package cn.omisheep.authz.support.http;

import cn.omisheep.authz.core.AuthzProperties;
import cn.omisheep.authz.core.auth.ipf.HttpMeta;
import cn.omisheep.authz.core.cache.Cache;
import cn.omisheep.authz.core.config.Constants;
import cn.omisheep.authz.core.util.FormatUtils;
import cn.omisheep.authz.core.util.IPUtils;
import cn.omisheep.authz.support.entity.Docs;
import cn.omisheep.authz.support.entity.User;
import cn.omisheep.authz.support.http.handler.ApiHandler;
import cn.omisheep.authz.support.util.IPAddress;
import cn.omisheep.authz.support.util.IPRange;
import cn.omisheep.authz.support.util.IPRangeMeta;
import cn.omisheep.authz.support.util.SupportUtils;
import cn.omisheep.commons.util.TimeUtils;
import cn.omisheep.commons.util.UUIDBits;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/omisheep/authz/support/http/SupportServlet.class */
public class SupportServlet extends HttpServlet {
    private static final String resourceRootPath = "support/http/dist";
    private static final String resourcePath = "support/http/dist/authz-dashboard-static";
    private static final String nopermit = "support/http/nopermit.html";
    private final List<IPRange> allowList = new ArrayList();
    private final List<IPRange> denyList = new ArrayList();
    private final ApiHandler apiHandler = new ApiHandler();
    private final boolean requireLogin;
    private final Cache cache;
    private static final String UUID = "uuid";
    private static final String USERNAME = "username";
    private static final String PASSWORD = "password";
    private static long unresponsiveExpirationTime;
    private static final Logger log = LoggerFactory.getLogger(SupportServlet.class);
    private static final Set<User> users = new HashSet();

    public static boolean requireLogin() {
        return !users.isEmpty();
    }

    public SupportServlet(AuthzProperties.DashboardConfig dashboardConfig, Cache cache) {
        this.cache = cache;
        this.requireLogin = ((StringUtils.isEmpty(dashboardConfig.getUsername()) || StringUtils.isEmpty(dashboardConfig.getPassword())) && dashboardConfig.getUsers().isEmpty()) ? false : true;
        try {
            this.allowList.addAll(IPRangeMeta.parse(dashboardConfig.getAllow()));
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
        try {
            this.denyList.addAll(IPRangeMeta.parse(dashboardConfig.getDeny()));
        } catch (Exception e2) {
            log.error(e2.getMessage(), e2);
        }
        users.addAll((Collection) dashboardConfig.getUsers().stream().map(User::new).collect(Collectors.toList()));
        String username = dashboardConfig.getUsername();
        String password = dashboardConfig.getPassword();
        AuthzProperties.DashboardConfig.DashboardPermission[] permissions = dashboardConfig.getPermissions();
        if (!StringUtils.isEmpty(username) && !StringUtils.isEmpty(password)) {
            users.add(new User(username, password, null, permissions));
        }
        unresponsiveExpirationTime = TimeUtils.parseTimeValue(dashboardConfig.getUnresponsiveExpirationTime());
    }

    public static User login(String str, String str2, String str3, Cache cache) {
        if (users.isEmpty() || str == null || str2 == null) {
            return null;
        }
        try {
            Optional<User> findAny = users.stream().filter(user -> {
                return StringUtils.equals(user.getUsername(), str) && StringUtils.equals(user.getPassword(), str2);
            }).findAny();
            if (!findAny.isPresent()) {
                return null;
            }
            User uuid = findAny.get().m56clone().setIp(HttpMeta.currentHttpMeta().getIp()).setUuid(UUIDBits.getUUIDBits(16));
            cache.set(Constants.DASHBOARD_KEY_PREFIX.get() + uuid.getUuid(), (String) uuid, unresponsiveExpirationTime);
            return uuid;
        } catch (Exception e) {
            return null;
        }
    }

    public static User auth(HttpServletRequest httpServletRequest, String str, Cache cache) {
        User user = getUser(httpServletRequest, str, cache);
        return user == null ? login(httpServletRequest.getParameter(USERNAME), httpServletRequest.getParameter(PASSWORD), str, cache) : user;
    }

    public static User getUser(HttpServletRequest httpServletRequest, String str, Cache cache) {
        User user;
        if (str == null) {
            return null;
        }
        String header = httpServletRequest.getHeader(UUID);
        String parameter = header != null ? header : httpServletRequest.getParameter(UUID);
        if (parameter == null || (user = (User) cache.get(Constants.DASHBOARD_KEY_PREFIX.get() + parameter, User.class)) == null) {
            return null;
        }
        if (StringUtils.equals(str, user.getIp())) {
            return user;
        }
        cache.del(Constants.DASHBOARD_KEY_PREFIX.get() + parameter);
        return null;
    }

    public static User connectPkg(HttpServletRequest httpServletRequest, String str, Cache cache) {
        User user = getUser(httpServletRequest, str, cache);
        if (user == null) {
            return null;
        }
        cache.expire(Constants.DASHBOARD_KEY_PREFIX.get() + user.getUuid(), unresponsiveExpirationTime);
        return user;
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String contextPath = httpServletRequest.getContextPath();
        String servletPath = httpServletRequest.getServletPath();
        String requestURI = httpServletRequest.getRequestURI();
        if (contextPath == null) {
            contextPath = "";
        }
        String str = contextPath + servletPath;
        String substring = (Objects.equals(servletPath, Constants.DASHBOARD_HTML) || Objects.equals(servletPath, Constants.DASHBOARD_LOGO)) ? servletPath : requestURI.substring(contextPath.length() + servletPath.length());
        httpServletResponse.setCharacterEncoding("utf-8");
        String ip = IPUtils.getIp(httpServletRequest);
        if (checkIp(ip, httpServletResponse) && !gotoIndex(contextPath, substring, httpServletRequest, httpServletResponse)) {
            if (!Constants.DASHBOARD_API_PREFIX.equals(servletPath) || !substring.startsWith(Docs.VERSION_PATH)) {
                returnResourceFile(substring, str, httpServletRequest, httpServletResponse);
            } else {
                User auth = auth(httpServletRequest, ip, this.cache);
                this.apiHandler.process(httpServletRequest, httpServletResponse, substring, (this.requireLogin && auth == null) ? false : true, auth);
            }
        }
    }

    private boolean checkIp(String str, HttpServletResponse httpServletResponse) throws IOException {
        try {
            if (isPermittedRequest(str)) {
                return true;
            }
            nopermit(httpServletResponse);
            return false;
        } catch (Exception e) {
            nopermit(httpServletResponse);
            return false;
        }
    }

    private boolean gotoIndex(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (!"".equals(str2)) {
            if (!Constants.SLASH.equals(str2)) {
                return false;
            }
            sendRedirect(httpServletRequest, httpServletResponse, "authz.html");
            return true;
        }
        if (str.equals("") || str.equals(Constants.SLASH)) {
            sendRedirect(httpServletRequest, httpServletResponse, Constants.DASHBOARD_HTML);
            return true;
        }
        sendRedirect(httpServletRequest, httpServletResponse, Constants.DASHBOARD_HTML);
        return true;
    }

    private void nopermit(HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setContentType("text/html; charset=utf-8");
        String readFromResource = SupportUtils.readFromResource(nopermit);
        if (readFromResource != null) {
            httpServletResponse.getWriter().write(readFromResource);
        } else {
            httpServletResponse.getWriter().write("");
            httpServletResponse.setStatus(404);
        }
    }

    private void returnResourceFile(String str, String str2, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String str3 = Objects.equals(str, Constants.DASHBOARD_HTML) ? "support/http/dist/index.html" : Objects.equals(str, Constants.DASHBOARD_LOGO) ? "support/http/dist/authz-dashboard-favicon.ico" : resourcePath + str;
        if (str3.endsWith(".html")) {
            httpServletResponse.setContentType("text/html; charset=utf-8");
        }
        if (FormatUtils.isIgnoreSuffix(str, Constants.SUFFIX)) {
            byte[] readByteArrayFromResource = SupportUtils.readByteArrayFromResource(str3);
            if (readByteArrayFromResource != null) {
                httpServletResponse.getOutputStream().write(readByteArrayFromResource);
                return;
            }
            return;
        }
        String readFromResource = SupportUtils.readFromResource(str3);
        if (readFromResource == null) {
            sendRedirect(httpServletRequest, httpServletResponse, str2 + Constants.DASHBOARD_HTML);
            return;
        }
        if (str.endsWith(".css")) {
            httpServletResponse.setContentType("text/css;charset=utf-8");
        } else if (str.endsWith(".js")) {
            httpServletResponse.setContentType("text/javascript;charset=utf-8");
        } else if (str.endsWith(".svg")) {
            httpServletResponse.setContentType("image/svg+xml");
        }
        httpServletResponse.getWriter().write(readFromResource);
    }

    private boolean isPermittedRequest(String str) {
        if ((str == null || str.indexOf(58) == -1) ? false : true) {
            return "0:0:0:0:0:0:0:1".equals(str) || (this.denyList.size() == 0 && this.allowList.size() == 0);
        }
        IPAddress iPAddress = new IPAddress(str);
        Iterator<IPRange> it = this.denyList.iterator();
        while (it.hasNext()) {
            if (it.next().isIPAddressInRange(iPAddress)) {
                return false;
            }
        }
        if (this.allowList.size() <= 0) {
            return true;
        }
        Iterator<IPRange> it2 = this.allowList.iterator();
        while (it2.hasNext()) {
            if (it2.next().isIPAddressInRange(iPAddress)) {
                return true;
            }
        }
        return false;
    }

    private void sendRedirect(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException {
        Map parameterMap = httpServletRequest.getParameterMap();
        if (parameterMap.isEmpty()) {
            httpServletResponse.sendRedirect(str);
            return;
        }
        StringBuilder append = new StringBuilder(str).append("?");
        Iterator it = parameterMap.entrySet().iterator();
        while (it.hasNext()) {
            Map.Entry entry = (Map.Entry) it.next();
            append.append((String) entry.getKey()).append("=").append(((String[]) entry.getValue())[0]);
            if (it.hasNext()) {
                append.append("&");
            }
        }
        httpServletResponse.sendRedirect(append.toString());
    }

    public static long getUnresponsiveExpirationTime() {
        return unresponsiveExpirationTime;
    }
}
