package kd.bos.openapi.base.dataservice;

import java.util.Collections;
import java.util.Date;
import java.util.Map;
import java.util.Set;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.entity.DynamicObject;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.entity.param.AppParam;
import kd.bos.id.ID;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.logorm.LogORM;
import kd.bos.openapi.base.acl.ApilAclManager;
import kd.bos.openapi.base.acl.IplimitManager;
import kd.bos.openapi.base.model.ApiAclInfoModel;
import kd.bos.openapi.base.model.ApiModel;
import kd.bos.openapi.base.model.AppAclModel;
import kd.bos.openapi.base.model.IpinfoModel;
import kd.bos.openapi.base.model.ThirdAppAclModel;
import kd.bos.openapi.base.script.OpenApiScriptUtil;
import kd.bos.openapi.base.statdata.ApiStatService;
import kd.bos.openapi.base.statdata.ApiStatType;
import kd.bos.openapi.base.util.DistributeCacheUtil;
import kd.bos.openapi.common.constant.ApiErrorCode;
import kd.bos.openapi.common.constant.ConfigConstant;
import kd.bos.openapi.common.exception.OpenApiException;
import kd.bos.openapi.common.model.OpenApiData;
import kd.bos.openapi.common.model.OpenApiLogModel;
import kd.bos.openapi.common.model.OpenApiStatModel;
import kd.bos.openapi.common.spi.OpenApiDataService;
import kd.bos.openapi.common.util.CommonDateUtil;
import kd.bos.openapi.common.util.DataUtil;
import kd.bos.openapi.common.util.IPWhiteListUtil;
import kd.bos.openapi.common.util.StringUtil;
import kd.bos.servicehelper.BusinessDataServiceHelper;
import kd.bos.servicehelper.parameter.SystemParamServiceHelper;

/* loaded from: input_file:kd/bos/openapi/base/dataservice/OpenApiDataServiceImpl.class */
public class OpenApiDataServiceImpl implements OpenApiDataService {
    private static final Log log = LogFactory.getLog(OpenApiDataServiceImpl.class);
    private static final String BOS_OPEN_ACTION = "bos-open-action";
    private static final String TRUE = "true";
    private static final String FALSE = "false";
    private static final String NULL = "null";
    private static final String COMMA = ",";
    private static final String V2 = "/v2/";

    public OpenApiData getOpenApiData(String str) {
        ApiModel apiModelFromCache = OpenApiDataUtil.getApiModelFromCache(str);
        OpenApiData openApiData = new OpenApiData();
        openApiData.setApiId(apiModelFromCache.getId());
        openApiData.setApiNumber(apiModelFromCache.getNumber());
        openApiData.setAppId(apiModelFromCache.getAppId());
        openApiData.setAppRealId(apiModelFromCache.getAppRealId());
        openApiData.setCloudId(apiModelFromCache.getCloudId());
        openApiData.setUrl(apiModelFromCache.getUrl());
        openApiData.setApiServiceType(apiModelFromCache.getApiServiceType());
        openApiData.setHttpMethod(apiModelFromCache.getHttpMethod());
        openApiData.setBizObject(apiModelFromCache.getBizObject());
        openApiData.setClassName(apiModelFromCache.getClassName());
        openApiData.setMethodName(apiModelFromCache.getMethodName());
        openApiData.setNamespace(apiModelFromCache.getNamespace());
        openApiData.setWsInputParam(apiModelFromCache.getWsInputParam());
        openApiData.setWsOutputParam(apiModelFromCache.getWsOutputParam());
        openApiData.setOutParaWithoutStatus(apiModelFromCache.isOutParaWithoutStatus());
        openApiData.setApiDefType(apiModelFromCache.getApiDefType());
        openApiData.setApiOperationType(apiModelFromCache.getOperation());
        openApiData.setWsMethodName(apiModelFromCache.getWsMethodName());
        return openApiData;
    }

    public Set<String> getReqMulValParams(String str) {
        ApiModel apiModelFromCache = OpenApiDataUtil.getApiModelFromCache(str);
        if (apiModelFromCache != null) {
            return apiModelFromCache.getReqMulValParams();
        }
        return null;
    }

    public OpenApiData getOpenApiOldData(Map<String, String> map) {
        return OpenApiDataUtil.getApiOldModelFromCache(map);
    }

    public void checkClientIP() {
        String loginIP = RequestContext.get().getLoginIP();
        log.info(String.format("clientIP:%s", loginIP));
        String api3rdAppId = RequestContext.get().getApi3rdAppId();
        if (StringUtil.isEmpty(api3rdAppId) || NULL.equalsIgnoreCase(api3rdAppId) || "Anonymous".equalsIgnoreCase(api3rdAppId) || IPWhiteListUtil.LOCAL_IP_127.equals(loginIP) || IPWhiteListUtil.LOCAL_IP.equals(loginIP) || IplimitManager.getIpInfoModelFromCache(api3rdAppId).isNoLimitAccess() || checkClientIpValid(api3rdAppId, loginIP)) {
            return;
        }
        String str = loginIP;
        if (loginIP.contains(IPWhiteListUtil.LOCAL_IP_127)) {
            str = loginIP.replaceAll(IPWhiteListUtil.LOCAL_IP_127, "");
        }
        throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, String.format("Client's IP: %s is not in white IP list", str), new Object[0]);
    }

    private boolean checkClientIpValid(String str, String str2) {
        boolean z = false;
        IpinfoModel ipInfoModelFromCache = IplimitManager.getIpInfoModelFromCache(str);
        String[] split = str2.split(COMMA);
        if (split != null && split.length > 0) {
            for (String str3 : split) {
                if (!StringUtil.isEmpty(str3) && !IPWhiteListUtil.LOCAL_IP_127.equals(str3.trim())) {
                    z = IPWhiteListUtil.checkIp(str3.trim(), ipInfoModelFromCache.getMapList());
                    if (z) {
                        break;
                    }
                }
            }
        }
        return z;
    }

    public void checkThirdACL(String str) {
        String api3rdAppId = RequestContext.get().getApi3rdAppId();
        Long.valueOf(RequestContext.get().getCurrUserId());
        ApiAclInfoModel apiAclModelFromCache = ApilAclManager.getApiAclModelFromCache(str);
        if (RequestContext.get().getCurrUserId() == -1 && !ApilAclManager.checkApiAnonymousAccess(apiAclModelFromCache, TRUE.equalsIgnoreCase(System.getProperty("login_api_support_anonymous")))) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, String.format(ResManager.loadKDString("接口禁止匿名访问", "ApiServiceType_0", BOS_OPEN_ACTION, new Object[0]), apiAclModelFromCache.getUrl()), new Object[0]);
        }
        if (apiAclModelFromCache != null && !ApilAclManager.checkApiEnable(apiAclModelFromCache) && apiAclModelFromCache.getUrl().startsWith(V2)) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, ResManager.loadKDString("该接口不存在或者被禁止访问。", "ApiServiceType_4", BOS_OPEN_ACTION, new Object[0]), new Object[0]);
        }
        if (api3rdAppId == null || api3rdAppId.isEmpty() || NULL.equals(api3rdAppId)) {
            log.info(String.format("WebApi_log open3rdappsApiCanUsed_1 return true api3rdAppId:%s", api3rdAppId));
            return;
        }
        ThirdAppAclModel thirdAppAclInfoModelFromCache = ApilAclManager.getThirdAppAclInfoModelFromCache(api3rdAppId);
        AppAclModel appAclInfoModelFromCache = ApilAclManager.getAppAclInfoModelFromCache(apiAclModelFromCache.getAppId());
        if (!thirdAppAclInfoModelFromCache.isAppAccess()) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, String.format(ResManager.loadKDString("该第三方应用-%s已被禁止访问", "ApiServiceType_0", BOS_OPEN_ACTION, new Object[0]), thirdAppAclInfoModelFromCache.getThirdAppCode()), new Object[0]);
        }
        if (!ApilAclManager.checkAppEnableDateRange(thirdAppAclInfoModelFromCache) && apiAclModelFromCache.getUrl().startsWith(V2)) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, String.format(ResManager.loadKDString("当前第三方应用不在启动时间范围内, enableDate: %1$s, stopDate: %2$s", "ApiServiceType_0", BOS_OPEN_ACTION, new Object[0]), CommonDateUtil.dateConvertString(thirdAppAclInfoModelFromCache.getLastEnableTime()), CommonDateUtil.dateConvertString(thirdAppAclInfoModelFromCache.getLastStopTime())), new Object[0]);
        }
        if (!ApilAclManager.checkAppAclModel(str, appAclInfoModelFromCache)) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, String.format(ResManager.loadKDString("该接口运行时应用-%s已被禁止访问", "ApiServiceType_0", BOS_OPEN_ACTION, new Object[0]), appAclInfoModelFromCache.getAppName()), new Object[0]);
        }
        if (!ApilAclManager.checkApiAnonymousAccess(apiAclModelFromCache, TRUE.equalsIgnoreCase(System.getProperty("login_api_support_anonymous"))) && !thirdAppAclInfoModelFromCache.isAllowAllApi() && !ApilAclManager.checkApiAct(str, thirdAppAclInfoModelFromCache)) {
            throw new OpenApiException(ApiErrorCode.HTTP_FORBIDDEN, String.format(ResManager.loadKDString("该第三方应用-%s没有此接口访问权限", "ApiServiceType_6", BOS_OPEN_ACTION, new Object[0]), thirdAppAclInfoModelFromCache.getThirdAppCode()), new Object[0]);
        }
    }

    public void writeApiOperationLog(String str, OpenApiLogModel openApiLogModel) {
        if (isIgnoreLog(openApiLogModel.getApiNumber())) {
            return;
        }
        String bizObject = openApiLogModel.getBizObject();
        if (bizObject != null && bizObject.length() > 50) {
            bizObject = bizObject.substring(0, 50);
        }
        String response = openApiLogModel.getResponse();
        if (response != null && response.length() > 1800) {
            response = response.substring(0, 1800);
        }
        String request = openApiLogModel.getRequest();
        if (request != null && request.length() > 1800) {
            request = request.substring(0, 1800);
        }
        String errMsg = openApiLogModel.getErrMsg();
        if (errMsg != null && errMsg.length() > 1800) {
            errMsg = errMsg.substring(0, 1800);
        }
        if (str != null && str.length() > 200) {
            str = str.substring(0, 200);
        }
        String apiNumber = StringUtil.isEmpty(openApiLogModel.getApiNumber()) ? "404" : openApiLogModel.getApiNumber();
        String jsonDataMask = getJsonDataMask(request);
        DynamicObject newDynamicObject = BusinessDataServiceHelper.newDynamicObject("openapi_log_data");
        newDynamicObject.set("opdesc", str);
        newDynamicObject.set("request", jsonDataMask);
        newDynamicObject.set("response", response);
        newDynamicObject.set("errmsg", errMsg);
        newDynamicObject.set("opname", apiNumber);
        newDynamicObject.set("status", Boolean.valueOf(openApiLogModel.isStatus()));
        newDynamicObject.set("opdate", new Date());
        RequestContext requestContext = RequestContext.get();
        if (StringUtil.isNotEmpty(requestContext.getApi3rdAppId()) && requestContext.getApi3rdAppId() != null && !NULL.equalsIgnoreCase(requestContext.getApi3rdAppId())) {
            newDynamicObject.set("thirdappname", ApilAclManager.getThirdAppAclInfoModelFromCache(requestContext.getApi3rdAppId()).getThirdAppCode());
        }
        newDynamicObject.set("username", requestContext.getUserName());
        newDynamicObject.set("userid", Long.valueOf(requestContext.getCurrUserId()));
        String loginIP = requestContext.getLoginIP();
        if (loginIP != null && loginIP.length() > 50) {
            loginIP = loginIP.substring(0, 50);
        }
        newDynamicObject.set("ip", loginIP);
        newDynamicObject.set("cloudname", openApiLogModel.getCloudId());
        newDynamicObject.set("appname", openApiLogModel.getAppId());
        newDynamicObject.set("bizobject", bizObject);
        newDynamicObject.set("timecost", Integer.valueOf(openApiLogModel.getTimeCost()));
        newDynamicObject.set("operationtimecost", Integer.valueOf(openApiLogModel.getModelTimeCost()));
        newDynamicObject.set("apiid", Long.valueOf(openApiLogModel.getApiId()));
        newDynamicObject.set("traceid", requestContext.getTraceId());
        long genLongId = ID.genLongId();
        newDynamicObject.set("id", Long.valueOf(genLongId));
        LogORM.create().insert(Collections.singletonList(newDynamicObject));
        if ("full".equalsIgnoreCase(getSysParameter("api_log_level", "summary"))) {
            DynamicObject newDynamicObject2 = BusinessDataServiceHelper.newDynamicObject("openapi_log_detail");
            newDynamicObject2.set("id", Long.valueOf(genLongId));
            newDynamicObject2.set("reqpara_tag", request);
            newDynamicObject2.set("resppara_tag", response);
            newDynamicObject2.set("opdate", new Date());
            LogORM.create().insert(Collections.singletonList(newDynamicObject2));
        }
    }

    public void writeApiStatData(long j, OpenApiStatModel openApiStatModel) {
        if (j == 0 || isIgnoreLog(openApiStatModel.getApiNumber())) {
            return;
        }
        ApiStatService.getInstance().collect(j, DataUtil.l(RequestContext.get().getApi3rdAppId()), openApiStatModel.isStatus(), openApiStatModel.getTimeCost());
    }

    public String getSysParameter(String str, String str2) {
        return getSysParameter(str, null, str2);
    }

    public String getSysParameter(String str, String str2, String str3) {
        if (!StringUtil.isEmpty(str) && isKeyValid(str)) {
            if (StringUtil.isEmpty(str2)) {
                str2 = str;
            }
            if (!TRUE.equals(getSystemParam("api_sysconfig_dev"))) {
                return System.getProperty(str2, str3);
            }
            String systemParam = getSystemParam(str);
            return !StringUtil.isEmpty(systemParam) ? systemParam : System.getProperty(str2, str3);
        }
        return str3;
    }

    private String getSystemParam(String str) {
        Object orDefault;
        Map loadAppParameterFromCache = SystemParamServiceHelper.loadAppParameterFromCache(new AppParam("W3NF+MX967M", "15", ConfigConstant.OPEN_SYS_PARAMS_ORG_ID, ConfigConstant.OPEN_SYS_PARAMS_ACT_BOOK_ID));
        if (loadAppParameterFromCache == null || (orDefault = loadAppParameterFromCache.getOrDefault(str, null)) == null) {
            return null;
        }
        return orDefault.toString();
    }

    private boolean isKeyValid(String str) {
        if (StringUtil.isEmpty(str)) {
            return false;
        }
        boolean z = false;
        boolean z2 = -1;
        switch (str.hashCode()) {
            case -1470674559:
                if (str.equals("api_openlog_showstack")) {
                    z2 = false;
                    break;
                }
                break;
            case -929120576:
                if (str.equals("api_sysconfig_dev")) {
                    z2 = 5;
                    break;
                }
                break;
            case -892190321:
                if (str.equals("kapiloglevel")) {
                    z2 = 7;
                    break;
                }
                break;
            case -619709996:
                if (str.equals("api_limit_anonymous_count")) {
                    z2 = 6;
                    break;
                }
                break;
            case -115405050:
                if (str.equals("api_limit_flowcontrol")) {
                    z2 = 3;
                    break;
                }
                break;
            case -20104476:
                if (str.equals("api_log_level")) {
                    z2 = 2;
                    break;
                }
                break;
            case 824677377:
                if (str.equals("fulllog_days")) {
                    z2 = 8;
                    break;
                }
                break;
            case 967411033:
                if (str.equals("api_stat")) {
                    z2 = 4;
                    break;
                }
                break;
            case 1673119653:
                if (str.equals("api1_newcontrol")) {
                    z2 = 9;
                    break;
                }
                break;
            case 1680654488:
                if (str.equals("api_query_maxpagesize")) {
                    z2 = true;
                    break;
                }
                break;
        }
        switch (z2) {
            case ApiStatType.MINUTE /* 0 */:
            case ApiStatType.HOUR /* 1 */:
            case ApiStatType.DAY /* 2 */:
            case true:
            case true:
            case true:
            case true:
            case true:
            case true:
            case ApiStatType.SUMMARY /* 9 */:
                z = true;
                break;
        }
        return z;
    }

    private boolean isIgnoreLog(String str) {
        if (str == null) {
            return false;
        }
        return "getRobertHome".equalsIgnoreCase(str.trim());
    }

    private String getJsonDataMask(String str) {
        String str2 = str;
        if (StringUtil.isEmpty(str)) {
            return "";
        }
        if (str.indexOf("accesstoken") >= 0) {
            str2 = str2.replaceAll("(?<=\"accesstoken\":\")[^\",]*", "***");
        } else if (str.indexOf("accessToken") >= 0) {
            str2 = str2.replaceAll("(?<=\"accessToken\":\")[^\",]*", "***");
        } else if (str.indexOf("access_token") >= 0) {
            str2 = str2.replaceAll("(?<=\"access_token\":\")[^\",]*", "***");
        } else if (str.indexOf("jwt") >= 0) {
            str2 = str2.replaceAll("(?<=\"jwt\":\")[^\",]*", "***");
        }
        return str2;
    }

    public Map<String, Object> parseInScript(String str, Map<String, Object> map, Map<String, String> map2, Map<String, String> map3) {
        return OpenApiScriptUtil.parseInScript(str, map, map2, map3);
    }

    public Object parseOutScript(String str, Map<String, Object> map, Map<String, String> map2, Map<String, String> map3, Object obj, Map<String, String> map4) {
        return OpenApiScriptUtil.parseOutScript(str, map, map2, map3, obj, map4);
    }

    public boolean checkIdempotency(String str, String str2) {
        String str3 = str + "_" + str2;
        if (DistributeCacheUtil.getCacheByKey("API_Idempotency-Key", str3) != null) {
            return true;
        }
        DistributeCacheUtil.setCacheByKey("API_Idempotency-Key", str3, "1");
        return false;
    }
}
