package com.apache.security.filter;

import com.apache.license.filter.AbstractFilter;
import com.apache.license.validator.LicenseValidate;
import com.apache.security.SecurityConstant;
import com.apache.security.SecurityFilter;
import com.apache.security.util.SecurityHttpServletRequest;
import com.apache.security.util.SecurityHttpServletResponse;
import com.apache.security.util.XssUtil;
import com.apache.tools.StrUtil;
import java.io.IOException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.List;
import java.util.Locale;
import java.util.regex.Pattern;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/apache/security/filter/DefaultBaseSecurityFilter.class */
public class DefaultBaseSecurityFilter extends AbstractFilter {
    private String errorPage;
    private String writeStr;
    private List<SecurityFilter> securityFilterList = new ArrayList();
    private String encoding = null;

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        servletRequest.setCharacterEncoding(this.encoding);
        if (!(servletRequest instanceof HttpServletRequest) || !(servletResponse instanceof HttpServletResponse)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (filterPath(httpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String requestURI = httpServletRequest.getRequestURI();
        if (!LicenseValidate.getInstance().isEffective()) {
            if (requestURI.contains("doService.action")) {
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            return;
        }
        for (int i = 0; i < this.securityFilterList.size(); i++) {
            this.securityFilterList.get(i).setErrorPage(this.errorPage);
            if (0 == this.securityFilterList.get(i).doFilterInvoke(httpServletRequest, httpServletResponse)) {
                return;
            }
        }
        CookeHeader(httpServletRequest, httpServletResponse);
        filterChain.doFilter(new SecurityHttpServletRequest(httpServletRequest), new SecurityHttpServletResponse(httpServletResponse));
    }

    private boolean filterPath(HttpServletRequest httpServletRequest) {
        String doNull = StrUtil.doNull(httpServletRequest.getContextPath(), "/");
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.contains(".css") || requestURI.contains(".js") || requestURI.contains("doService.action")) {
            return true;
        }
        if (requestURI.endsWith("/")) {
            if (requestURI.endsWith(doNull + "/")) {
                return true;
            }
        } else if (requestURI.endsWith(doNull)) {
            return true;
        }
        return null != this.writeStr && this.writeStr.contains(requestURI);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        super.initLincense();
        initRedictWhiteList(filterConfig);
        this.errorPage = filterConfig.getInitParameter("errorPage");
        this.writeStr = filterConfig.getInitParameter("writeStr");
        this.encoding = filterConfig.getInitParameter("encoding");
        if (XssUtil.isNull(this.encoding)) {
            this.encoding = "UTF-8";
        }
        try {
            initSecurityFilterList(filterConfig);
        } catch (ClassNotFoundException e) {
            throw new ServletException(e);
        } catch (IllegalAccessException e2) {
            throw new ServletException(e2);
        } catch (InstantiationException e3) {
            throw new ServletException(e3);
        }
    }

    public void initRedictWhiteList(FilterConfig filterConfig) throws ServletException {
        String initParameter = filterConfig.getInitParameter("redirectWhiteList");
        if (StrUtil.isNull(initParameter)) {
            return;
        }
        String[] split = initParameter.split(",");
        ArrayList arrayList = new ArrayList();
        for (String str : split) {
            arrayList.add(Pattern.compile(str));
        }
        SecurityConstant.redirectLocationWhiteList.addAll(arrayList);
    }

    private void initSecurityFilterList(FilterConfig filterConfig) throws ClassNotFoundException, InstantiationException, IllegalAccessException {
        String initParameter = filterConfig.getInitParameter("securityFilterList");
        if (StrUtil.isNull(initParameter)) {
            return;
        }
        for (String str : initParameter.split(",")) {
            this.securityFilterList.add((SecurityFilter) Class.forName(str).newInstance());
        }
    }

    private void CookeHeader(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (null != cookies) {
            Calendar calendar = Calendar.getInstance();
            calendar.add(10, 1);
            Date time = calendar.getTime();
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("dd-MM-yyyy HH:mm:ss", Locale.CHINA);
            for (Cookie cookie : cookies) {
                if (null != cookie) {
                    if ("JSESSIONID".equalsIgnoreCase(cookie.getName())) {
                        StringBuilder sb = new StringBuilder();
                        if (cookie.getSecure()) {
                            sb.append("Secure;");
                        }
                        String value = cookie.getValue();
                        String contextPath = httpServletRequest.getContextPath();
                        sb.append("JSESSIONID=" + value + ";");
                        sb.append("path=" + contextPath + ";");
                        sb.append("HttpOnly;");
                        sb.append("Expires=" + simpleDateFormat.format(time));
                        httpServletResponse.addHeader("Set-Cookie", sb.toString());
                    } else if ("apache_".equalsIgnoreCase(cookie.getName())) {
                        StringBuilder sb2 = new StringBuilder();
                        if (cookie.getSecure()) {
                            sb2.append("Secure;");
                        }
                        String value2 = cookie.getValue();
                        String contextPath2 = httpServletRequest.getContextPath();
                        sb2.append("apache_=" + value2 + ";");
                        sb2.append("path=" + contextPath2 + ";");
                        sb2.append("HttpOnly;");
                        sb2.append("Expires=" + simpleDateFormat.format(time));
                        httpServletResponse.addHeader("Set-Cookie", sb2.toString());
                    }
                }
            }
        }
    }
}
