package com.webank.weid.service.impl.inner;

import com.webank.weid.constant.DataDriverConstant;
import com.webank.weid.constant.ErrorCode;
import com.webank.weid.constant.ParamKeyConstant;
import com.webank.weid.exception.DataTypeCastException;
import com.webank.weid.protocol.amop.GetTransDataArgs;
import com.webank.weid.protocol.base.WeIdDocument;
import com.webank.weid.protocol.response.GetEncryptKeyResponse;
import com.webank.weid.protocol.response.ResponseData;
import com.webank.weid.suite.api.crypto.CryptoServiceFactory;
import com.webank.weid.suite.api.crypto.params.CryptoType;
import com.webank.weid.suite.api.transportation.params.EncodeType;
import com.webank.weid.suite.entity.TransCodeBaseData;
import com.webank.weid.suite.transmission.TransmissionService;
import com.webank.weid.util.DataToolUtils;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/webank/weid/service/impl/inner/DownTransDataService.class */
public class DownTransDataService extends InnerService implements TransmissionService<String> {
    private static final Logger logger = LoggerFactory.getLogger(DownTransDataService.class);

    @Override // com.webank.weid.suite.transmission.TransmissionService
    public ResponseData<String> service(String str) {
        try {
            return getCodeData((GetTransDataArgs) DataToolUtils.deserialize(str, GetTransDataArgs.class));
        } catch (Exception e) {
            logger.error("[onPush] get CodeData has error.", e);
            ResponseData<String> responseData = new ResponseData<>();
            responseData.setResult("");
            responseData.setErrorCode(ErrorCode.UNKNOW_ERROR);
            return responseData;
        }
    }

    private ResponseData<String> getCodeData(GetTransDataArgs getTransDataArgs) throws ClassNotFoundException {
        logger.info("[getCodeData] begin query data param:{}", getTransDataArgs);
        ResponseData<String> responseData = new ResponseData<>();
        responseData.setResult("");
        ResponseData<String> responseData2 = getDataDriver().get(DataDriverConstant.DOMAIN_RESOURCE_INFO, getTransDataArgs.getResourceId());
        if (responseData2.getErrorCode().intValue() != ErrorCode.SUCCESS.getCode()) {
            logger.error("[getCodeData] query data has error: {} - {}.", responseData2.getErrorCode(), responseData2.getErrorMessage());
            responseData.setErrorCode(ErrorCode.getTypeByErrorCode(responseData2.getErrorCode().intValue()));
            return responseData;
        }
        if (StringUtils.isBlank(responseData2.getResult())) {
            logger.error("[getCodeData] the data does not exist.");
            responseData.setErrorCode(ErrorCode.PERSISTENCE_DATA_DOES_NOT_EXIST);
            return responseData;
        }
        TransCodeBaseData transCodeBaseData = (TransCodeBaseData) DataToolUtils.deserialize(responseData2.getResult(), Class.forName(getTransDataArgs.getClassName()));
        EncodeType encodeType = EncodeType.getEncodeType(transCodeBaseData.getEncodeType());
        logger.info("[getCodeData] the encode is {}", encodeType.name());
        if (encodeType == EncodeType.ORIGINAL) {
            responseData.setResult(responseData2.getResult());
            responseData.setErrorCode(ErrorCode.SUCCESS);
            logger.info("[getCodeData] query data successfully.");
            return responseData;
        }
        if (encodeType != EncodeType.CIPHER) {
            logger.error("[getCodeData] the encode type error.");
            responseData.setErrorCode(ErrorCode.TRANSPORTATION_PROTOCOL_ENCODE_ERROR);
            return responseData;
        }
        GetEncryptKeyResponse encryptKey = getEncryptKey(getTransDataArgs);
        if (encryptKey.getErrorCode().intValue() != ErrorCode.SUCCESS.getCode()) {
            logger.error("[getCodeData] query the key has error.");
            responseData.setErrorCode(ErrorCode.getTypeByErrorCode(encryptKey.getErrorCode().intValue()));
            return responseData;
        }
        logger.info("[getCodeData] begin decrypt the data");
        transCodeBaseData.setData(CryptoServiceFactory.getCryptoService(CryptoType.AES).decrypt(String.valueOf(transCodeBaseData.getData()), encryptKey.getEncryptKey()));
        responseData.setResult(DataToolUtils.serialize(transCodeBaseData));
        responseData.setErrorCode(ErrorCode.SUCCESS);
        logger.info("[getCodeData] query data successfully.");
        return responseData;
    }

    private GetEncryptKeyResponse getEncryptKey(GetTransDataArgs getTransDataArgs) {
        logger.info("[getEncryptKey] begin query encrypt key param:{}", getTransDataArgs);
        GetEncryptKeyResponse getEncryptKeyResponse = new GetEncryptKeyResponse();
        ResponseData<String> responseData = getDataDriver().get(DataDriverConstant.DOMAIN_ENCRYPTKEY, getTransDataArgs.getResourceId());
        if (responseData.getErrorCode().intValue() == ErrorCode.SUCCESS.getCode() && StringUtils.isBlank(responseData.getResult())) {
            logger.error("[getEncryptKey] the encrypt key is not exists.");
            getEncryptKeyResponse.setEncryptKey("");
            getEncryptKeyResponse.setErrorCode(Integer.valueOf(ErrorCode.ENCRYPT_KEY_NOT_EXISTS.getCode()));
            getEncryptKeyResponse.setErrorMessage(ErrorCode.ENCRYPT_KEY_NOT_EXISTS.getCodeDesc());
        } else {
            getEncryptKeyResponse.setEncryptKey("");
            if (responseData.getErrorCode().intValue() != ErrorCode.SUCCESS.getCode()) {
                logger.error("[getEncryptKey] the encrypt key has error: {} - {}.", responseData.getErrorCode(), responseData.getErrorMessage());
                getEncryptKeyResponse.setErrorCode(responseData.getErrorCode());
                getEncryptKeyResponse.setErrorMessage(responseData.getErrorMessage());
                return getEncryptKeyResponse;
            }
            try {
                Map<String, Object> map = (Map) DataToolUtils.deserialize(responseData.getResult(), new HashMap().getClass());
                if (checkAuthority(getTransDataArgs, map)) {
                    getEncryptKeyResponse.setEncryptKey((String) map.get(ParamKeyConstant.KEY_DATA));
                    getEncryptKeyResponse.setErrorCode(Integer.valueOf(ErrorCode.SUCCESS.getCode()));
                    getEncryptKeyResponse.setErrorMessage(ErrorCode.SUCCESS.getCodeDesc());
                } else {
                    getEncryptKeyResponse.setErrorCode(Integer.valueOf(ErrorCode.ENCRYPT_KEY_NO_PERMISSION.getCode()));
                    getEncryptKeyResponse.setErrorMessage(ErrorCode.ENCRYPT_KEY_NO_PERMISSION.getCodeDesc());
                }
            } catch (DataTypeCastException e) {
                logger.error("[getEncryptKey]  deserialize the data error.", e);
                getEncryptKeyResponse.setErrorCode(Integer.valueOf(ErrorCode.ENCRYPT_KEY_INVALID.getCode()));
                getEncryptKeyResponse.setErrorMessage(ErrorCode.ENCRYPT_KEY_INVALID.getCodeDesc());
            }
        }
        return getEncryptKeyResponse;
    }

    private boolean checkAuthority(GetTransDataArgs getTransDataArgs, Map<String, Object> map) {
        if (map == null) {
            logger.error("[checkAuthority] illegal input.");
            return false;
        }
        ArrayList arrayList = (ArrayList) map.get(ParamKeyConstant.KEY_VERIFIERS);
        if (CollectionUtils.isEmpty(arrayList) || StringUtils.isBlank(getTransDataArgs.getWeId()) || !arrayList.contains(getTransDataArgs.getWeId())) {
            logger.error("[checkAuthority] no access to get the data, this weid is {}.", getTransDataArgs.getWeId());
            return false;
        }
        ResponseData<WeIdDocument> weIdDocument = getWeIdService().getWeIdDocument(getTransDataArgs.getWeId());
        if (weIdDocument.getErrorCode().intValue() != ErrorCode.SUCCESS.getCode()) {
            logger.error("[checkAuthority] can not get the WeIdDocument, this weid is {}.", getTransDataArgs.getWeId());
            return false;
        }
        if (DataToolUtils.verifySecp256k1SignatureFromWeId(getTransDataArgs.getResourceId(), getTransDataArgs.getSignValue(), weIdDocument.getResult(), null).getCode() == ErrorCode.SUCCESS.getCode() || DataToolUtils.verifySignatureFromWeId(getTransDataArgs.getResourceId(), getTransDataArgs.getSignValue(), weIdDocument.getResult(), (String) null).getCode() == ErrorCode.SUCCESS.getCode()) {
            logger.info("[checkAuthority] you have the permission to get key.");
            return true;
        }
        logger.error("[checkAuthority] the data is be changed, this weid is {}.", getTransDataArgs.getWeId());
        return false;
    }
}
