package com.apache.passport.common;

import com.apache.database.constant.Validator;
import com.apache.license.filter.AbstractFilter;
import com.apache.passport.entity.Token;
import com.apache.security.util.SecurityHttpServletRequest;
import com.apache.security.util.SecurityHttpServletResponse;
import com.apache.tools.ConfigUtil;
import com.apache.tools.StrUtil;
import com.apache.uct.common.ToolsUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/apache/passport/common/SsoServerFilter.class */
public class SsoServerFilter extends AbstractFilter {
    private static final String SUFFIX = "js,css,png,jpg,gif,bmp,swf,fla,ico";
    private Logger log = LoggerFactory.getLogger(SsoServerFilter.class);
    private String COOKIENAME = "";
    private String login_url = "";
    private String consoleUser = "";
    private String white_url = "";
    private String jumpUrl = "";
    private boolean isOpenSecurityFilter = false;
    private String rpc_service_url = "";
    private Map<String, String> unLockMap = new HashMap();
    private Map<String, ArrayList<String>> whiteMap = new HashMap();
    private List<String> whiteJK = new ArrayList<String>() { // from class: com.apache.passport.common.SsoServerFilter.1
        {
            add("/health");
            add("/info");
            add("/auditevents");
            add("/metrics");
            add("/logfile");
            add("/loggers");
            add("/jolokia");
            add("/flyway");
            add("/liquibase");
            add("/dump");
            add("/heapdump");
            add("/auditevents");
            add("/env");
            add("/turbine");
            add("/trace");
            add("/hystrix");
            add("/api");
            add("/refresh");
            add("/offline");
            add("/online");
            add("/refresh");
        }
    };

    public void init(FilterConfig filterConfig) throws ServletException {
        initLincense();
        this.unLockMap.put("/login.jsp", "");
        this.unLockMap.put("/login_jwt.jsp", "");
        this.unLockMap.put("/login.html", "");
        this.unLockMap.put("/login_jwt.html", "");
        this.unLockMap.put("/passport/service", "");
        this.unLockMap.put("/passport/outside", "");
        initValue();
        try {
            String readModelXMl = ConversionModelFactory.getInstance().readModelXMl();
            if (Validator.isNotNull(readModelXMl)) {
                ConversionModelFactory.getInstance().setModel((SsoConversionModel) JaxbUtil.xmlToBean(readModelXMl, SsoConversionModel.class));
            }
        } catch (Exception e) {
            e.printStackTrace();
            this.log.error("加载转换模型配置失败");
        }
    }

    private void initValue() {
        this.COOKIENAME = ConfigUtil.getInstance().getValueByKey("cookieName");
        this.login_url = ConfigUtil.getInstance().findValueByKey("login.url");
        this.white_url = ConfigUtil.getInstance().findValueByKey("white.url");
        this.jumpUrl = ConfigUtil.getInstance().findValueByKey("jump.url");
        this.rpc_service_url = ConfigUtil.getInstance().findValueByKey("rpc_service_url");
        this.isOpenSecurityFilter = Boolean.parseBoolean(StrUtil.doNull(ConfigUtil.getInstance().findValueByKey("is_open_security_filter"), "false"));
        this.consoleUser = ConfigUtil.getInstance().findValueByKey("uct_supper_user");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setCharacterEncoding("UTF-8");
        httpServletResponse.setDateHeader("expires", 0L);
        httpServletResponse.setHeader("Cache-Control", "no-cache");
        httpServletResponse.setHeader("pragma", "no-cache");
        String parameter = httpServletRequest.getParameter("sys");
        String parameter2 = httpServletRequest.getParameter("cset");
        String parameter3 = httpServletRequest.getParameter("go");
        String parameter4 = httpServletRequest.getParameter("_client");
        String parameter5 = httpServletRequest.getParameter("ptlang");
        String requestURI = httpServletRequest.getRequestURI();
        String servletPath = httpServletRequest.getServletPath();
        String lowerCase = PassportHelper.getInstance().parseUrlSuffix(requestURI).toLowerCase();
        if (StrUtil.isNotNull(lowerCase) && "js,css,png,jpg,gif,bmp,swf,fla,ico".contains(lowerCase)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (jkWhite(servletPath)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String tokenId = PassportHelper.getInstance().getTokenId(httpServletRequest);
        if (ConfigUtil.getInstance().checkFileUpdate("") || StrUtil.isNull(this.white_url)) {
            initValue();
        }
        String parameter6 = httpServletRequest.getParameter("tokenId");
        boolean z = (ToolsUtil.isNull(parameter) || ToolsUtil.isNull(parameter2) || ToolsUtil.isNull(parameter3) || ToolsUtil.isNull(parameter4)) ? false : true;
        if (StrUtil.isNull(parameter6) || "undefined".equalsIgnoreCase(parameter6) || outwardSys(parameter3, parameter6, parameter2, parameter5, httpServletRequest, httpServletResponse)) {
            Token token = PassPortConst.getToken(tokenId);
            httpServletRequest.getSession().setAttribute("ctx", httpServletRequest.getContextPath());
            String header = httpServletRequest.getHeader("gateway-type");
            if (ToolsUtil.isEmpty(token)) {
                clearCookie(httpServletRequest, httpServletResponse, "/");
                if (actPathGoto(httpServletRequest)) {
                    gotoPage(httpServletRequest, httpServletResponse, filterChain);
                    return;
                }
            } else {
                if (z) {
                    httpServletRequest.setAttribute("tokenId", token.getTokenId());
                    httpServletResponse.sendRedirect(parameter2 + "?ticket=" + token.getTokenId() + "&go=" + parameter3 + "&ucsso=" + token.getUserId());
                    return;
                }
                String userEname = token.getUserEname();
                if (!StrUtil.isNull(userEname)) {
                    httpServletRequest.setAttribute("ctx", httpServletRequest.getContextPath());
                    if (requestURI.indexOf("/passport/login/tsk-index") > -1 || actPathGoto(httpServletRequest)) {
                        gotoPage(httpServletRequest, httpServletResponse, filterChain);
                        return;
                    }
                    if (this.consoleUser.indexOf(DesUtils.getInstance().decrypt(userEname)) > -1 && !"/".equals(servletPath) && servletPath.indexOf("/login.") <= -1) {
                        gotoPage(httpServletRequest, httpServletResponse, filterChain);
                        return;
                    } else if (StrUtil.isNull(header)) {
                        httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + this.jumpUrl);
                        return;
                    } else {
                        httpServletRequest.getRequestDispatcher(this.jumpUrl).forward(httpServletRequest, httpServletResponse);
                        return;
                    }
                }
            }
            String findValueByKey = ConfigUtil.getInstance().findValueByKey("secret_key_type");
            String str = StrUtil.isNull(httpServletRequest.getQueryString()) ? "" : "?" + httpServletRequest.getQueryString();
            if ("rsa".equalsIgnoreCase(findValueByKey)) {
                httpServletResponse.sendRedirect(this.login_url + "/login_jwt.html" + str);
            } else {
                httpServletResponse.sendRedirect(this.login_url + "/login.html" + str);
            }
        }
    }

    private void gotoPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws IOException, ServletException {
        if ("true".equalsIgnoreCase(ConfigUtil.getInstance().findValueByKey("is_open_security_filter"))) {
            filterChain.doFilter(new SecurityHttpServletRequest(httpServletRequest), new SecurityHttpServletResponse(httpServletResponse));
        } else {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
    }

    private boolean actPathGoto(HttpServletRequest httpServletRequest) {
        String servletPath = httpServletRequest.getServletPath();
        Iterator<String> it = this.unLockMap.keySet().iterator();
        while (it.hasNext()) {
            if (servletPath.indexOf(it.next()) > -1) {
                return true;
            }
        }
        return Arrays.asList(this.white_url.split(",")).contains(servletPath) || unlockPath(servletPath);
    }

    private boolean outwardSys(String str, String str2, String str3, String str4, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        Token token = PassPortConst.getToken(str2);
        if (ToolsUtil.isEmpty(token)) {
            httpServletResponse.sendRedirect(ToolsUtil.isNull(str) ? this.login_url : str);
            return false;
        }
        DesUtils.getInstance().decrypt(token.getUserEname());
        if (ToolsUtil.isNull(str2) || ToolsUtil.isNull(str)) {
            Cookie cookie = new Cookie(this.COOKIENAME, str2);
            cookie.setPath("/");
            cookie.setMaxAge(-1);
            httpServletResponse.addCookie(cookie);
            Cookie cookie2 = new Cookie("_uc.sso", token.getUserId());
            cookie2.setPath("/");
            cookie2.setMaxAge(-1);
            httpServletResponse.addCookie(cookie2);
            httpServletRequest.setAttribute("tokenId", token.getTokenId());
            return true;
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.rpc_service_url);
        arrayList.add(str2);
        arrayList.add(str3);
        arrayList.add(str);
        arrayList.add("apache");
        Collections.sort(arrayList);
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < arrayList.size(); i++) {
            stringBuffer.append((String) arrayList.get(i));
        }
        String SHA1 = PassportHelper.getInstance().SHA1(stringBuffer.toString());
        this.log.debug("rpc_url msg:[{}]" + this.rpc_service_url);
        this.log.debug("pkt msg:[{}]" + str2);
        this.log.debug("setCookieUrl msg:[{}]" + str3);
        this.log.debug("goUrl msg:[{}]" + str);
        this.log.debug("ptlangSha1=" + SHA1 + "; ptlang=" + str4);
        if (!SHA1.equals(str4)) {
            return true;
        }
        Cookie cookie3 = new Cookie(this.COOKIENAME, str2);
        cookie3.setPath("/");
        cookie3.setMaxAge(-1);
        httpServletResponse.addCookie(cookie3);
        Cookie cookie4 = new Cookie("_uc.sso", token.getUserId());
        cookie4.setPath("/");
        cookie4.setMaxAge(-1);
        httpServletResponse.addCookie(cookie4);
        httpServletRequest.setAttribute("tokenId", token.getTokenId());
        httpServletResponse.sendRedirect(str3 + "/cset?ticket=" + token.getTokenId() + "&go=" + str + "&ucsso=" + token.getUserId());
        return false;
    }

    private boolean unlockPath(String str) {
        XmlWhiteUtils.getInstance().deWhiteXml(this.whiteMap, "sso");
        ArrayList<String> arrayList = this.whiteMap.get("whiteUrl");
        ArrayList<String> arrayList2 = this.whiteMap.get("whiteParadigm");
        arrayList2.add("/passport/service/*");
        int size = arrayList2.size();
        if (str.length() <= 1) {
            return false;
        }
        if (arrayList.contains(str)) {
            return true;
        }
        for (int i = 0; i < size; i++) {
            if (arrayList2.get(i).contains("*")) {
                if (str.indexOf(arrayList2.get(i).replace("*", "")) == 0) {
                    return true;
                }
            } else if (!"".equals(arrayList2.get(i)) && str.indexOf(arrayList2.get(i)) == 0) {
                return true;
            }
        }
        return false;
    }

    public void destroy() {
    }

    private boolean jkWhite(String str) {
        List list = PassportHelper.whiteJK;
        list.add("/passport/login/sendSmsCode");
        list.add("/passport/outside/");
        list.add("/rpc/service/");
        for (int i = 0; i < list.size(); i++) {
            if (str.startsWith((String) list.get(i))) {
                return true;
            }
        }
        return false;
    }

    private void clearCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Cookie[] cookies = httpServletRequest.getCookies();
        if (null != cookies) {
            try {
                if (cookies.length > 0) {
                    for (Cookie cookie : cookies) {
                        Cookie cookie2 = new Cookie(cookie.getName(), (String) null);
                        cookie2.setMaxAge(0);
                        cookie2.setPath("/");
                        cookie2.setPath(str);
                        httpServletResponse.addCookie(cookie2);
                    }
                }
            } catch (Exception e) {
                this.log.error("清空Cookies发生异常!" + e.getMessage());
            }
        }
    }
}
