package com.el.common.security;

import com.el.common.AppPropKeys;
import com.el.common.ELConstant;
import com.el.common.ServiceSupport;
import com.el.common.SsoConstant;
import com.el.common.WebUtil;
import com.el.pay.ConstantsUtil;
import com.el.util.HttpUtils;
import com.el.util.SsoUtils;
import com.el.utils.AppProperties;
import com.el.utils.StringUtils;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Optional;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.RequestMethod;

/* loaded from: input_file:com/el/common/security/SecurityFilter.class */
public class SecurityFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);
    private static final String ORIGIN = "Origin";
    private static final String ACCEPT = "Accept";
    private static final String HEADER_ACCEPT = "accept";
    private static final String X_REQUSTED = "X-Requested-With";
    private static final String EL_AUTH_TOKEN = "el-auth-token";
    private static final String RESULT_TOKEN = "el-result-code";
    private static final String CONTENT_TYPE = "Content-Type";
    private static final String CACHE_CONTROL = "Cache-Control";
    private static final String CONTENT_DISPOSITION = "Content-disposition";
    private static final String SSO_TOKEN = "el-cid";
    private static final String HEADER_REFERER = "referer";
    private Set<String> noCheckPaths;
    private String loginUrl;
    private final String HTTP_ACAO = AppProperties.getProperty("httpACAO");

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletResponse.setHeader("Access-Control-Allow-Origin", "*".equals(this.HTTP_ACAO) ? httpServletRequest.getHeader("origin") : Optional.ofNullable(httpServletRequest.getHeader("origin")).isPresent() ? (String) Stream.of((Object[]) this.HTTP_ACAO.split(",")).filter(str -> {
            return Optional.ofNullable(httpServletRequest.getHeader("origin")).isPresent() && httpServletRequest.getHeader("origin").contains(str);
        }).collect(Collectors.joining()) : "");
        httpServletResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE");
        httpServletResponse.setHeader("Access-Control-Allow-Headers", (String) Stream.of((Object[]) new String[]{ORIGIN, ACCEPT, X_REQUSTED, CONTENT_TYPE, SSO_TOKEN, CACHE_CONTROL, "el-auth-token"}).collect(Collectors.joining(",")));
        httpServletResponse.setHeader("Access-Control-Expose-Headers", (String) Stream.of((Object[]) new String[]{X_REQUSTED, CONTENT_TYPE, RESULT_TOKEN, CONTENT_DISPOSITION}).collect(Collectors.joining(",")));
        httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
        int checkPath = RequestMethod.OPTIONS.toString().equals(httpServletRequest.getMethod()) ? 200 : checkPath(httpServletRequest);
        if (checkPath == 200) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        httpServletResponse.setStatus(checkPath);
        StringBuilder sb = new StringBuilder();
        String str2 = ConstantsUtil.UNKNOWN_SESSION;
        if (checkPath == 203) {
            str2 = "当前用户无权操作！";
        }
        servletResponse.setCharacterEncoding(ELConstant.CHARSET_NAME);
        String header = httpServletRequest.getHeader(HEADER_ACCEPT);
        String header2 = httpServletRequest.getHeader(X_REQUSTED);
        if ((header == null || !(header.contains(HttpUtils.JSON_INPUT) || header.contains("JSON"))) && (header2 == null || !header2.equalsIgnoreCase("XMLHttpRequest"))) {
            servletResponse.setContentType("text/html;charset=UTF-8");
            sb.append("<script type='text/javascript'>").append("alert('" + str2 + "');").append("window.top.location.href='" + this.loginUrl + "';").append("</script>");
        } else {
            servletResponse.setContentType("application/json;charset=UTF-8");
            sb.append("{\"message\":\"" + str2 + "\", \"success\":false, \"data\":{\"login\":\"" + this.loginUrl + "\"}}");
        }
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(sb.toString());
        writer.flush();
        writer.close();
    }

    private int checkPath(HttpServletRequest httpServletRequest) {
        String path = WebUtil.getPath(httpServletRequest);
        httpServletRequest.setAttribute("ref_path", path);
        if (this.noCheckPaths.contains(path) || path.indexOf("/clearCache.do") >= 0) {
            return 200;
        }
        Iterator<String> it = this.noCheckPaths.iterator();
        while (it.hasNext()) {
            if (path.indexOf(it.next()) >= 0) {
                return 200;
            }
        }
        String cid = SsoUtils.getCid(httpServletRequest);
        HttpSession session = httpServletRequest.getSession();
        if (!StringUtils.isEmpty(cid) && !ServiceSupport.getSsoClientBlh().checkUser(cid)) {
            SecuritySupport.removeFuncs(cid);
            session.removeAttribute(SsoConstant.SID);
            return 401;
        }
        if (StringUtils.isEmpty(cid)) {
            return 401;
        }
        if (!SecuritySupport.checkFunc(path, httpServletRequest.getHeader(HEADER_REFERER), httpServletRequest)) {
            return 203;
        }
        session.setAttribute(SsoConstant.SID, cid);
        return 200;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.loginUrl = AppProperties.getProperty(AppPropKeys.loginUrl);
        this.noCheckPaths = new HashSet();
        String property = AppProperties.getProperty(AppPropKeys.noCheckPaths);
        if (property == null || property.trim().length() <= 0) {
            return;
        }
        for (String str : property.split(",")) {
            if (str != null && str.trim().length() > 0) {
                this.noCheckPaths.add(str);
            }
        }
    }
}
