package kd.drp.dbd.common.pay.util;

import com.alibaba.fastjson.JSONObject;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.Random;
import java.util.Set;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import kd.bos.fileservice.FileServiceFactory;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.drp.dbd.common.pay.config.WechatPayConfig;
import kd.drp.dbd.common.pay.exception.ServiceException;
import kd.drp.dbd.common.pay.wechat.vo.MicroPayRequestParam;
import kd.drp.dbd.common.pay.wechat.vo.OrderQueryRequestParam;
import kd.drp.dbd.common.pay.wechat.vo.RefundRequestParam;
import kd.drp.dbd.common.pay.wechat.vo.ReverseRequestParam;
import kd.drp.dbd.common.pay.wechatpay.sdk.WXPayConstants;
import kd.drp.dbd.consts.PayParamConst;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.config.RegistryBuilder;
import org.apache.http.conn.DnsResolver;
import org.apache.http.conn.HttpConnectionFactory;
import org.apache.http.conn.SchemePortResolver;
import org.apache.http.conn.socket.PlainConnectionSocketFactory;
import org.apache.http.conn.ssl.DefaultHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.conn.BasicHttpClientConnectionManager;
import org.apache.http.util.EntityUtils;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:kd/drp/dbd/common/pay/util/WechatPayUtil.class */
public class WechatPayUtil {
    private static final String SYMBOLS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
    private static final String PREFIX_XML = "<xml>";
    private static final String SUFFIX_XML = "</xml>";
    private static final String PREFIX_CDATA = "<![CDATA[";
    private static final String SUFFIX_CDATA = "]]>";
    private static Log logger = LogFactory.getLog(WechatPayUtil.class);
    private static final Random RANDOM = new SecureRandom();

    public static JSONObject microPay(MicroPayRequestParam microPayRequestParam) {
        try {
            WechatPayConfig wechatPayConfig = getWechatPayConfig(microPayRequestParam.getPayConfig(), false);
            String requestWithoutCert = requestWithoutCert(wechatPayConfig, WXPayConstants.MICROPAY_URL_SUFFIX, mapToXml(fillRequestData(wechatPayConfig, microPayRequestParam.buildRequestMap())));
            JSONObject jSONObject = new JSONObject();
            jSONObject.putAll(processResponseXml(wechatPayConfig, requestWithoutCert));
            return jSONObject;
        } catch (Exception e) {
            logger.info("微信支付提交刷卡支付接口异常 : (" + e.getMessage() + ")");
            throw new ServiceException("微信支付提交刷卡支付接口异常 : (" + e.getMessage() + ")", e);
        }
    }

    public static JSONObject orderQuery(OrderQueryRequestParam orderQueryRequestParam) {
        try {
            WechatPayConfig wechatPayConfig = getWechatPayConfig(orderQueryRequestParam.getPayConfig(), false);
            String requestWithoutCert = requestWithoutCert(wechatPayConfig, WXPayConstants.ORDERQUERY_URL_SUFFIX, mapToXml(fillRequestData(wechatPayConfig, orderQueryRequestParam.buildRequestMap())));
            JSONObject jSONObject = new JSONObject();
            jSONObject.putAll(processResponseXml(wechatPayConfig, requestWithoutCert));
            return jSONObject;
        } catch (Exception e) {
            logger.info("微信支付查询订单接口异常 : (" + e.getMessage() + ")");
            throw new ServiceException("微信支付查询订单接口异常 : (" + e.getMessage() + ")", e);
        }
    }

    public static JSONObject reverse(ReverseRequestParam reverseRequestParam) {
        try {
            WechatPayConfig wechatPayConfig = getWechatPayConfig(reverseRequestParam.getPayConfig(), true);
            String requestWithCert = requestWithCert(wechatPayConfig, WXPayConstants.REVERSE_URL_SUFFIX, mapToXml(fillRequestData(wechatPayConfig, reverseRequestParam.buildRequestMap())));
            JSONObject jSONObject = new JSONObject();
            jSONObject.putAll(processResponseXml(wechatPayConfig, requestWithCert));
            return jSONObject;
        } catch (Exception e) {
            logger.info("微信支付撤销订单接口异常 : (" + e.getMessage() + ")");
            throw new ServiceException("微信支付撤销订单接口异常 : (" + e.getMessage() + ")", e);
        }
    }

    public static JSONObject refund(RefundRequestParam refundRequestParam) {
        try {
            WechatPayConfig wechatPayConfig = getWechatPayConfig(refundRequestParam.getPayConfig(), true);
            try {
                String requestWithCert = requestWithCert(wechatPayConfig, WXPayConstants.REFUND_URL_SUFFIX, mapToXml(fillRequestData(wechatPayConfig, refundRequestParam.buildRequestMap())));
                JSONObject jSONObject = new JSONObject();
                jSONObject.putAll(processResponseXml(wechatPayConfig, requestWithCert));
                return jSONObject;
            } catch (Exception e) {
                throw new ServiceException("微信双向认证请求失败 :", e);
            }
        } catch (Exception e2) {
            logger.info("微信支付申请退款接口异常 : (" + e2.getMessage() + ")");
            throw new ServiceException("微信支付申请退款接口异常 : (" + e2.getMessage() + ")", e2);
        }
    }

    protected static WechatPayConfig getWechatPayConfig(Map<String, String> map, Boolean bool) {
        WechatPayConfig wechatPayConfig = new WechatPayConfig();
        wechatPayConfig.setAppId(map.get(PayParamConst.APPID));
        wechatPayConfig.setMchId(map.get(PayParamConst.MCH_ID));
        wechatPayConfig.setApiKey(map.get(PayParamConst.KEY));
        wechatPayConfig.setPayDomain(WXPayConstants.DOMAIN_API);
        if (bool.booleanValue()) {
            wechatPayConfig.setCertData(getCertdata(map.get(PayParamConst.PAY_CERTIFICATE)));
        }
        return wechatPayConfig;
    }

    protected static byte[] getCertdata(String str) {
        byte[] bArr = new byte[0];
        try {
            InputStream inputStream = FileServiceFactory.getAttachmentFileService().getInputStream(str);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(inputStream.available());
            byte[] bArr2 = new byte[inputStream.available()];
            while (true) {
                int read = inputStream.read(bArr2);
                if (read == -1) {
                    break;
                }
                byteArrayOutputStream.write(bArr2, 0, read);
            }
            inputStream.close();
            byteArrayOutputStream.close();
            bArr = byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            logger.error("获取证书内容失败 :" + e.getMessage());
        }
        return bArr;
    }

    protected static Map<String, String> fillRequestData(WechatPayConfig wechatPayConfig, Map<String, String> map) throws Exception {
        map.put(PayParamConst.APPID, wechatPayConfig.getAppId());
        map.put(PayParamConst.MCH_ID, wechatPayConfig.getMchId());
        map.put("nonce_str", generateNonceStr());
        map.put("sign_type", WXPayConstants.HMACSHA256);
        map.put(WXPayConstants.FIELD_SIGN, generateSignature(map, wechatPayConfig.getApiKey(), WXPayConstants.SignType.HMACSHA256));
        return map;
    }

    protected static Map<String, String> processResponseXml(WechatPayConfig wechatPayConfig, String str) throws Exception {
        Map<String, String> xmlToMap = xmlToMap(str);
        String str2 = xmlToMap.get("return_code");
        if (str2 == null) {
            throw new Exception(String.format("No `return_code` in XML: %s", str));
        }
        if (str2.equals(WXPayConstants.FAIL)) {
            return xmlToMap;
        }
        if (!str2.equals(WXPayConstants.SUCCESS)) {
            throw new Exception(String.format("return_code value %s is invalid in XML: %s", str2, str));
        }
        if (isResponseSignatureValid(wechatPayConfig, xmlToMap)) {
            return xmlToMap;
        }
        throw new Exception(String.format("Invalid sign value in XML: %s", str));
    }

    protected static boolean isResponseSignatureValid(WechatPayConfig wechatPayConfig, Map<String, String> map) throws Exception {
        return isSignatureValid(map, wechatPayConfig.getApiKey(), WXPayConstants.SignType.HMACSHA256);
    }

    protected static String requestWithoutCert(WechatPayConfig wechatPayConfig, String str, String str2) throws Exception {
        return requestOnce(wechatPayConfig, str, str2, false);
    }

    protected static String requestWithCert(WechatPayConfig wechatPayConfig, String str, String str2) throws Exception {
        return requestOnce(wechatPayConfig, str, str2, true);
    }

    protected static synchronized String requestOnce(WechatPayConfig wechatPayConfig, String str, String str2, boolean z) throws Exception {
        BasicHttpClientConnectionManager basicHttpClientConnectionManager;
        if (z) {
            char[] charArray = wechatPayConfig.getMchId().toCharArray();
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(wechatPayConfig.getCertData());
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            try {
                keyStore.load(byteArrayInputStream, charArray);
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                keyManagerFactory.init(keyStore, charArray);
                SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                sSLContext.init(keyManagerFactory.getKeyManagers(), null, new SecureRandom());
                basicHttpClientConnectionManager = new BasicHttpClientConnectionManager(RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", new SSLConnectionSocketFactory(sSLContext, new String[]{"TLSv1"}, (String[]) null, new DefaultHostnameVerifier())).build(), (HttpConnectionFactory) null, (SchemePortResolver) null, (DnsResolver) null);
            } catch (Exception e) {
                throw new ServiceException("微信证书加载异常 :", e);
            }
        } else {
            basicHttpClientConnectionManager = new BasicHttpClientConnectionManager(RegistryBuilder.create().register("http", PlainConnectionSocketFactory.getSocketFactory()).register("https", SSLConnectionSocketFactory.getSocketFactory()).build(), (HttpConnectionFactory) null, (SchemePortResolver) null, (DnsResolver) null);
        }
        CloseableHttpClient build = HttpClientBuilder.create().setConnectionManager(basicHttpClientConnectionManager).build();
        HttpPost httpPost = new HttpPost("https://" + wechatPayConfig.getPayDomain() + str);
        httpPost.setConfig(RequestConfig.custom().setSocketTimeout(wechatPayConfig.getReadTimeOutMs()).setConnectTimeout(wechatPayConfig.getConnectTimeOutMs()).build());
        StringEntity stringEntity = new StringEntity(str2, "UTF-8");
        httpPost.addHeader("Content-Type", "text/xml");
        httpPost.addHeader("User-Agent", WXPayConstants.USER_AGENT + " " + wechatPayConfig.getMchId());
        httpPost.setEntity(stringEntity);
        try {
            return EntityUtils.toString(build.execute(httpPost).getEntity(), "UTF-8");
        } catch (Exception e2) {
            throw new ServiceException("微信发起Http请求异常 :", e2);
        }
    }

    protected static boolean isSignatureValid(Map<String, String> map, String str, WXPayConstants.SignType signType) throws Exception {
        if (!map.containsKey(WXPayConstants.FIELD_SIGN)) {
            return false;
        }
        return generateSignature(map, str, signType).toUpperCase(Locale.ENGLISH).equals(map.get(WXPayConstants.FIELD_SIGN));
    }

    protected static String generateSignature(Map<String, String> map, String str, WXPayConstants.SignType signType) throws Exception {
        Set<String> keySet = map.keySet();
        String[] strArr = (String[]) keySet.toArray(new String[keySet.size()]);
        Arrays.sort(strArr);
        StringBuilder sb = new StringBuilder();
        for (String str2 : strArr) {
            if (!str2.equals(WXPayConstants.FIELD_SIGN) && map.get(str2).trim().length() > 0) {
                sb.append(str2).append('=').append(map.get(str2).trim()).append('&');
            }
        }
        sb.append("key=").append(str);
        if (WXPayConstants.SignType.HMACSHA256 == signType) {
            return HMACSHA256(sb.toString(), str);
        }
        throw new Exception(String.format("Invalid sign_type: %s", signType));
    }

    protected static String generateNonceStr() {
        char[] cArr = new char[32];
        for (int i = 0; i < cArr.length; i++) {
            cArr[i] = SYMBOLS.charAt(RANDOM.nextInt(SYMBOLS.length()));
        }
        return new String(cArr);
    }

    public static String HMACSHA256(String str, String str2) throws Exception {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(new SecretKeySpec(str2.getBytes("UTF-8"), "HmacSHA256"));
        byte[] doFinal = mac.doFinal(str.getBytes("UTF-8"));
        StringBuilder sb = new StringBuilder();
        for (byte b : doFinal) {
            sb.append(Integer.toHexString((b & 255) | 256).substring(1, 3));
        }
        return sb.toString().toUpperCase();
    }

    public static Map<String, String> xmlToMap(String str) throws Exception {
        try {
            HashMap hashMap = new HashMap();
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
            DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes("UTF-8"));
            Document parse = newDocumentBuilder.parse(byteArrayInputStream);
            parse.getDocumentElement().normalize();
            NodeList childNodes = parse.getDocumentElement().getChildNodes();
            for (int i = 0; i < childNodes.getLength(); i++) {
                Node item = childNodes.item(i);
                if (item.getNodeType() == 1) {
                    Element element = (Element) item;
                    hashMap.put(element.getNodeName(), element.getTextContent());
                }
            }
            try {
                byteArrayInputStream.close();
            } catch (Exception e) {
            }
            return hashMap;
        } catch (Exception e2) {
            logger.error("无效的XML，转换Map失败。错误信息是：" + e2.getMessage() + "出错XML是：" + str);
            throw e2;
        }
    }

    public static String mapToXml(Map<String, String> map) throws Exception {
        StringBuilder sb = new StringBuilder(PREFIX_XML);
        if (null != map) {
            for (Map.Entry<String, String> entry : map.entrySet()) {
                sb.append('<').append(entry.getKey()).append('>');
                sb.append(PREFIX_CDATA);
                if (null != entry.getValue()) {
                    sb.append(entry.getValue());
                }
                sb.append(SUFFIX_CDATA);
                sb.append("</").append(entry.getKey()).append('>');
            }
        }
        return sb.append(SUFFIX_XML).toString();
    }
}
