package com.apache.portal.filter;

import com.apache.passport.common.PassportHelper;
import com.apache.portal.common.oscache.BaseOsCache;
import com.apache.portal.common.oscache.OsCacheManager;
import com.apache.portal.common.oscache.OsCacheOtherManager;
import com.apache.rpc.common.LoadRpcService;
import com.apache.rpc.common.RpcUtil;
import com.apache.rpc.entity.InterfaceRegister;
import com.apache.tools.StrUtil;
import com.apache.uct.common.ToolsUtil;
import com.apache.uct.common.filter.UctSupperFilter;
import java.io.PrintWriter;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/apache/portal/filter/PortalPubSuperFilter.class */
public abstract class PortalPubSuperFilter extends UctSupperFilter {
    protected static final String SUFFIX = "js,css,png,jpg,gif,bmp,swf,fla,ico";
    protected BaseOsCache oscache;
    private InterfaceRegister register;
    private Pattern p;
    private Matcher m;
    protected Logger log = LoggerFactory.getLogger(getClass());
    protected String login_url = "";
    protected String customLogin = "";
    protected String cookieName = "";
    protected String sysEname = "";
    protected String login_pass = "";
    protected String reqUrl = "";
    protected String reqType = "";
    protected String checkIp = "";
    protected String checkPort = "";
    protected String isClearSession = "";
    protected String sessionKey = "loginUser";
    protected String errorPage = "";
    private String[] inj_str = {"<script", "confirm(", "prompt(", "eval(", "function(", "alert(", ":alert", "ltrim(", "[window[", "<iframe", "<a href", "<input ", "<img", "<audio", "onerror\\=", "ltrim(", "{tostring:", "</script", "</style", "href="};

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.sysCode = "portal";
        initValue();
        this.errorPage = StrUtil.doNull(filterConfig.getInitParameter("errorPage"), "/error.action");
        this.oscache = OsCacheOtherManager.getInstance().getBaseOsCache("sso_token_", 300);
        String valueByKey = ToolsUtil.getInstance().getValueByKey("config.properties", "rpc.version");
        if (StrUtil.isNotNull(valueByKey)) {
            RpcUtil.getInstance().setVersion(valueByKey);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initValue() {
        this.customLogin = ToolsUtil.getInstance().getValueByKey("custom_login");
        this.login_url = ToolsUtil.getInstance().getValueByKey("uct_server");
        this.cookieName = ToolsUtil.getInstance().getValueByKey("cookieName");
        this.sysEname = ToolsUtil.getInstance().getValueByKey("sysEname");
        this.login_pass = ToolsUtil.getInstance().getValueByKey("login.pass");
        this.reqUrl = ToolsUtil.getInstance().getValueByKey("req_url");
        this.reqType = ToolsUtil.getInstance().getValueByKey("req_type");
        this.checkIp = ToolsUtil.getInstance().getValueByKey("check_url");
        this.checkPort = ToolsUtil.getInstance().getValueByKey("check_port");
        this.isClearSession = ToolsUtil.getInstance().getValueByKey("is_clear_session");
        String valueByKey = ToolsUtil.getInstance().getValueByKey("security_filter_strs");
        if (StrUtil.isNull(valueByKey)) {
            return;
        }
        this.inj_str = valueByKey.split(",");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JSONObject ssoSend(String str, String str2, String str3, String str4) {
        HashMap hashMap = new HashMap();
        if (StrUtil.isNotNull(str4)) {
            hashMap.put("userEname", str4);
        }
        hashMap.put("tokenId", str);
        hashMap.put("sysEname", this.sysEname);
        hashMap.put("sysAccreditip", str2);
        return JSONObject.fromObject(LoadRpcService.service().doServiceClient("ssoService", str3, hashMap, getInterfaceRegister()));
    }

    private InterfaceRegister getInterfaceRegister() {
        if (null == this.register) {
            this.register = new InterfaceRegister();
            String doNull = StrUtil.doNull(this.reqType, ToolsUtil.getInstance().getValueByKey("req_type"));
            String doNull2 = StrUtil.doNull(this.checkIp, ToolsUtil.getInstance().getValueByKey("check_url"));
            if ("socket".equals(doNull)) {
                String doNull3 = StrUtil.doNull(this.checkPort, ToolsUtil.getInstance().getValueByKey("check_port"));
                this.register.setAddress(doNull2);
                this.register.setPort(doNull3);
                this.register.setCallType("socket");
            } else {
                String doNull4 = StrUtil.doNull(this.reqUrl, ToolsUtil.getInstance().getValueByKey("req_url"));
                this.register.setAddress(doNull4);
                if (doNull4.startsWith("https:")) {
                    this.register.setCallType("https");
                } else {
                    this.register.setCallType("http");
                }
            }
        }
        return this.register;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void clearCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        String currCookie = PassportHelper.getInstance().getCurrCookie(httpServletRequest);
        if (null != cookies) {
            try {
                if (cookies.length > 0) {
                    for (Cookie cookie : cookies) {
                        Cookie cookie2 = new Cookie(cookie.getName(), (String) null);
                        cookie2.setMaxAge(0);
                        cookie2.setPath("/");
                        cookie2.setPath(str);
                        httpServletResponse.addCookie(cookie2);
                    }
                }
            } catch (Exception e) {
                this.log.warn("msg:[清空Cookies发生异常!]");
                e.printStackTrace();
            }
        }
        String doNull = StrUtil.doNull(String.valueOf(this.oscache.get(httpServletRequest.getSession().getId())), currCookie);
        if (StrUtil.isNotNull(doNull)) {
            this.oscache.remove(doNull);
            this.oscache.remove(httpServletRequest.getSession().getId());
            this.oscache.remove("checkToken_" + doNull);
            OsCacheManager.getInstance().removeLoginUser(doNull);
        }
        if ("0".equals(this.isClearSession)) {
            return;
        }
        Enumeration attributeNames = httpServletRequest.getSession().getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            httpServletRequest.getSession().removeAttribute(attributeNames.nextElement().toString());
        }
        httpServletRequest.getSession().invalidate();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void sendErrorPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            if ("XMLHttpRequest".equals(httpServletRequest.getHeader("X-Requested-With"))) {
                httpServletResponse.setContentType("text/html;charset=utf-8");
                PrintWriter writer = httpServletResponse.getWriter();
                writer.write("{\"flag\":\"F\",\"msg\":\"非法请求！\"}");
                writer.flush();
                writer.close();
            } else {
                httpServletRequest.setAttribute("errors", "警告！非法请求！！");
                httpServletRequest.getRequestDispatcher("/common/error.jsp").forward(httpServletRequest, httpServletResponse);
            }
        } catch (Exception e) {
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean checkSecurity(HttpServletRequest httpServletRequest) {
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.toLowerCase().contains("/owa_util.signature") || requestURI.toLowerCase().contains("/sqlnet.trc")) {
            this.log.error("非法请求参数=" + requestURI);
            return true;
        }
        if (StrUtil.isNotNull(httpServletRequest.getParameter("formToken"))) {
            return false;
        }
        String valueByKey = ToolsUtil.getInstance().getValueByKey("is_open_security_filter");
        this.log.warn("是否开启安全拦截过滤[is_open_security_filter]：" + valueByKey);
        if (!"true".equalsIgnoreCase(valueByKey)) {
            return false;
        }
        String queryString = httpServletRequest.getQueryString();
        this.log.info("request.getQueryString->" + queryString);
        if (StrUtil.isNull(queryString)) {
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            while (parameterNames.hasMoreElements()) {
                for (String str : httpServletRequest.getParameterValues((String) parameterNames.nextElement())) {
                    queryString = queryString + str;
                }
            }
        }
        String str2 = httpServletRequest.getHeader("Referer") + queryString;
        if (StrUtil.isNull(str2)) {
            return false;
        }
        String replace = str2.toLowerCase().replace("%28", "(").replace("%2b", "+").replace("%3c", "<").replace("%27", "'").replace("%5b", "[").replace("%5d", "]").replace("%3d", "=").replace("%7c", "|").replace("%7b", "{").replace("%3a", ":").replace("%2f", "/").replace("%20", " ");
        for (int i = 0; i < this.inj_str.length; i++) {
            if (replace.indexOf(this.inj_str[i]) >= 0) {
                this.log.error("非法请求参数地址=" + replace + ", 拦截的关键词=" + this.inj_str[i]);
                return true;
            }
        }
        return isEqualString(replace);
    }

    private boolean isEqualString(String str) {
        this.p = Pattern.compile("(<[a-zA-Z].*?>)|(<[\\/][a-zA-Z].*?>)");
        this.m = this.p.matcher(str);
        return this.m.matches();
    }
}
