package asign

import (
	"bytes"
	"crypto"
	"crypto/md5"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha1"
	"crypto/x509"
	"encoding/base64"
	"encoding/hex"
	"encoding/pem"
	"fmt"
	"io"
	"mime/multipart"
	"mtp2_if/config"
	"mtp2_if/logger"
	"net/http"
	"sort"
	"strconv"
	"strings"
	"time"
)

// HttpPost
//
//	爱签HttpPost请求方法
func HttpPost(apiUrl string, bizData map[string]interface{}) (rspBody []byte, err error) {
	appId := config.SerCfg.AsignCfg.AppId
	privateKey := fmt.Sprintf("-----BEGIN PRIVATE KEY-----\n%s\n-----END PRIVATE KEY-----", config.SerCfg.AsignCfg.PrivateKey)

	// fuck asign dev.
	timestamp := strconv.Itoa(int(time.Now().UnixMilli() + 1000*60))

	// 签名
	sortedData := sortMapByKey(bizData)
	signature, err := getSignature(sortedData, appId, timestamp, privateKey)
	if err != nil {
		logger.GetLogger().Errorf("[asign.HttpPost] 签名失败:" + err.Error())
		return
	}

	// 构建form-data请求参数
	var requestBody bytes.Buffer
	multipartWriter := multipart.NewWriter(&requestBody)
	multipartWriter.WriteField("appId", appId)
	multipartWriter.WriteField("timestamp", timestamp)
	multipartWriter.WriteField("bizData", sortedData)
	multipartWriter.Close()
	// 构建请求
	req, err := http.NewRequest("POST", apiUrl, &requestBody)
	// 设置请求头
	req.Header.Set("sign", signature)
	req.Header.Set("timestamp", timestamp)
	req.Header.Set("Content-Type", multipartWriter.FormDataContentType())

	// 调用接口
	client := &http.Client{}
	rsp, err := client.Do(req)
	if err != nil {
		logger.GetLogger().Errorf("[asign.HttpPost] 调用接口失败:" + err.Error())
		return
	}
	defer rsp.Body.Close()
	rspBody, err = io.ReadAll(rsp.Body)

	return
}

// 签名规范：
// 1、表单提交方式：form-data
// 示例：1B2M2Y8AsgTpgAmY7PhCfg==
// 2、请求头部参数
// 参数1：sign（签名值，具体算法参考一下的前面算法）
// 参数2：timestamp（时间戳，13位）
// 3、请求体参数：
// 参数1：appId（appId值，每个接入者唯一一个）
// 参数2：timestamp（时间戳，13位，与上述一致）
// 参数3：bizData（json字符串，举个例子，比方说要传合同编号如：{"contractNo":"0001"}）
// 4、签名算法：
// 4.1、将上述3所属的bizData（json字符串），按照阿拉伯字母排序(如：{"ba":1,"ac":2}--->{"ac":2,"ba":1})，
// 4.2、将4.1排序后的字符串，将【bizData+md5（bizData）+ appId + timestatmp】拼接后利用RSA非对称加密算法（SHA1withRSA），计算出最后的签名sign，对其base64编码，放入head的key（sign）中。
//
//	 String  sign ;
//	 String  rsaSuffix = jsonStr + DigestUtils.md5Hex ( jsonStr ) + appId + timestatmp ;
//	 byte  []  bytes = RSAUtils.generateSHA1withRSASignature ( rsaSuffix, privateKey ) ;
//	 try {
//	     sign = Base64Utils.encode ( bytes ) ;
//	     sign = sign.replaceAll ( " \r\n" , "" ) ;
//	 }  catch ( Exception e )  {
//	     log.error( "sdk异常",  e ) ;
//	     return  ApiRespBody.create ( ApiResponseInfo. _ERROR ) ;
//	}
func getSignature(sortedData string, appId, timestamp, privateKey string) (signature string, err error) {
	pem10, _ := pem.Decode([]byte(privateKey))
	privateKey10I, _ := x509.ParsePKCS8PrivateKey(pem10.Bytes)
	privateKey10 := privateKey10I.(*rsa.PrivateKey)

	// md5（bizData）
	m := md5.New()
	m.Write([]byte(sortedData))
	bdMd5Hx := hex.EncodeToString(m.Sum(nil))

	// 待签内容
	message := sortedData + bdMd5Hx + appId + timestamp
	h := sha1.New()
	h.Write([]byte(message))
	sum := h.Sum(nil)

	// 使用私钥进行签名
	sign, err := rsa.SignPKCS1v15(rand.Reader, privateKey10, crypto.SHA1, sum)
	if err != nil {
		fmt.Println("Error signing:", err)
		return
	}

	// fmt.Println(signature)
	signature = base64.StdEncoding.EncodeToString(sign)
	signature = strings.ReplaceAll(signature, "\r\n", "")

	return
}

// sortMapByKey 按key排序map返回string
func sortMapByKey(data map[string]interface{}) (sortedData string) {
	keys := make([]string, 0, len(data))
	for k := range data {
		keys = append(keys, k)
	}
	sort.Strings(keys)
	for i, k := range keys {
		if i > 0 {
			sortedData += ","
		}
		switch data[k].(type) {
		case string:
			sortedData += fmt.Sprintf(`"%s":"%s"`, k, data[k].(string))
		case map[string]interface{}:
			sortedData += fmt.Sprintf(`"%s":%s`, k, sortMapByKey(data[k].(map[string]interface{})))
		case []interface{}:
			list := data[k].([]interface{})
			sortedData += fmt.Sprintf(`"%s":[`, k)
			for j, item := range list {
				if j > 0 {
					sortedData += ","
				}
				sortedData += sortMapByKey(item.(map[string]interface{}))
			}
			sortedData += "]"
		default:
			sortedData += fmt.Sprintf(`"%s":%v`, k, data[k])
		}
	}

	return fmt.Sprintf("{%s}", sortedData)
}

// func main() {
// 	datas := make(map[string]interface{})
// 	json.Unmarshal([]byte(`{"account":"12345","name":"张三","map":{"ccc":"adfasd","aaa":34355},"list":[{"ccc":"adfasd","aaa":34355},{"dddd":"8ghg","kkkk":12.55}]}`), &datas)
// 	getSignature(datas, "290912417", "1701866011940",
// 		`-----BEGIN PRIVATE KEY-----
// MIIBUwIBADANBgkqhkiG9w0BAQEFAASCAT0wggE5AgEAAkEAkMD+72J6iAF0ZNV+3t628lsRHfJ80nKZWK5/C7Pg+AZmOIzJlwHsKhRzCvxoxqYHQprhiFzW9l73v9vD9l1JYwIDAQABAkBVijccr01JYdKuY5t9iI8D2NzcnZc1pZMI3NUmzT18Uyg7b9CUvGHlLeg/gdT4QtVd7wIzHYCY4letEcEMh54BAiEAwzNWusj5XiLmty7PI0Hbakx4HtcND1+P0UHLEWqWOuECIQC91zQuL7nStgGzT3HvaeBB5Ouapa39fHRm2nCjHaxwwwIgRR2XdvmUOj23XWMomr5F14SN/7V7fVcD0D8wjNElsmECIDYavV5kb7tj7/wgqkInlKhzC8rZaUsTS0F9BBkY/eptAiAQJ8Saz8YlMIESdHMxANGSog01fECbcZqLFMuNf8SorA==
// -----END PRIVATE KEY-----`)
// }