package com.yyjz.icop.context.filter;

import com.alibaba.fastjson.JSONObject;
import com.yonyou.construction.icop.config.utils.IcopConfigUtils;
import com.yonyou.iuap.context.InvocationInfoProxy;
import com.yyjz.icop.util.ConfigUtils;
import java.io.IOException;
import java.util.HashMap;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.util.AntPathMatcher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.context.support.WebApplicationContextUtils;
import uap.web.utils.HttpTookit;

/* loaded from: input_file:com/yyjz/icop/context/filter/RestFulSecurityFilter.class */
public class RestFulSecurityFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(RestFulSecurityFilter.class);
    public static RedisTemplate<String, Object> redisTemplate;
    private static final String OPEN_API_ACCESS_TOKEN = "open_api_access_token:";
    private static final String PUB_BASEURL = "public.config.baseurl";
    private AntPathMatcher matcher = new AntPathMatcher();
    private final String REST_SECURITY_API_FILTER = "rest.security.api.url";
    private String[] includeUrls = null;

    public void init(FilterConfig filterConfig) throws ServletException {
        try {
            String propertyByKey = getPropertyByKey("rest.security.api.url");
            if (StringUtils.isNotBlank(propertyByKey)) {
                this.includeUrls = propertyByKey.split(",");
            }
            redisTemplate = (RedisTemplate) WebApplicationContextUtils.getWebApplicationContext(filterConfig.getServletContext()).getBean("redisTemplate", RedisTemplate.class);
        } catch (Exception e) {
            logger.info("初始化 redisTemplate 异常!");
            e.printStackTrace();
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        CustomHttpServletRequest customHttpServletRequest = new CustomHttpServletRequest(httpServletRequest);
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        boolean z = false;
        if (this.includeUrls != null && this.includeUrls.length > 0) {
            String[] strArr = this.includeUrls;
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (this.matcher.matchStart(strArr[i], customHttpServletRequest.getServletPath())) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        if (!z) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String header = httpServletRequest.getHeader("access_token");
        if (StringUtils.isBlank(header)) {
            header = httpServletRequest.getParameter("access_token");
        }
        if (StringUtils.isBlank(header)) {
            httpServletResponse.setStatus(400);
            httpServletResponse.addHeader("restful validate error", " 400 , Method Not Allowed,please check restful called paramters ! ");
            httpServletResponse.getWriter().write("Method Not Allowed,please check restful called paramters !");
            return;
        }
        String str = (String) redisTemplate.opsForValue().get(OPEN_API_ACCESS_TOKEN + header);
        if (StringUtils.isBlank(str)) {
            httpServletResponse.setStatus(400);
            httpServletResponse.addHeader("restful validate error", " 400 , Method Not Allowed,access_token is expired ! ");
            httpServletResponse.getWriter().write("Method Not Allowed,access_token is expired !");
            return;
        }
        JSONObject parseObject = JSONObject.parseObject(str);
        String string = parseObject.getString("tenant_id");
        String string2 = parseObject.getString("include_urls");
        String[] strArr2 = null;
        if (StringUtils.isNotBlank(string2)) {
            strArr2 = string2.split(",");
        }
        boolean z2 = false;
        if (strArr2 != null && strArr2.length > 0) {
            String[] strArr3 = strArr2;
            int length2 = strArr3.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length2) {
                    break;
                }
                if (this.matcher.matchStart(strArr3[i2], customHttpServletRequest.getServletPath())) {
                    z2 = true;
                    break;
                }
                i2++;
            }
        }
        if (!z2) {
            httpServletResponse.setStatus(400);
            httpServletResponse.addHeader("restful validate error", " 400 , Method Not Allowed,secret invalid ! ");
            httpServletResponse.getWriter().write("Method Not Allowed,secret invalid !");
            return;
        }
        HashMap hashMap = new HashMap();
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("tenantId", string);
        JSONObject parseObject2 = JSONObject.parseObject(HttpTookit.doPostWithJson("public.config.baseurl/icop-usercenter-web/initcontext/loginAndValidation", jSONObject.toJSONString(), hashMap));
        if ("0".equals(parseObject2.getJSONObject("userValidate").getString("status"))) {
            InvocationInfoProxy.reset();
            httpServletResponse.setStatus(400);
            httpServletResponse.addHeader("restful validate error", " 400 , Method Not Allowed,UserContext init error ! ");
            httpServletResponse.getWriter().write("Method Not Allowed,UserContext init error !");
            return;
        }
        JSONObject jSONObject2 = parseObject2.getJSONObject("authority");
        String string3 = parseObject2.getString("authentication");
        String string4 = jSONObject2.getString("token");
        String string5 = jSONObject2.getString("tenantid");
        InvocationInfoProxy.setUserid(jSONObject2.getString("userId"));
        InvocationInfoProxy.setToken(string4);
        InvocationInfoProxy.setTenantid(string5);
        InvocationInfoProxy.setParameter("authority", string3);
        customHttpServletRequest.putHeader("authority", string3);
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    public String getPropertyByKey(String str) {
        String str2 = null;
        try {
            str2 = IcopConfigUtils.getFromServer().getProperty(str);
        } catch (Exception e) {
        }
        if (org.apache.commons.lang.StringUtils.isBlank(str2)) {
            str2 = ConfigUtils.getPropertyByKey(str);
        }
        return str2;
    }
}
