package cn.omisheep.authz.core.auth.ipf;

import cn.omisheep.authz.core.ExceptionStatus;
import cn.omisheep.authz.core.config.Constants;
import cn.omisheep.authz.core.util.Utils;
import cn.omisheep.web.utils.BufferedServletRequestWrapper;
import cn.omisheep.web.utils.HttpUtils;
import java.io.IOException;
import java.util.Date;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.filter.OncePerRequestFilter;

/* loaded from: input_file:cn/omisheep/authz/core/auth/ipf/AuthzHttpFilter.class */
public class AuthzHttpFilter extends OncePerRequestFilter {
    private static final Logger log = LoggerFactory.getLogger(AuthzHttpFilter.class);
    private final Httpd httpd;
    private final boolean isDashboard;
    private final String mappings;
    private static final String UNKNOWN = "unknown";
    private static final String X_FORWARDED_FOR = "x-forwarded-for";
    private static final String PROXY_CLIENT_IP = "Proxy-Client-IP";
    private static final String WL_PROXY_CLIENT_IP = "WL-Proxy-Client-IP";
    private static final String HTTP_CLIENT_IP = "HTTP_CLIENT_IP";
    private static final String HTTP_X_FORWARDED_FOR = "HTTP_X_FORWARDED_FOR";
    private static final String X_REAL_IP = "X-Real-IP";

    public AuthzHttpFilter(Httpd httpd, boolean z, String str) {
        this.httpd = httpd;
        this.isDashboard = z;
        String substring = str.substring(0, str.indexOf("/*"));
        if (str.startsWith("/")) {
            this.mappings = substring;
        } else {
            this.mappings = "/" + substring;
        }
    }

    public void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
        HttpServletRequest bufferedServletRequestWrapper = StringUtils.startsWithIgnoreCase(httpServletRequest.getContentType(), "multipart/") ? httpServletRequest : new BufferedServletRequestWrapper(httpServletRequest);
        String ip = getIp(bufferedServletRequestWrapper);
        String requestURI = bufferedServletRequestWrapper.getRequestURI();
        String method = bufferedServletRequestWrapper.getMethod();
        new Date().getTime();
        String servletPath = bufferedServletRequestWrapper.getServletPath();
        HttpUtils.request.set(bufferedServletRequestWrapper);
        if (Utils.isIgnoreSuffix(requestURI, this.httpd.getIgnoreSuffix()) || (this.isDashboard && requestURI.startsWith(this.mappings))) {
            HttpMeta httpMeta = new HttpMeta(bufferedServletRequestWrapper, ip, requestURI, servletPath, method, new Date());
            httpMeta.setIgnore(true);
            bufferedServletRequestWrapper.setAttribute(Constants.HTTP_META, httpMeta);
            httpMeta.setServletPath(servletPath);
            filterChain.doFilter(bufferedServletRequestWrapper, httpServletResponse);
            return;
        }
        String pattern = this.httpd.getPattern(method, servletPath);
        HttpMeta httpMeta2 = new HttpMeta(bufferedServletRequestWrapper, ip, requestURI, pattern == null ? servletPath : pattern, method, new Date());
        if (pattern == null) {
            httpMeta2.log("「普通访问(uri不存在)」 \tmethod: [{}] , ip : [{}] , servletPath: [{}]   ", method, ip, servletPath);
            httpMeta2.error(ExceptionStatus.MISMATCHED_URL);
        }
        httpMeta2.setServletPath(servletPath);
        bufferedServletRequestWrapper.setAttribute(Constants.HTTP_META, httpMeta2);
        filterChain.doFilter(bufferedServletRequestWrapper, httpServletResponse);
    }

    private String getIp(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(X_FORWARDED_FOR);
        if (header == null || header.length() == 0 || UNKNOWN.equalsIgnoreCase(header)) {
            if (header == null || header.length() == 0 || UNKNOWN.equalsIgnoreCase(header)) {
                header = httpServletRequest.getHeader(PROXY_CLIENT_IP);
            }
            if (header == null || header.length() == 0 || UNKNOWN.equalsIgnoreCase(header)) {
                header = httpServletRequest.getHeader(WL_PROXY_CLIENT_IP);
            }
            if (header == null || header.length() == 0 || UNKNOWN.equalsIgnoreCase(header)) {
                header = httpServletRequest.getHeader(HTTP_CLIENT_IP);
            }
            if (header == null || header.length() == 0 || UNKNOWN.equalsIgnoreCase(header)) {
                header = httpServletRequest.getHeader(HTTP_X_FORWARDED_FOR);
            }
            if (header == null || header.length() == 0 || UNKNOWN.equalsIgnoreCase(header)) {
                header = httpServletRequest.getHeader(X_REAL_IP);
            }
            if (header == null || header.length() == 0 || UNKNOWN.equalsIgnoreCase(header)) {
                header = httpServletRequest.getRemoteAddr();
            }
        } else if (header.length() > 15) {
            String[] split = header.split(Constants.COMMA);
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str = split[i];
                if (!UNKNOWN.equalsIgnoreCase(str)) {
                    header = str;
                    break;
                }
                i++;
            }
        }
        return header.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : header;
    }
}
