package cn.omisheep.authz.support.http;

import cn.omisheep.authz.core.Authz;
import cn.omisheep.authz.core.Constants;
import cn.omisheep.authz.core.VersionInfo;
import cn.omisheep.authz.core.auth.AuthzModifier;
import cn.omisheep.authz.core.auth.ipf.HttpMeta;
import cn.omisheep.authz.core.util.Utils;
import cn.omisheep.authz.support.util.IPAddress;
import cn.omisheep.authz.support.util.IPRange;
import cn.omisheep.authz.support.util.IPRangeMeta;
import cn.omisheep.authz.support.util.SupportUtils;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/omisheep/authz/support/http/SupportServlet.class */
public class SupportServlet extends HttpServlet {
    private static final Logger log = LoggerFactory.getLogger(SupportServlet.class);
    public static final String SESSION_USER_KEY = "authz-dashboard-user";
    public static final String PARAM_NAME_USERNAME = "username";
    public static final String PARAM_NAME_PASSWORD = "password";
    public static final String PARAM_NAME_ALLOW = "allow";
    public static final String PARAM_NAME_DENY = "deny";
    public static final String PARAM_REMOTE_ADDR = "remoteAddress";
    protected final String resourcePath;
    protected String mappings;
    protected String username = null;
    protected String password = null;
    protected List<IPRange> allowList = new ArrayList();
    protected List<IPRange> denyList = new ArrayList();
    protected String remoteAddressHeader = null;
    protected String baseMapping = "";

    public SupportServlet(String str, String str2) {
        this.resourcePath = str;
        this.mappings = str2;
    }

    public void init() throws ServletException {
        initAuthEnv();
        String substring = this.mappings.substring(0, this.mappings.indexOf("/*"));
        if (this.mappings.startsWith("/")) {
            this.baseMapping = substring.substring(1);
        } else {
            this.baseMapping = substring;
        }
    }

    private void initAuthEnv() {
        String initParameter = getInitParameter(PARAM_NAME_USERNAME);
        if (!StringUtils.isEmpty(initParameter)) {
            this.username = initParameter;
        }
        String initParameter2 = getInitParameter(PARAM_NAME_PASSWORD);
        if (!StringUtils.isEmpty(initParameter2)) {
            this.password = initParameter2;
        }
        String initParameter3 = getInitParameter(PARAM_REMOTE_ADDR);
        if (!StringUtils.isEmpty(initParameter3)) {
            this.remoteAddressHeader = initParameter3;
        }
        try {
            this.allowList.addAll(IPRangeMeta.parse(getInitParameter(PARAM_NAME_ALLOW)));
        } catch (Exception e) {
            log.error("initParameter config error, allow : " + getInitParameter(PARAM_NAME_ALLOW), e);
        }
        try {
            this.denyList.addAll(IPRangeMeta.parse(getInitParameter(PARAM_NAME_DENY)));
        } catch (Exception e2) {
            log.error("initParameter config error, deny : " + getInitParameter(PARAM_NAME_DENY), e2);
        }
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String contextPath = httpServletRequest.getContextPath();
        String servletPath = httpServletRequest.getServletPath();
        String requestURI = httpServletRequest.getRequestURI();
        httpServletResponse.setCharacterEncoding("utf-8");
        if (contextPath == null) {
            contextPath = "";
        }
        String str = contextPath + servletPath;
        String substring = requestURI.substring(contextPath.length() + servletPath.length());
        if (!isPermittedRequest(httpServletRequest)) {
            returnResourceFile("/nopermit.html", str, httpServletResponse);
            return;
        }
        if ("/submitLogin".equals(substring)) {
            try {
                JSONObject parseObject = JSON.parseObject(((HttpMeta) httpServletRequest.getAttribute(Constants.HTTP_META)).getBody());
                if (parseObject == null) {
                    httpServletResponse.getWriter().print("error");
                    return;
                }
                String string = parseObject.getString(PARAM_NAME_USERNAME);
                String string2 = parseObject.getString(PARAM_NAME_PASSWORD);
                if (!this.username.equals(string) || !this.password.equals(string2)) {
                    httpServletResponse.getWriter().print("error");
                    return;
                } else {
                    httpServletRequest.getSession().setAttribute(SESSION_USER_KEY, this.username);
                    httpServletResponse.getWriter().print("success");
                    return;
                }
            } catch (Exception e) {
                httpServletResponse.getWriter().print("error");
                return;
            }
        }
        if (isRequireAuth() && !ContainsUser(httpServletRequest) && !"/login.html".equals(substring) && !substring.startsWith("/css") && !substring.startsWith("/js") && !substring.startsWith("/img") && !substring.equals("/favicon.ico")) {
            if (substring.startsWith("/api")) {
                httpServletResponse.getWriter().println("error");
                return;
            }
            if (contextPath.equals("") || contextPath.equals("/")) {
                httpServletResponse.sendRedirect("/" + this.baseMapping + "/login.html");
                return;
            } else if ("".equals(substring)) {
                httpServletResponse.sendRedirect(this.baseMapping + "/login.html");
                return;
            } else {
                httpServletResponse.sendRedirect("login.html");
                return;
            }
        }
        if ("".equals(substring)) {
            if (contextPath.equals("") || contextPath.equals("/")) {
                httpServletResponse.sendRedirect("/" + this.baseMapping + "/index.html");
                return;
            } else {
                httpServletResponse.sendRedirect(this.baseMapping + "/index.html");
                return;
            }
        }
        if ("/".equals(substring)) {
            httpServletResponse.sendRedirect("index.html");
        } else if (substring.startsWith("/api")) {
            interpretation(substring.substring(4), httpServletRequest, httpServletResponse);
        } else {
            returnResourceFile(substring, str, httpServletResponse);
        }
    }

    protected String getFilePath(String str) {
        return this.resourcePath + str;
    }

    public boolean isRequireAuth() {
        return this.username != null;
    }

    public boolean ContainsUser(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        return (session == null || session.getAttribute(SESSION_USER_KEY) == null) ? false : true;
    }

    protected void interpretation(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        HttpMeta httpMeta = (HttpMeta) httpServletRequest.getAttribute(Constants.HTTP_META);
        httpServletResponse.setContentType("application/json;charset=utf-8");
        if ("/modify".equals(str)) {
            httpServletResponse.getWriter().println(JSON.toJSONString(Authz.operate((AuthzModifier) JSON.parseObject(httpMeta.getBody(), AuthzModifier.class))));
        } else if ("/info".equals(str)) {
            httpServletResponse.getWriter().println(JSON.toJSONString(VersionInfo.getVersion()));
        }
    }

    protected void returnResourceFile(String str, String str2, HttpServletResponse httpServletResponse) throws IOException {
        String filePath = getFilePath(str);
        if (filePath.endsWith(".html")) {
            httpServletResponse.setContentType("text/html; charset=utf-8");
        }
        if (Utils.isIgnoreSuffix(str, ".jpg", ".png", ".gif")) {
            byte[] readByteArrayFromResource = SupportUtils.readByteArrayFromResource(filePath);
            if (readByteArrayFromResource != null) {
                httpServletResponse.getOutputStream().write(readByteArrayFromResource);
                return;
            }
            return;
        }
        String readFromResource = SupportUtils.readFromResource(filePath);
        if (readFromResource == null) {
            httpServletResponse.sendRedirect(str2 + "/index.html");
            return;
        }
        if (str.endsWith(".css")) {
            httpServletResponse.setContentType("text/css;charset=utf-8");
        } else if (str.endsWith(".js")) {
            httpServletResponse.setContentType("text/javascript;charset=utf-8");
        } else if (str.endsWith(".svg")) {
            httpServletResponse.setContentType("image/svg+xml");
        }
        httpServletResponse.getWriter().write(readFromResource);
    }

    public boolean isPermittedRequest(String str) {
        if ((str == null || str.indexOf(58) == -1) ? false : true) {
            return "0:0:0:0:0:0:0:1".equals(str) || (this.denyList.size() == 0 && this.allowList.size() == 0);
        }
        IPAddress iPAddress = new IPAddress(str);
        Iterator<IPRange> it = this.denyList.iterator();
        while (it.hasNext()) {
            if (it.next().isIPAddressInRange(iPAddress)) {
                return false;
            }
        }
        if (this.allowList.size() <= 0) {
            return true;
        }
        Iterator<IPRange> it2 = this.allowList.iterator();
        while (it2.hasNext()) {
            if (it2.next().isIPAddressInRange(iPAddress)) {
                return true;
            }
        }
        return false;
    }

    public boolean isPermittedRequest(HttpServletRequest httpServletRequest) {
        return isPermittedRequest(getRemoteAddress(httpServletRequest));
    }

    protected String getRemoteAddress(HttpServletRequest httpServletRequest) {
        String str = null;
        if (this.remoteAddressHeader != null) {
            str = httpServletRequest.getHeader(this.remoteAddressHeader);
        }
        if (str == null) {
            str = httpServletRequest.getRemoteAddr();
        }
        return str;
    }
}
