf(str.length()));
        if (parameter == null || parameter.equalsIgnoreCase("")) {
            httpServletResponse.getWriter().println(str);
        } else {
            httpServletResponse.getWriter().println(String.valueOf(parameter) + "( " + str + " )");
        }
        httpServletResponse.setStatus(i);
        httpServletResponse.flushBuffer();
    }
}
