package cn.opencodes.framework.core.interceptor;

import cn.opencodes.framework.core.service.AlphaService;
import cn.opencodes.framework.core.utils.SpringUtils;
import cn.opencodes.framework.core.utils.WebUtils;
import cn.opencodes.framework.core.vo.MaliciousLog;
import cn.opencodes.framework.tools.utils.JsonUtils;
import cn.opencodes.framework.tools.utils.StringUtils;
import cn.opencodes.framework.tools.vo.CoreConst;
import com.google.common.util.concurrent.RateLimiter;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:cn/opencodes/framework/core/interceptor/MaliciousInterceptor.class */
public class MaliciousInterceptor extends HandlerInterceptorAdapter {
    private Logger logger = LoggerFactory.getLogger(getClass());
    private Map<String, String> tokenMap = new HashMap();
    private RateLimiter limiter;

    public MaliciousInterceptor(RateLimiter rateLimiter) {
        this.limiter = rateLimiter;
    }

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (obj instanceof HandlerMethod) {
            this.logger.debug("拦截URL：{}", WebUtils.getPathWithinApplication(httpServletRequest));
            if (doMalicious(httpServletRequest, ((HandlerMethod) obj).getMethod().getName(), WebUtils.getRequestToken(httpServletRequest))) {
                WebUtils.write(httpServletResponse, CoreConst.HttpStatus.ERROR.value(), "系统检测您的请求过于频繁，请稍后再试！");
                return false;
            }
        }
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }

    private boolean doMalicious(HttpServletRequest httpServletRequest, String str, String str2) {
        boolean z = false;
        String str3 = this.tokenMap.get(str2);
        if (StringUtils.isNotBlank(str3) && str3.equals(str) && !this.limiter.tryAcquire(1000L, TimeUnit.MILLISECONDS)) {
            z = true;
            saveMaliciousReqLog(httpServletRequest);
        }
        this.tokenMap.put(str2, str);
        return z;
    }

    private void saveMaliciousReqLog(HttpServletRequest httpServletRequest) {
        try {
            MaliciousLog maliciousLog = new MaliciousLog();
            maliciousLog.setUserAgent(WebUtils.analyticUserAgent(httpServletRequest).toString());
            maliciousLog.setUserName(WebUtils.getUser().getUsername());
            maliciousLog.setMethod(httpServletRequest.getMethod());
            maliciousLog.setRequestUrl(httpServletRequest.getServletPath());
            maliciousLog.setClientHost(WebUtils.getIpAddr());
            maliciousLog.setParameters(JsonUtils.toJson(httpServletRequest.getParameterMap()));
            maliciousLog.setCtime(new Date());
            maliciousLog.setTitle("恶意请求拦截");
            ((AlphaService) SpringUtils.getBean(AlphaService.class)).collect(maliciousLog, MaliciousLog.class);
        } catch (Exception e) {
            this.logger.error("日志恶意拦截器异常:", e);
        }
    }
}
