package kd.bos.openapi.service.security.controller;

import java.util.HashMap;
import java.util.Map;
import kd.bos.encrypt.EncrypterFactory;
import kd.bos.openapi.base.security.api.impl.ApiSecurityFactory;
import kd.bos.openapi.base.security.auth.impl.AuthHandleServiceFactory;
import kd.bos.openapi.common.constant.ApiErrorCode;
import kd.bos.openapi.common.custom.annotation.ApiController;
import kd.bos.openapi.common.custom.annotation.ApiMapping;
import kd.bos.openapi.common.custom.annotation.ApiParam;
import kd.bos.openapi.common.custom.annotation.ApiPostMapping;
import kd.bos.openapi.common.exception.OpenApiException;
import kd.bos.openapi.common.result.CustomApiResult;
import kd.bos.openapi.common.util.Pair;
import kd.bos.openapi.security.CertKeyUtil;
import kd.bos.openapi.security.model.CertificateInfo;
import kd.bos.openapi.security.model.Open3rdappsDto;

@ApiMapping("/openapi/gen")
@ApiController(value = "dev", desc = "生成Key服务")
/* loaded from: input_file:kd/bos/openapi/service/security/controller/GeneratorKeyController.class */
public class GeneratorKeyController {
    @ApiPostMapping(value = "/rsaKey", desc = "生成RSA的私钥和公钥")
    public CustomApiResult<Map<String, String>> rsaKey() {
        Pair generatePairKey = AuthHandleServiceFactory.getCertServiceInstance().generatePairKey();
        HashMap hashMap = new HashMap();
        hashMap.put("prk", generatePairKey.getKey());
        hashMap.put("puk", generatePairKey.getValue());
        return CustomApiResult.success(hashMap);
    }

    @ApiPostMapping(value = "/getBosRsaPublicKey", desc = "获取平台RSA的公钥")
    public CustomApiResult<Map<String, String>> getBosRsaPublicKey(@ApiParam("accountId") String str, @ApiParam("thirdId") String str2) {
        Open3rdappsDto open3rdappsDtoBy = ApiSecurityFactory.getApiSecurityService().getOpen3rdappsDtoBy(str, Long.valueOf(Long.parseLong(str2)));
        if (!open3rdappsDtoBy.isSignAuthEnable()) {
            throw new OpenApiException(ApiErrorCode.ERROR, "rsaKey failed: signAuthEnable is false", new Object[0]);
        }
        if (open3rdappsDtoBy.getSignType() == null) {
            throw new OpenApiException(ApiErrorCode.ERROR, "rsaKey failed: signType is null", new Object[0]);
        }
        try {
            CertificateInfo certificateInfo = (CertificateInfo) open3rdappsDtoBy.getCertMaps().get(CertKeyUtil.getCertKey("5", "0"));
            HashMap hashMap = new HashMap();
            String publicKeyBase64 = certificateInfo.getPublicKeyBase64();
            hashMap.put("bosPublicKey", EncrypterFactory.getEncrypter().isEncrypted(publicKeyBase64) ? EncrypterFactory.getEncrypter().decode(publicKeyBase64) : "");
            return CustomApiResult.success(hashMap);
        } catch (Exception e) {
            throw new OpenApiException(ApiErrorCode.ERROR, "rsaKey failed: error:" + e.getMessage(), new Object[0]);
        }
    }
}
