package com.apache.uct.common.filter;

import com.alibaba.fastjson.JSON;
import com.apache.api.api.IBaseLoginUser;
import com.apache.api.vo.ResultEntity;
import com.apache.api.vo.ResultMsg;
import com.apache.cache.util.Validator;
import com.apache.client.AesClientUtil;
import com.apache.license.filter.AbstractFilter;
import com.apache.license.validator.LicenseValidate;
import com.apache.license.validator.OsUtils;
import com.apache.oscache.BaseOsCache;
import com.apache.oscache.OsCacheManager;
import com.apache.passport.common.PassportHelper;
import com.apache.rpc.common.JsonEntityParese;
import com.apache.tools.ConfigUtil;
import com.apache.tools.DateUtils;
import com.apache.tools.PropertiesConfig;
import com.apache.tools.StrUtil;
import com.apache.uct.common.LoginUser;
import com.apache.uct.common.ToolsUtil;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Properties;
import java.util.regex.Pattern;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.sf.json.JSONObject;
import org.apache.commons.lang.StringEscapeUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/apache/uct/common/filter/LicenseFilter.class */
public class LicenseFilter extends AbstractFilter {
    private String propertiesPath;
    private Properties prop;
    private BaseOsCache otherCache;
    private Logger log = LoggerFactory.getLogger(getClass());
    private String loginUserService = "com.apache.client.common.DefLoginUserImpl";
    private String authFlag = "F";
    private String[] badStrs = {"<script", "confirm(", "prompt(", "eval(", "function(", "alert(", ":alert", "ltrim(", "[window[", "<iframe", "<a href", "<input ", "<img", "<audio", "onerror\\=", "ltrim(", "{tostring:", "</script", "</style", "href=", "vbscript"};

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.otherCache = new BaseOsCache("other_config", 300);
        if (StrUtil.isNotNull(filterConfig.getInitParameter("loginUserService"))) {
            this.loginUserService = filterConfig.getInitParameter("loginUserService");
        }
        if (StrUtil.isNotNull(filterConfig.getInitParameter("authFlag"))) {
            this.authFlag = filterConfig.getInitParameter("authFlag");
        }
        initLincense();
        this.propertiesPath = Validator.getClassLoaderPath();
        this.prop = Validator.getProperties(this.propertiesPath, "cache-conf.properties");
        String property = this.prop.getProperty("cache_authorization_code");
        if (StrUtil.isNotNull(property)) {
            try {
                if ("0".equals(JSONObject.fromObject(AesClientUtil.getInstance().decryptEcbMode(property)).getString("infoType"))) {
                    this.prop.setProperty("cache_authorization_code", ToolsUtil.BLANK);
                }
            } catch (Exception e) {
                this.prop.setProperty("cache_authorization_code", ToolsUtil.BLANK);
            }
        }
        this.otherCache.put("isOpenSecurity", StrUtil.doNull(ConfigUtil.getInstance().findValueByKey("is_open_security_filter"), "false"));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.indexOf("/trans/export/") == -1 && (requestURI.indexOf("/images/") != -1 || requestURI.indexOf("/atta/") != -1 || requestURI.indexOf("/export/") != -1 || requestURI.indexOf("/js/") != -1 || requestURI.indexOf("/common/") != -1 || requestURI.indexOf("/template/") != -1)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if ("T".equalsIgnoreCase(this.authFlag) && !AuthRequestSecurity()) {
            httpServletResponse.setStatus(500);
            outputJson(JSONObject.fromObject(new ResultMsg("F", "Invalid trial version authorization code")).toString(), httpServletResponse, httpServletRequest.getParameter("callback"));
            return;
        }
        String valueOf = String.valueOf(this.otherCache.get("isOpenSecurity"));
        if (StrUtil.isNull(valueOf)) {
            valueOf = StrUtil.doNull(ConfigUtil.getInstance().findValueByKey("is_open_security_filter"), "false");
            this.otherCache.put("isOpenSecurity", valueOf);
        }
        if (cleanXSS(httpServletRequest, valueOf)) {
            httpServletResponse.setStatus(500);
            outputJson(JSONObject.fromObject(new ResultMsg("F", "请求参数非法")).toString(), httpServletResponse, httpServletRequest.getParameter("callback"));
            return;
        }
        if (requestURI.indexOf("/api/") > -1) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (requestURI.indexOf("/doService") < 0) {
            if (StrUtil.isNotNull(httpServletRequest.getHeader("real-server-name"))) {
                httpServletRequest.getSession().setAttribute("realServerName", httpServletRequest.getHeader("real-server-name"));
            }
            String tokenId = PassportHelper.getInstance().getTokenId(httpServletRequest);
            if (StrUtil.isNotNull(tokenId)) {
                Object loginUser = OsCacheManager.getInstance().getLoginUser(tokenId);
                if (loginUser == null) {
                    try {
                        loginUser = ((IBaseLoginUser) Class.forName(this.loginUserService).newInstance()).findLoginUser(tokenId, httpServletRequest, httpServletResponse);
                        OsCacheManager.getInstance().putLoginUser(tokenId, (LoginUser) loginUser);
                    } catch (Exception e) {
                        this.log.error("按" + tokenId + "获取loginUser信息失败");
                    }
                }
                if (loginUser != null) {
                    httpServletRequest.getSession().setAttribute("loginUser", loginUser);
                }
            }
        } else if (!LicenseValidate.getInstance().isEffective()) {
            ResultEntity resultEntity = new ResultEntity();
            resultEntity.setResult("false");
            resultEntity.setMessage("功能已停用或已删除！");
            String parameter = httpServletRequest.getParameter("callback");
            if (Validator.isNull(parameter)) {
                httpServletResponse.setContentType("text/html; charset=UTF-8");
                PrintWriter writer = httpServletResponse.getWriter();
                writer.print(JsonEntityParese.instance().toXml(resultEntity));
                writer.flush();
                return;
            }
            PrintWriter writer2 = httpServletResponse.getWriter();
            httpServletResponse.setContentType("application/javascript");
            writer2.print(parameter + "(" + JSONObject.fromObject(resultEntity).toString() + ")");
            writer2.flush();
            return;
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    private boolean AuthRequestSecurity() {
        boolean z = true;
        String property = getProperty("cache_authorization_code");
        long strToLong = DateUtils.strToLong(DateUtils.Now.fmt_yyyyMMdd_HH(), DateUtils.FmtStr.yyyyMMdd_HH);
        try {
            if (StrUtil.isNull(property)) {
                String applicatinConfig = PropertiesConfig.getApplicatinConfig("spring.authorization.code");
                if (StrUtil.isNull(applicatinConfig)) {
                    JSONObject jSONObject = new JSONObject();
                    jSONObject.put("infoType", "0");
                    jSONObject.put("startTime", Long.valueOf(strToLong));
                    jSONObject.put("license-formal", "0");
                    jSONObject.put("flag", ToolsUtil.BLANK);
                    String encryptEcbMode = AesClientUtil.getInstance().encryptEcbMode(jSONObject.toString());
                    System.out.println("spring boot version dev");
                    setProperty(encryptEcbMode);
                } else if (StrUtil.isNotNull(applicatinConfig) && isAuthCode(strToLong, OsUtils.getLocalIp(), applicatinConfig)) {
                    JSONObject jSONObject2 = new JSONObject();
                    jSONObject2.put("infoType", "0");
                    jSONObject2.put("startTime", Long.valueOf(strToLong));
                    jSONObject2.put("license-formal", "0");
                    jSONObject2.put("flag", ToolsUtil.BLANK);
                    System.out.println("spring boot version dev");
                    setProperty(AesClientUtil.getInstance().encryptEcbMode(jSONObject2.toString()));
                }
            } else {
                String localIp = OsUtils.getLocalIp();
                JSONObject fromObject = JSONObject.fromObject(AesClientUtil.getInstance().decryptEcbMode(property));
                String string = fromObject.getString("flag");
                boolean equals = "0".equals(fromObject.getString("infoType"));
                if (fromObject.containsKey("license-formal") && "9".equals(fromObject.getString("license-formal"))) {
                    return true;
                }
                if (equals || !localIp.equals(string)) {
                    String applicatinConfig2 = PropertiesConfig.getApplicatinConfig("spring.authorization.code");
                    boolean z2 = true;
                    if (StrUtil.isNotNull(applicatinConfig2)) {
                        z2 = isAuthCode(strToLong, localIp, applicatinConfig2);
                    }
                    if (z2 && ((strToLong - fromObject.getLong("startTime")) / 3600000 > 48 || !equals)) {
                        z = false;
                    }
                }
            }
        } catch (Exception e) {
            z = false;
        }
        return z;
    }

    private boolean isAuthCode(long j, String str, String str2) {
        boolean z = true;
        JSONObject fromObject = JSONObject.fromObject(AesClientUtil.getInstance().decryptEcbMode(str2));
        if ((j - DateUtils.strToLong(fromObject.getString("startTime"), DateUtils.FmtStr.yyyyMMdd_HH)) / 3600000 <= fromObject.getInt("effectiveTime") || "9".equals(fromObject.getString("license-formal"))) {
            fromObject.put("infoType", "1");
            fromObject.put("flag", str);
            setProperty(AesClientUtil.getInstance().encryptEcbMode(fromObject.toString()));
            z = false;
            System.out.println("spring boot version prod");
        }
        return z;
    }

    private boolean cleanXSS(HttpServletRequest httpServletRequest, String str) {
        if (!"true".equalsIgnoreCase(str)) {
            return false;
        }
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.toLowerCase().contains("/owa_util.signature") || requestURI.toLowerCase().contains("/sqlnet.trc")) {
            return true;
        }
        if (StrUtil.isNotNull(httpServletRequest.getParameter("formToken"))) {
            return false;
        }
        HashMap hashMap = new HashMap(httpServletRequest.getParameterMap());
        StringBuilder sb = new StringBuilder();
        if (!hashMap.isEmpty()) {
            hashMap.forEach((str2, strArr) -> {
                if (strArr != null) {
                    List asList = Arrays.asList(strArr);
                    for (int i = 0; i < asList.size(); i++) {
                        String str2 = (String) asList.get(i);
                        asList.set(i, StringEscapeUtils.escapeHtml(str2));
                        asList.set(i, StringEscapeUtils.escapeJavaScript(str2));
                        if (str2.length() < 200) {
                            sb.append((String) asList.get(i));
                        }
                    }
                }
            });
            if (JSON.toJSONString(hashMap).contains("forbid")) {
                return true;
            }
        }
        sb.append(httpServletRequest.getQueryString());
        sb.append(httpServletRequest.getHeader("Referer"));
        String sb2 = sb.toString();
        if (StrUtil.isNull(sb2)) {
            return false;
        }
        String replace = sb2.toLowerCase().replace("%28", "(").replace("%2b", "+").replace("%3c", "<").replace("%27", "'").replace("%5b", "[").replace("%5d", "]").replace("%3d", "=").replace("%7c", "|").replace("%7b", "{").replace("%3a", ":").replace("%2f", "/");
        String findValueByKey = ConfigUtil.getInstance().findValueByKey("security_filter_strs");
        if (StrUtil.isNotNull(findValueByKey)) {
            this.badStrs = findValueByKey.split(",");
        }
        for (int i = 0; i < this.badStrs.length; i++) {
            if (replace.indexOf(this.badStrs[i]) >= 0) {
                return true;
            }
        }
        return isEqualString(sb2);
    }

    private boolean isEqualString(String str) {
        return Pattern.compile("(<[a-zA-Z].*?>)|(<[\\/][a-zA-Z].*?>)").matcher(str).matches();
    }

    private void outputJson(String str, HttpServletResponse httpServletResponse, String str2) throws IOException {
        if (StrUtil.isNotNull(str)) {
            PrintWriter writer = httpServletResponse.getWriter();
            if (StrUtil.isNull(str2)) {
                httpServletResponse.setContentType("text/html;charset=UTF-8");
                httpServletResponse.setHeader("Access-Control-Allow-Origin", "*");
                httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST,GET");
                httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
                writer.print(str);
            } else {
                httpServletResponse.setContentType("application/javascript");
                writer.print(str2 + "(" + str + ")");
            }
            writer.flush();
            writer.close();
        }
    }

    private void setProperty(String str) {
        try {
            if (this.prop != null) {
                this.prop.setProperty("cache_authorization_code", str);
                this.prop.store(new FileOutputStream(new File(this.propertiesPath + "cache-conf.properties")), "utf-8");
            }
        } catch (Exception e) {
        }
    }

    private String getProperty(String str) {
        return this.prop != null ? this.prop.getProperty(str) : ToolsUtil.BLANK;
    }
}
