package com.ai.appframe2.web.sso;

import com.ai.appframe2.common.AIConfigManager;
import com.ai.appframe2.common.DBGridInterface;
import com.ai.appframe2.common.SessionManager;
import com.ai.appframe2.mongodb.MongoDBConstants;
import com.ai.appframe2.privilege.IUrlPermissionSRV;
import com.ai.appframe2.privilege.UserInfoInterface;
import com.ai.appframe2.service.ServiceFactory;
import com.ai.appframe2.util.ResourceUtil;
import com.ai.appframe2.util.locale.AppframeLocaleFactory;
import com.ai.appframe2.web.BaseServer;
import java.io.IOException;
import java.lang.reflect.Field;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.regexp.RE;

/* loaded from: input_file:com/ai/appframe2/web/sso/SSOFilterForAuthServer.class */
public class SSOFilterForAuthServer implements Filter {
    private static transient Log log = LogFactory.getLog(SSOFilterForAuthServer.class);
    private static boolean IS_TOMCAT = true;
    public String AUTH_SERVER_LOGIN_URL;
    public String SERVER_DOMAIN_ID;
    public String CLIENT_NAME;
    private String urlPermissionSrvName;
    private static final String SSO_AUTH_ID = "_AUTHID";
    public boolean isAuthServer = false;
    private boolean is_session_check = false;
    private boolean is_url_check = false;
    private final String UNCHECK_URLS = "APPFRAME_LOGINFILTER_UNCHECK_URLS";
    private final String USER_VALID_URLS = "APPFRAME_LOGINFILTER_USER_VALID_URLS";
    private final String APPFRAME_LOGIN_URL = "APPFRAME_LOGIN_URL_CACHE";
    private IUrlPermissionSRV permissionSrv = null;
    private String SERVER_SESSION_NAME = DBGridInterface.DBGRID_DSDefaultDisplayValue;
    private boolean isInitial = false;

    public void init(FilterConfig filterConfig) throws ServletException {
        try {
            String servletContextName = filterConfig.getServletContext().getServletContextName();
            this.AUTH_SERVER_LOGIN_URL = filterConfig.getInitParameter("AUTH_SERVER_LOGIN_URL");
            log.info(AppframeLocaleFactory.getResource("com.ai.appframe2.web.sso.SSOFilterForAuthServer.login_url", new String[]{this.AUTH_SERVER_LOGIN_URL}));
            this.SERVER_DOMAIN_ID = AIConfigManager.getConfigItem("DomainName");
            String initParameter = filterConfig.getInitParameter("ISAUTH_SERVER");
            if (initParameter != null) {
                this.isAuthServer = Boolean.valueOf(initParameter).booleanValue();
            }
            log.info(AppframeLocaleFactory.getResource("com.ai.appframe2.web.sso.SSOFilterForAuthServer.is_authentication", new String[]{String.valueOf(this.isAuthServer)}));
            String configItem = AIConfigManager.getConfigItem(AIConfigManager.ITEM_IS_LOGIN_CHECK_FLAG);
            if (configItem != null && configItem.equalsIgnoreCase("Y")) {
                this.is_session_check = true;
            }
            String configItem2 = AIConfigManager.getConfigItem(AIConfigManager.ITEM_IS_URL_CHECK_FLAG);
            if (configItem2 != null && "Y".equalsIgnoreCase(configItem2)) {
                this.is_url_check = true;
                this.urlPermissionSrvName = AIConfigManager.getConfigItem(AIConfigManager.ITEM_URL_PERMISSION_SERVICE_SRV_NAME);
            }
            List unCheckUrl = getUnCheckUrl();
            SessionManager.getCacheManager().put("APPFRAME_LOGIN_URL_CACHE", "APPFRAME_LOGINFILTER_UNCHECK_URLS", unCheckUrl);
            if (StringUtils.isNotBlank(this.urlPermissionSrvName) && this.is_url_check) {
                this.permissionSrv = (IUrlPermissionSRV) ServiceFactory.getService(this.urlPermissionSrvName);
                String[] allUncheckUrls = this.permissionSrv.getAllUncheckUrls();
                if (allUncheckUrls != null && allUncheckUrls.length > 0) {
                    for (int i = 0; i < allUncheckUrls.length; i++) {
                        if (StringUtils.isNotBlank(allUncheckUrls[i])) {
                            unCheckUrl.add(tranformCond2RegExp((servletContextName + allUncheckUrls[i]).toUpperCase()));
                        }
                    }
                }
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    /*  JADX ERROR: NullPointerException in pass: RegionMakerVisitor
        java.lang.NullPointerException
        */
    public void doFilter(javax.servlet.ServletRequest r8, javax.servlet.ServletResponse r9, javax.servlet.FilterChain r10) throws java.io.IOException, javax.servlet.ServletException {
        /*
            Method dump skipped, instructions count: 675
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ai.appframe2.web.sso.SSOFilterForAuthServer.doFilter(javax.servlet.ServletRequest, javax.servlet.ServletResponse, javax.servlet.FilterChain):void");
    }

    private void logoutUsr(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if ("XMLHTTP".equalsIgnoreCase(httpServletRequest.getParameter("url_source"))) {
            httpServletResponse.getWriter().write(BaseServer.WBS_LOGINOUT_FLAG);
        } else if (this.isAuthServer) {
            httpServletResponse.sendRedirect(BaseServer.getLoginHTML());
        } else {
            httpServletResponse.sendRedirect(this.AUTH_SERVER_LOGIN_URL + "?goto=" + httpServletRequest.getRequestURL().toString());
        }
    }

    private AuthInfo getAuthInfo(HttpServletRequest httpServletRequest) throws IOException {
        String sSOCookieValue = AuthInfoManager.getSSOCookieValue(httpServletRequest);
        AuthInfo authInfo = null;
        if (sSOCookieValue != null) {
            authInfo = AuthInfoManager.SSOService(sSOCookieValue, this.isAuthServer, this.CLIENT_NAME);
        }
        return authInfo;
    }

    public List getUnCheckUrl() throws Exception {
        ArrayList arrayList = new ArrayList();
        for (String str : ResourceUtil.loadPropertiesConfigurationFromClassPath("sso.properties").getString("UnCheckURLs").split(";")) {
            arrayList.add(tranformCond2RegExp(str));
        }
        return arrayList;
    }

    public boolean isUnCheckUrl(String str) {
        List list = (List) SessionManager.getCacheManager().get("APPFRAME_LOGIN_URL_CACHE", "APPFRAME_LOGINFILTER_UNCHECK_URLS");
        for (int i = 0; i < list.size(); i++) {
            if (((RE) list.get(i)).match(str)) {
                return true;
            }
        }
        return false;
    }

    public boolean judgeIsValidPage(UserInfoInterface userInfoInterface, String str) throws Exception {
        if (!this.is_url_check || this.permissionSrv == null) {
            return true;
        }
        List list = (List) SessionManager.getCacheManager().get("APPFRAME_LOGIN_URL_CACHE", "APPFRAME_LOGINFILTER_USER_VALID_URLS" + userInfoInterface.getID());
        if (list == null) {
            list = new ArrayList();
            String[] validUrls = this.permissionSrv.getValidUrls(userInfoInterface, userInfoInterface.getDomainId());
            if (validUrls != null) {
                for (String str2 : validUrls) {
                    list.add(tranformCond2RegExp((SessionManager.getContextName() + str2).toUpperCase()));
                }
            }
            SessionManager.getCacheManager().put("APPFRAME_LOGIN_URL_CACHE", "APPFRAME_LOGINFILTER_USER_VALID_URLS" + userInfoInterface.getID(), list);
        }
        for (int i = 0; i < list.size(); i++) {
            if (((RE) list.get(i)).match(str)) {
                return true;
            }
        }
        return false;
    }

    public void destroy() {
    }

    private RE tranformCond2RegExp(String str) {
        return new RE(StringUtils.replace(StringUtils.replace(str, MongoDBConstants.SqlConstants.DOT, "\\."), "*", ".*") + "\\b");
    }

    private static void fillUserInfo(AuthInfo authInfo, UserInfoInterface userInfoInterface, String str) {
        try {
            if (StringUtils.isNotEmpty(authInfo.userAttrs)) {
                for (String str2 : authInfo.userAttrs.split("&")) {
                    String[] split = str2.split(MongoDBConstants.QueryKeys.EQUAL);
                    if (split.length == 2) {
                        userInfoInterface.set(split[0], split[1]);
                    }
                }
            }
            userInfoInterface.setLoginTime(new Timestamp(authInfo.loginTime));
            userInfoInterface.setSessionID(SessionManager.getRequest().getSession().getId());
            userInfoInterface.set(SSO_AUTH_ID, str);
        } catch (Exception e) {
            log.error(AppframeLocaleFactory.getResource("com.ai.appframe2.web.sso.SSOFilterForAuthServer.set_user_info"), e);
            throw new RuntimeException(e);
        }
    }

    public void resetSessionId(HttpServletRequest httpServletRequest, String str) {
        if (IS_TOMCAT) {
            try {
                Field declaredField = httpServletRequest.getClass().getClassLoader().loadClass("org.apache.catalina.connector.RequestFacade").getDeclaredField("request");
                declaredField.setAccessible(true);
                httpServletRequest.getClass().getClassLoader().loadClass("org.apache.catalina.connector.HttpRequestBase").getMethod("setRequestedSessionId", String.class).invoke(declaredField.get(httpServletRequest), str);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }
}
