package com.apache.passport.jwt;

import com.apache.api.vo.ResultEntity;
import com.apache.jwt.Claims;
import com.apache.jwt.PostHttps;
import com.apache.passport.common.PassportHelper;
import com.apache.rpc.common.LoadRpcService;
import com.apache.rpc.entity.InterfaceRegister;
import com.apache.tools.RequestTools;
import com.apache.tools.StrUtil;
import com.apache.uct.common.LoginUser;
import com.apache.uct.common.PBOSSOTools;
import com.apache.uct.common.ToolsUtil;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.sf.json.JSONObject;
import org.apache.http.NameValuePair;
import org.apache.http.message.BasicNameValuePair;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/apache/passport/jwt/CorsFilter.class */
public abstract class CorsFilter implements Filter {
    protected JwtUtil jwt;
    protected String sysEname;
    protected Logger log = LoggerFactory.getLogger(getClass());
    protected String login_url = ToolsUtil.BLANK;
    protected String customLogin = ToolsUtil.BLANK;
    protected String cookieName = ToolsUtil.BLANK;
    protected String login_pass = ToolsUtil.BLANK;
    protected String reqUrl = ToolsUtil.BLANK;
    protected String reqType = ToolsUtil.BLANK;
    protected String checkIp = ToolsUtil.BLANK;
    protected String checkPort = ToolsUtil.BLANK;
    protected String isClearSession = ToolsUtil.BLANK;
    protected String registryProtocol = ToolsUtil.BLANK;
    protected String sessionKey = "loginUser";
    protected String errorPage = ToolsUtil.BLANK;
    protected String defaultSso = "sso";

    public void init(FilterConfig filterConfig) {
        this.jwt = JwtUtil.newInstance();
        this.errorPage = StrUtil.doNull(filterConfig.getInitParameter("errorPage"), "/error.action");
        this.defaultSso = StrUtil.doNull(filterConfig.getInitParameter("defaultSso"), "sso").toLowerCase();
        initValue();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initValue() {
        this.customLogin = ToolsUtil.getInstance().getValueByKey("custom_login");
        this.login_url = ToolsUtil.getInstance().getValueByKey("uct_server");
        this.cookieName = ToolsUtil.getInstance().getValueByKey("cookieName");
        this.login_pass = ToolsUtil.getInstance().getValueByKey("login.pass");
        this.reqUrl = ToolsUtil.getInstance().getValueByKey("req_url");
        this.reqType = ToolsUtil.getInstance().getValueByKey("req_type");
        this.checkIp = ToolsUtil.getInstance().getValueByKey("check_url");
        this.checkPort = ToolsUtil.getInstance().getValueByKey("check_port");
        this.isClearSession = ToolsUtil.getInstance().getValueByKey("is_clear_session");
        this.registryProtocol = ToolsUtil.getInstance().getValueByKey("registry_protocol");
        this.sysEname = ToolsUtil.getInstance().getValueByKey("sysEname");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean jkWhite(String str) {
        List<String> list = PassportHelper.whiteJK;
        for (int i = 0; i < list.size(); i++) {
            if (str.startsWith(list.get(i))) {
                return true;
            }
        }
        return false;
    }

    public void destroy() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getLonginUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws UnsupportedEncodingException {
        return ((!StrUtil.isNotNull(str) || str.indexOf("uni_") <= -1) && !"eid".equals(this.defaultSso)) ? "sso".equals(this.defaultSso) ? doSsoFilters(httpServletRequest, httpServletResponse, str, ToolsUtil.BLANK) : StrUtil.doNull(httpServletRequest.getHeader("real-server-name"), ToolsUtil.BLANK) + httpServletRequest.getContextPath() + StrUtil.doNull(this.customLogin, "/login.jsp") : doSsoFiltersForEid(httpServletRequest, httpServletResponse, str, ToolsUtil.BLANK);
    }

    protected String doSsoFilters(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws UnsupportedEncodingException {
        String servletPath = httpServletRequest.getServletPath();
        String parameter = httpServletRequest.getParameter("go");
        String doNull = StrUtil.doNull(httpServletRequest.getHeader("real-server-name"), httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + httpServletRequest.getContextPath());
        if (parameter == null) {
            parameter = httpServletRequest.getRequestURL().toString();
        }
        String str3 = ToolsUtil.BLANK;
        if ("T".equals(ToolsUtil.getInstance().getValueByKey("is_url_params"))) {
            String reqParams = PassportHelper.getInstance().getReqParams(httpServletRequest, "go");
            str3 = PassportHelper.getInstance().isNov(reqParams, reqParams, "?" + reqParams);
        }
        ArrayList<String> arrayList = new ArrayList<>();
        if (StrUtil.isNull(str) && StrUtil.isNotNull(str2)) {
            StringBuffer stringBuffer = new StringBuffer();
            arrayList.add(this.login_url);
            arrayList.add(str2);
            arrayList.add(parameter + str3);
            arrayList.add("apache");
            arrayList.add(doNull);
            Collections.sort(arrayList);
            String SHA1 = PassportHelper.getInstance().SHA1(arrayList);
            this.log.info("login_url=" + this.login_url + "====pkt=" + str2);
            if ("T".equals(this.login_pass)) {
                stringBuffer.append(this.login_url);
                stringBuffer.append("?");
                stringBuffer.append("tokenId=" + str2);
                stringBuffer.append("&go=" + parameter + str3);
                stringBuffer.append("&ptlang=" + SHA1);
                stringBuffer.append("&cset=" + doNull);
            } else {
                stringBuffer.append(this.login_url);
            }
            httpServletRequest.removeAttribute("tokenId");
            return stringBuffer.toString();
        }
        String str4 = doNull + "/cset";
        arrayList.add(this.login_url);
        arrayList.add(this.sysEname);
        arrayList.add(str4);
        if (httpServletRequest.getRequestURI().equals(servletPath + "/logout")) {
            arrayList.add(parameter);
        } else {
            arrayList.add(parameter + str3);
        }
        arrayList.add("apache");
        Collections.sort(arrayList);
        String SHA12 = PassportHelper.getInstance().SHA1(arrayList);
        StringBuffer stringBuffer2 = new StringBuffer();
        if ("T".equals(this.login_pass)) {
            stringBuffer2.append(this.login_url);
            stringBuffer2.append("?");
            stringBuffer2.append("_client=" + SHA12);
            stringBuffer2.append("&");
            stringBuffer2.append("sys=" + this.sysEname);
            stringBuffer2.append("&");
            stringBuffer2.append("cset=" + URLEncoder.encode(str4, "UTF-8"));
            stringBuffer2.append("&");
            stringBuffer2.append("go=" + URLEncoder.encode(parameter, "UTF-8") + str3);
        } else {
            stringBuffer2.append(this.login_url);
        }
        return stringBuffer2.toString();
    }

    protected String doSsoFiltersForEid(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) throws UnsupportedEncodingException {
        String parameter = httpServletRequest.getParameter("go");
        if (parameter == null) {
            parameter = httpServletRequest.getRequestURL().toString();
        }
        String str3 = ToolsUtil.BLANK;
        if ("T".equals(ToolsUtil.getInstance().getValueByKey("is_url_params"))) {
            String reqParams = PassportHelper.getInstance().getReqParams(httpServletRequest, "go,code");
            str3 = PassportHelper.getInstance().isNov(reqParams, reqParams, "?" + reqParams);
        }
        ArrayList<String> arrayList = new ArrayList<>();
        if (!StrUtil.isNull(str) || !StrUtil.isNotNull(str2)) {
            arrayList.add(this.login_url);
            arrayList.add(this.sysEname);
            arrayList.add("apache");
            Collections.sort(arrayList);
            String SHA1 = PassportHelper.getInstance().SHA1(arrayList);
            StringBuffer stringBuffer = new StringBuffer();
            if ("T".equals(this.login_pass)) {
                stringBuffer.append(this.login_url);
                stringBuffer.append("?_client=" + SHA1);
                stringBuffer.append("&clientid=" + this.sysEname);
                stringBuffer.append("&response_type=code");
                stringBuffer.append("&scope=openid");
                stringBuffer.append("&go=" + URLEncoder.encode(parameter, "UTF-8") + str3);
            } else {
                stringBuffer.append(this.login_url);
            }
            return stringBuffer.toString();
        }
        StringBuffer stringBuffer2 = new StringBuffer();
        arrayList.add(this.login_url);
        arrayList.add("apache");
        Collections.sort(arrayList);
        String SHA12 = PassportHelper.getInstance().SHA1(arrayList);
        this.log.info("login_url=" + this.login_url + "====pkt=" + str2);
        if ("T".equals(this.login_pass)) {
            stringBuffer2.append(this.login_url);
            stringBuffer2.append("?_client=" + SHA12);
            stringBuffer2.append("&tokenId=" + str2);
            stringBuffer2.append("&clientid=" + this.sysEname);
            stringBuffer2.append("&response_type=code");
            stringBuffer2.append("&scope=openid");
            stringBuffer2.append("&go=" + parameter + str3);
        } else {
            stringBuffer2.append(this.login_url);
        }
        httpServletRequest.removeAttribute("tokenId");
        return stringBuffer2.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getAccessToken(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String valueByKey;
        String httpsForStl;
        String str2 = ToolsUtil.BLANK;
        try {
            if (StrUtil.isNull(this.login_url)) {
                this.login_url = ToolsUtil.getInstance().getValueByKey("uct_server");
            }
            valueByKey = ToolsUtil.getInstance().getValueByKey("sysEname");
            String str3 = this.login_url + "passport/outside/access_token";
            NameValuePair[] nameValuePairArr = {new BasicNameValuePair("code", str), new BasicNameValuePair("clientid", valueByKey), new BasicNameValuePair("grant_type", "authorization_code")};
            this.log.info("url=" + str3);
            httpsForStl = str3.startsWith("https:") ? PostHttps.newInstance().getHttpsForStl(str3, nameValuePairArr, "GET") : PostHttps.newInstance().getHttp(str3, nameValuePairArr, "GET");
            this.log.info("getAccessToken=" + httpsForStl);
        } catch (Exception e) {
            this.log.error(e.getMessage());
        }
        if (StrUtil.isNull(httpsForStl)) {
            return ToolsUtil.BLANK;
        }
        JSONObject fromObject = JSONObject.fromObject(httpsForStl);
        if ("200".equals(fromObject.get("state"))) {
            String string = fromObject.getString("id_token");
            Claims uniParseJWT = JwtUtil.newInstance().uniParseJWT(string);
            if (null == uniParseJWT || !uniParseJWT.getAudience().contains(valueByKey)) {
                return ToolsUtil.BLANK;
            }
            String string2 = JSONObject.fromObject(uniParseJWT.get("u_info")).getString("userEname");
            LoginUser loginUserFromUserCenter = PBOSSOTools.getLoginUserFromUserCenter(string2, "uni_" + str);
            HttpSession session = httpServletRequest.getSession();
            session.setAttribute("loginUser", loginUserFromUserCenter);
            session.setAttribute("id_token", string);
            session.setAttribute("access_token", uniParseJWT.get("u_info"));
            session.setAttribute("token_code", str);
            Cookie cookie = new Cookie(this.cookieName, "uni_" + str);
            cookie.setPath("/");
            cookie.setMaxAge(-1);
            httpServletResponse.addCookie(cookie);
            Cookie cookie2 = new Cookie("_uc.sso", string2);
            cookie2.setPath("/");
            cookie2.setMaxAge(-1);
            httpServletResponse.addCookie(cookie2);
            str2 = "uni_" + str;
        } else {
            this.log.info(String.valueOf(fromObject.get("msg")));
        }
        return str2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean auditTokenAndSso(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (StrUtil.isNull(str)) {
            return false;
        }
        String str2 = str.split("\\|")[0];
        if (str2.indexOf("uni_") > -1) {
            String valueOf = String.valueOf(httpServletRequest.getSession().getAttribute("id_token"));
            if (StrUtil.isNull(valueOf)) {
                getAccessToken(str2.replace("uni_", ToolsUtil.BLANK), httpServletRequest, httpServletResponse);
                valueOf = String.valueOf(httpServletRequest.getSession().getAttribute("id_token"));
            }
            if (StrUtil.isNull(valueOf)) {
                return false;
            }
            this.log.info("auditTokenAndSso=" + valueOf);
            Claims uniParseJWT = JwtUtil.newInstance().uniParseJWT(valueOf);
            if (null != uniParseJWT && uniParseJWT.getAudience().contains(this.sysEname)) {
                return System.currentTimeMillis() / 1000 <= Long.valueOf(String.valueOf(uniParseJWT.get(Claims.EXPIRATION))).longValue();
            }
            return false;
        }
        ResultEntity checkToken = checkToken(str2, RequestTools.getIp(httpServletRequest), "checkToken", ToolsUtil.BLANK);
        String valueOf2 = String.valueOf(checkToken.getEntity());
        if (!StrUtil.isNotNull(valueOf2) || !str2.equalsIgnoreCase(valueOf2)) {
            return false;
        }
        Cookie cookie = new Cookie(this.cookieName, str2);
        cookie.setPath("/");
        cookie.setMaxAge(-1);
        Cookie cookie2 = new Cookie("_uc.sso", checkToken.getMessage());
        cookie2.setPath("/");
        cookie2.setMaxAge(-1);
        httpServletResponse.addCookie(cookie);
        httpServletResponse.addCookie(cookie2);
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ResultEntity checkToken(String str, String str2, String str3, String str4) {
        ResultEntity doServiceClient;
        if ("https".equalsIgnoreCase(ToolsUtil.getInstance().getValueByKey("req_type"))) {
            doServiceClient = (ResultEntity) LoadRpcService.service().xmlToBean(PostHttps.newInstance().getHttpsForStl(ToolsUtil.getInstance().getValueByKey("req_url"), new NameValuePair[]{new BasicNameValuePair("sysAccreditip", str2), new BasicNameValuePair("tokenId", str), new BasicNameValuePair("sysEname", this.sysEname), new BasicNameValuePair("userEname", str4)}, "GET"), ResultEntity.class);
        } else {
            HashMap hashMap = new HashMap();
            hashMap.put("sysAccreditip", str2);
            hashMap.put("tokenId", str);
            hashMap.put("sysEname", this.sysEname);
            hashMap.put("userEname", str4);
            doServiceClient = LoadRpcService.service().doServiceClient("ssoService", str3, hashMap, getInterfaceRegister());
        }
        return doServiceClient;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        String parameter = httpServletRequest.getParameter("ticket");
        String parameter2 = httpServletRequest.getParameter("ucsso");
        String parameter3 = httpServletRequest.getParameter("go");
        if (StrUtil.isNotNull(parameter3)) {
            String replaceAll = parameter3.replaceAll("\\|", "&");
            try {
                if (replaceAll.indexOf("token_code") == -1 && StrUtil.isNotNull(parameter) && StrUtil.isNotNull(parameter2)) {
                    Cookie cookie = new Cookie(this.cookieName, parameter);
                    cookie.setPath("/");
                    cookie.setMaxAge(-1);
                    Cookie cookie2 = new Cookie("_uc.sso", parameter2);
                    cookie2.setPath("/");
                    cookie2.setMaxAge(-1);
                    httpServletResponse.addCookie(cookie);
                    httpServletResponse.addCookie(cookie2);
                    replaceAll = replaceAll.indexOf("?tokenId=") != -1 ? replaceAll.replaceAll("tokenId=" + parameter + "&", ToolsUtil.BLANK) : replaceAll.replaceAll("&tokenId=" + parameter, ToolsUtil.BLANK);
                }
                httpServletResponse.sendRedirect(replaceAll);
            } catch (IOException e) {
                e.printStackTrace();
            }
        }
    }

    private InterfaceRegister getInterfaceRegister() {
        InterfaceRegister interfaceRegister = new InterfaceRegister();
        String valueByKey = ToolsUtil.getInstance().getValueByKey("req_type");
        String valueByKey2 = ToolsUtil.getInstance().getValueByKey("check_url");
        if ("https".equalsIgnoreCase(valueByKey)) {
            interfaceRegister.setAddress(ToolsUtil.getInstance().getValueByKey("req_url"));
            interfaceRegister.setCallType("https");
        } else if ("socket".equals(valueByKey) || StrUtil.isNotNull(valueByKey2)) {
            String valueByKey3 = ToolsUtil.getInstance().getValueByKey("check_port");
            interfaceRegister.setAddress(valueByKey2);
            interfaceRegister.setPort(valueByKey3);
            interfaceRegister.setCallType("socket");
        } else {
            interfaceRegister.setAddress(ToolsUtil.getInstance().getValueByKey("req_url"));
            interfaceRegister.setCallType("http");
        }
        return interfaceRegister;
    }
}
