package com.bssys.spg.merchant.service.interceptor;

import com.bssys.schemas.spg.merchant.service.v1.FaultResponse;
import com.bssys.spg.dbaccess.dao.MessagesDao;
import com.bssys.spg.dbaccess.dao.SystemPropertiesDao;
import com.bssys.spg.dbaccess.model.Messages;
import com.bssys.spg.dbaccess.model.SystemProperties;
import com.bssys.spg.merchant.util.MerchantServiceMessagesConstants;
import com.bssys.spg.merchant.util.MessagesUtil;
import com.otr.sufd.cryptowebservice.SignWebServicePortType;
import java.io.StringWriter;
import javassist.bytecode.SignatureAttribute;
import javax.annotation.PostConstruct;
import javax.xml.soap.SOAPBody;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.validation.Schema;
import javax.xml.validation.SchemaFactory;
import javax.xml.validation.Validator;
import org.apache.cxf.binding.soap.SoapMessage;
import org.apache.cxf.binding.soap.interceptor.AbstractSoapInterceptor;
import org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.phase.Phase;
import org.aspectj.lang.JoinPoint;
import org.aspectj.runtime.reflect.Factory;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.transaction.aspectj.AnnotationTransactionAspect;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;
import ru.bss_s.cryptoservice._1.CryptoServicePortType;

/* loaded from: input_file:spg-merchant-service-war-3.0.8.war:WEB-INF/classes/com/bssys/spg/merchant/service/interceptor/SecurityInInterceptor.class */
public class SecurityInInterceptor extends AbstractSoapInterceptor {
    private Logger logger;
    public static final String WSDL_XSD_MERCHANT_SPG_MERCHANT_SERVICE_MESSAGES_V1_XSD = "wsdl/xsd/merchant/spg-merchant-service-messages-v1.xsd";
    public static final String HTTP_WWW_W3_ORG_2001_XMLSCHEMA = "http://www.w3.org/2001/XMLSchema";
    private static final String OPERATION_REGISTER_COMMISSION = "urn:registerCommission";
    private static final String OPERATION_CHECK_PAYMENT_STATUS = "urn:checkPaymentStatus";
    private static final String OPERATION_REGISTER_PAYMENT = "urn:registerPayment";
    private static final String OPERATION_CONFIRM_PAYMENT = "urn:confirmPayment";
    private static final String OPERATION_GET_DEAD_PAYMENTS = "getDeadPayments";
    private static final String OPERATION_REGISTER_COMMISSION_ROOT_ELEMENT = "registerCommissionRequest";
    private static final String OPERATION_REGISTER_COMMISSION_SIGNATURE_ELEMENT = "Signature";
    private static final String OPERATION_CHECK_PAYMENT_STATUS_ROOT_ELEMENT = "checkPaymentStatusRequest";
    private static final String OPERATION_CHECK_PAYMENT_STATUS_SIGNATURE_ELEMENT = "Signature";
    private static final String OPERATION_GET_DEAD_PAYMENTS_ROOT_ELEMENT = "getDeadPaymentsRequest";
    private static final String OPERATION_GET_DEAD_PAYMENTS_SIGNATURE_ELEMENT = "Signature";
    private static final String OPERATION_REGISTER_PAYMENT_ROOT_ELEMENT = "registerPaymentRequest";
    private static final String OPERATION_REGISTER_PAYMENT_CHECK_SIGNATURE_ELEMENT = "paymentDetails";
    private static final String OPERATION_REGISTER_PAYMENT_CHECK_SIGNATURE_ELEMENT_NS = "http://schemas.bssys.com/spg/service/payment/details/v1";
    private static final String OPERATION_REGISTER_PAYMENT_SIGNATURE_ELEMENT = "Signature";
    private static final String OPERATION_CONFIRM_PAYMENT_ROOT_ELEMENT = "confirmPaymentRequest";
    private static final String OPERATION_CONFIRM_PAYMENT_SIGNATURE_ELEMENT = "Signature";
    private static final String OPERATION_CONFIRM_PAYMENT_CHECK_SIGNATURE_ELEMENT_1 = "FinalPayment";
    private static final String OPERATION_CONFIRM_PAYMENT_CHECK_SIGNATURE_ELEMENT_2 = "Income";
    private static final String OPERATION_CONFIRM_PAYMENT_CHECK_SIGNATURE_ELEMENT_NS_1 = "http://roskazna.ru/xsd/PaymentInfo";
    private static final String OPERATION_CONFIRM_PAYMENT_CHECK_SIGNATURE_ELEMENT_NS_2 = "http://roskazna.ru/xsd/PaymentInfo";
    public static final String SPG_MERCHANT_SERVICE_MESSAGES_V1_NAMESPACE = "http://schemas.bssys.com/spg/merchant/service/messages/v1";
    public static final String SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE = "http://www.w3.org/2000/09/xmldsig#";
    private FaultResponse FAULT_VALIDATION_EXCEPTION;
    private FaultResponse FAULT_SYSTEM_EXCEPTION;
    private FaultResponse FAULT_SIGNATURE_EXCEPTION;
    private ClassLoader classLoader;
    private Schema merchantServiceSchema;
    private Validator schemaValidator;

    @Autowired
    private SignWebServicePortType securityService;

    @Autowired
    private CryptoServicePortType securityService2;

    @Autowired
    private SystemPropertiesDao systemPropertiesDao;

    @Autowired
    protected MessagesUtil messagesUtil;

    @Autowired
    protected MessagesDao messagesDao;
    private String cryptoServiceType;
    private boolean checkSignature;
    private boolean isValidate;
    private int csReqQuantity;
    private long csReqDelay;
    private static final /* synthetic */ JoinPoint.StaticPart ajc$tjp_0 = null;

    @Transactional
    @PostConstruct
    public void init() {
        try {
            try {
                AnnotationTransactionAspect.aspectOf().ajc$before$org_springframework_transaction_aspectj_AbstractTransactionAspect$1$2a73e96c(this, ajc$tjp_0);
                this.checkSignature = Boolean.valueOf(this.systemPropertiesDao.getById(SystemPropertiesDao.SPG_MERCHANT_SERVICE_CHECK_SIGNATURE_ON_CODE).getValue()).booleanValue();
                this.classLoader = Thread.currentThread().getContextClassLoader();
                initValidationSchema();
                this.schemaValidator = this.merchantServiceSchema.newValidator();
                this.FAULT_SYSTEM_EXCEPTION = this.messagesUtil.createFault(getMessage(Integer.valueOf(MerchantServiceMessagesConstants.Common.FAULT_SYSTEM_EXCEPTION)));
                this.FAULT_VALIDATION_EXCEPTION = this.messagesUtil.createFault(getMessage(Integer.valueOf(MerchantServiceMessagesConstants.Common.FAULT_VALIDATION_EXCEPTION)));
                this.FAULT_SIGNATURE_EXCEPTION = this.messagesUtil.createFault(getMessage(Integer.valueOf(MerchantServiceMessagesConstants.Common.FAULT_SIGNATURE_EXCEPTION)));
                this.cryptoServiceType = this.systemPropertiesDao.getById(SystemProperties.SECURITY_SERVICE_CLIENT).getValue();
                this.isValidate = Boolean.valueOf(this.systemPropertiesDao.getById(SystemProperties.MERCHANT_SERVICE_VALIDATION).getValue()).booleanValue();
                AnnotationTransactionAspect.aspectOf().ajc$afterReturning$org_springframework_transaction_aspectj_AbstractTransactionAspect$3$2a73e96c(this);
            } catch (Throwable th) {
                AnnotationTransactionAspect.aspectOf().ajc$afterThrowing$org_springframework_transaction_aspectj_AbstractTransactionAspect$2$2a73e96c(this, th);
                throw th;
            }
        } finally {
            AnnotationTransactionAspect.aspectOf().ajc$after$org_springframework_transaction_aspectj_AbstractTransactionAspect$4$2a73e96c(this);
        }
    }

    public SecurityInInterceptor() {
        super(Phase.UNMARSHAL);
        this.logger = LoggerFactory.getLogger(getClass().getName());
    }

    @Override // org.apache.cxf.interceptor.Interceptor
    public void handleMessage(SoapMessage soapMessage) throws Fault {
        NodeList elementsByTagNameNS;
        NodeList elementsByTagNameNS2;
        NodeList elementsByTagNameNS3;
        NodeList elementsByTagNameNS4;
        NodeList elementsByTagNameNS5;
        try {
            String soapAction = SoapActionInInterceptor.getSoapAction(soapMessage);
            this.logger.debug("Operation name is {}", soapAction);
            SOAPMessage sOAPMessage = (SOAPMessage) soapMessage.getContent(SOAPMessage.class);
            if (sOAPMessage != null) {
                SOAPBody sOAPBody = sOAPMessage.getSOAPBody();
                boolean z = true;
                if (OPERATION_REGISTER_COMMISSION.equals(soapAction)) {
                    Node item = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_MESSAGES_V1_NAMESPACE, OPERATION_REGISTER_COMMISSION_ROOT_ELEMENT).item(0);
                    validateRequest(item);
                    soapMessage.put(MerchantServiceMessagesConstants.Request.REQUEST_MESSAGE_CONTEXT_PARAM_NAME, (Object) nodeToString(item));
                    if (this.checkSignature && (elementsByTagNameNS5 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE, SignatureAttribute.tag)) != null && elementsByTagNameNS5.getLength() > 0) {
                        z = checkMessageSignature(item);
                    }
                } else if (OPERATION_CHECK_PAYMENT_STATUS.equals(soapAction)) {
                    Node item2 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_MESSAGES_V1_NAMESPACE, OPERATION_CHECK_PAYMENT_STATUS_ROOT_ELEMENT).item(0);
                    validateRequest(item2);
                    soapMessage.put(MerchantServiceMessagesConstants.Request.REQUEST_MESSAGE_CONTEXT_PARAM_NAME, (Object) nodeToString(item2));
                    if (this.checkSignature && (elementsByTagNameNS4 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE, SignatureAttribute.tag)) != null && elementsByTagNameNS4.getLength() > 0) {
                        z = checkMessageSignature(item2);
                    }
                } else if (OPERATION_GET_DEAD_PAYMENTS.equals(soapAction)) {
                    Node item3 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_MESSAGES_V1_NAMESPACE, OPERATION_GET_DEAD_PAYMENTS_ROOT_ELEMENT).item(0);
                    validateRequest(item3);
                    soapMessage.put(MerchantServiceMessagesConstants.Request.REQUEST_MESSAGE_CONTEXT_PARAM_NAME, (Object) nodeToString(item3));
                    if (this.checkSignature && (elementsByTagNameNS3 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE, SignatureAttribute.tag)) != null && elementsByTagNameNS3.getLength() > 0) {
                        z = checkMessageSignature(item3);
                    }
                } else if (OPERATION_CONFIRM_PAYMENT.equals(soapAction)) {
                    Node item4 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_MESSAGES_V1_NAMESPACE, OPERATION_CONFIRM_PAYMENT_ROOT_ELEMENT).item(0);
                    validateRequest(item4);
                    soapMessage.put(MerchantServiceMessagesConstants.Request.REQUEST_MESSAGE_CONTEXT_PARAM_NAME, (Object) nodeToString(item4));
                    if (this.checkSignature) {
                        boolean z2 = false;
                        Node item5 = sOAPBody.getElementsByTagNameNS("http://roskazna.ru/xsd/PaymentInfo", OPERATION_CONFIRM_PAYMENT_CHECK_SIGNATURE_ELEMENT_1).item(0);
                        boolean z3 = false;
                        if (item5 != null) {
                            z2 = true;
                            z = checkMessageSignature(item5);
                        } else {
                            Node item6 = sOAPBody.getElementsByTagNameNS("http://roskazna.ru/xsd/PaymentInfo", OPERATION_CONFIRM_PAYMENT_CHECK_SIGNATURE_ELEMENT_2).item(0);
                            if (item6 != null) {
                                z2 = true;
                                if (item6.getOwnerDocument().getElementsByTagNameNS(SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE, SignatureAttribute.tag).item(0) != null) {
                                    z3 = true;
                                    z = checkMessageSignature(item6);
                                }
                            }
                        }
                        if (!z2) {
                            NodeList elementsByTagNameNS6 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE, SignatureAttribute.tag);
                            if (elementsByTagNameNS6 != null && elementsByTagNameNS6.getLength() == 1) {
                                z = checkMessageSignature(item4);
                            }
                        } else if (z && (elementsByTagNameNS2 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE, SignatureAttribute.tag)) != null && ((elementsByTagNameNS2.getLength() == 2 && item5 != null) || (elementsByTagNameNS2.getLength() == 2 && z3))) {
                            z = checkMessageSignature(item4);
                        }
                    }
                } else {
                    if (!OPERATION_REGISTER_PAYMENT.equals(soapAction)) {
                        this.logger.error("Нереализованная операция.");
                        throw this.FAULT_VALIDATION_EXCEPTION;
                    }
                    Node item7 = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_MESSAGES_V1_NAMESPACE, OPERATION_REGISTER_PAYMENT_ROOT_ELEMENT).item(0);
                    validateRequest(item7);
                    soapMessage.put(MerchantServiceMessagesConstants.Request.REQUEST_MESSAGE_CONTEXT_PARAM_NAME, (Object) nodeToString(item7));
                    if (this.checkSignature) {
                        z = checkMessageSignature(sOAPBody.getElementsByTagNameNS(OPERATION_REGISTER_PAYMENT_CHECK_SIGNATURE_ELEMENT_NS, OPERATION_REGISTER_PAYMENT_CHECK_SIGNATURE_ELEMENT).item(0));
                        if (z && (elementsByTagNameNS = sOAPBody.getElementsByTagNameNS(SPG_MERCHANT_SERVICE_SIGNATURE_NAMESPACE, SignatureAttribute.tag)) != null && elementsByTagNameNS.getLength() == 2) {
                            z = checkMessageSignature(item7);
                        }
                    }
                }
                if (z) {
                    return;
                }
                this.logger.error("Неверная ЭЦП");
                throw this.FAULT_SIGNATURE_EXCEPTION;
            }
        } catch (Exception e) {
            if (e instanceof FaultResponse) {
                throw new Fault(e);
            }
            this.logger.error(e.getMessage(), (Throwable) e);
            throw new Fault(this.FAULT_SYSTEM_EXCEPTION);
        }
    }

    private synchronized void validateRequest(Node node) throws FaultResponse {
        try {
            if (this.isValidate) {
                this.schemaValidator.validate(new DOMSource(node));
            }
        } catch (Exception e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            throw this.FAULT_VALIDATION_EXCEPTION;
        }
    }

    public boolean checkMessageSignature(Node node) throws Exception {
        if ("OTR".equals(this.cryptoServiceType)) {
            for (int i = 0; i < this.csReqQuantity; i++) {
                try {
                    this.logger.debug("Выполнение вызова метода checkSignXml крипто-сервиса. Попытка '{}'.", Integer.valueOf(i + 1));
                    return MerchantServiceMessagesConstants.Signature.SIGNATURE_RESPONSE_SUCCESS.equalsIgnoreCase(this.securityService.checkSignXml(nodeToString(node).getBytes("UTF-8")).getResultCode());
                } catch (Exception e) {
                    this.logger.error("Во время выполнения метода checkSignXml крипто-сервиса на попытке '{}' возникла ошибка.", Integer.valueOf(i + 1));
                    this.logger.error(e.getMessage(), (Throwable) e);
                    if (i + 1 == this.csReqQuantity) {
                        throw e;
                    }
                    this.logger.debug("Выполнение задержки в '{}' секунд, перед повторным вызовом крипто-сервиса.", Long.valueOf(this.csReqDelay / 1000));
                    Thread.sleep(this.csReqDelay);
                }
            }
            return true;
        }
        if (!"BSS".equals(this.cryptoServiceType)) {
            throw new RuntimeException("Не определен крипто-сервис. Убедитесь в правильности системных настроек.");
        }
        for (int i2 = 0; i2 < this.csReqQuantity; i2++) {
            try {
                this.logger.debug("Выполнение вызова метода checkXml крипто-сервиса. Попытка '{}'.", Integer.valueOf(i2 + 1));
                return MerchantServiceMessagesConstants.Signature.SIGNATURE_RESPONSE_SUCCESS.equalsIgnoreCase(this.securityService2.checkXml(nodeToString(node).getBytes("UTF-8")).getResultCode());
            } catch (Exception e2) {
                this.logger.error("Во время выполнения метода checkSignXml крипто-сервиса на попытке '{}' возникла ошибка.", Integer.valueOf(i2 + 1));
                this.logger.error(e2.getMessage(), (Throwable) e2);
                if (i2 + 1 == this.csReqQuantity) {
                    throw e2;
                }
                this.logger.debug("Выполнение задержки в '{}' секунд, перед повторным вызовом крипто-сервиса.", Long.valueOf(this.csReqDelay / 1000));
                Thread.sleep(this.csReqDelay);
            }
        }
        return true;
    }

    private String nodeToString(Node node) {
        StringWriter stringWriter = new StringWriter();
        try {
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            newTransformer.setOutputProperty("omit-xml-declaration", "yes");
            newTransformer.transform(new DOMSource(node), new StreamResult(stringWriter));
        } catch (TransformerException unused) {
            this.logger.error("nodeToString Transformer Exception");
        }
        return stringWriter.toString();
    }

    private void initValidationSchema() {
        try {
            this.merchantServiceSchema = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema").newSchema(this.classLoader.getResource("wsdl/xsd/merchant/spg-merchant-service-messages-v1.xsd"));
        } catch (SAXException e) {
            this.logger.error(e.getMessage(), (Throwable) e);
            throw new RuntimeException(e);
        }
    }

    protected Messages getMessage(Integer num) {
        return this.messagesDao.getById(num);
    }

    public void setCsReqQuantity(int i) {
        this.csReqQuantity = i;
    }

    public void setCsReqDelay(long j) {
        this.csReqDelay = j;
    }

    static {
        ajc$preClinit();
    }

    private static /* synthetic */ void ajc$preClinit() {
        Factory factory = new Factory("SecurityInInterceptor.java", SecurityInInterceptor.class);
        ajc$tjp_0 = factory.makeSJP(JoinPoint.METHOD_EXECUTION, factory.makeMethodSig("1", "init", "com.bssys.spg.merchant.service.interceptor.SecurityInInterceptor", "", "", "", "void"), 107);
    }
}
