package com.xzx.gc.common.request;

import cn.hutool.core.collection.CollUtil;
import cn.hutool.core.io.IoUtil;
import com.xzx.gc.common.utils.BusinessUtil;
import com.xzx.gc.common.utils.ExceptionUtils;
import com.xzx.gc.common.utils.SecurityUtil;
import com.xzx.gc.common.utils.SpringUtil;
import org.apache.commons.io.IOUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.MethodParameter;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.servlet.mvc.method.annotation.RequestBodyAdvice;

import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;

/**
 * @desc 请求数据解密
 */
@ControllerAdvice
public class MyRequestBodyAdvice implements RequestBodyAdvice {


    @Autowired
    private BusinessUtil businessUtil;

    @Override
    public boolean supports(MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
        return true;
    }

    @Override
    public Object handleEmptyBody(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
        return body;
    }

    @Override
    public HttpInputMessage beforeBodyRead(HttpInputMessage inputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) throws IOException {
        try {
            if ((SpringUtil.isDev()&&CollUtil.isNotEmpty(inputMessage.getHeaders().get("swagger"))&&"true".equals(inputMessage.getHeaders().get("swagger").get(0)))) {
                return inputMessage;
            }
            String objName = methodParameter.getMethod().getName();
            if(!businessUtil.isAuthMethod(objName)){
                return inputMessage;
            }
            String authKey = inputMessage.getHeaders().get("authKey").get(0);
            return new MyHttpInputMessage(inputMessage, authKey);
        } catch (Exception e) {
            ExceptionUtils.err("请求数据解密失败",e);
        }
        return inputMessage;
    }

    @Override
    public Object afterBodyRead(Object body, HttpInputMessage httpInputMessage, MethodParameter methodParameter, Type type, Class<? extends HttpMessageConverter<?>> aClass) {
        return body;
    }

    class MyHttpInputMessage implements HttpInputMessage {
        private HttpHeaders headers;

        private InputStream body;

        public MyHttpInputMessage(HttpInputMessage inputMessage,String authKey) throws Exception {
            this.body =decyptBody(inputMessage.getBody(),authKey);
        }

        @Override
        public InputStream getBody() {
            return body;
        }

        @Override
        public HttpHeaders getHeaders() {
            return headers;
        }

        /**
         * 解密body
         * @param body
         * @return
         * @throws IOException
         */
        public InputStream decyptBody(InputStream body,String authKey) throws IOException {
            String s = IOUtils.toString(body, "UTF-8");
            String decrypt = SecurityUtil.decryptRsaAndAes(authKey,s);
            return IoUtil.toStream(decrypt, "UTF-8");
        }

    }
}