package com.yonyou.yht.web.cas;

import com.yonyou.yht.sdkutils.StringUtils;
import com.yonyou.yht.sdkutils.YhtClientPropertyUtil;
import com.yonyou.yht.web.cas.sso.SingleSignOutHandler;
import com.yonyou.yht.web.cas.util.SsoClientHelper;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.sf.json.JSONObject;
import org.jasig.cas.client.util.CommonUtils;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.TicketValidationException;
import org.jasig.cas.client.validation.TicketValidator;

/* loaded from: input_file:com/yonyou/yht/web/cas/TicketValidateFilter.class */
public class TicketValidateFilter extends ProxyReceivingTicketValidationFilter {
    private static final String YHT_LOGIN_CHECK_URI = "yhtssoticketvalidate";
    private static final String SUB_PATH = "subpath";
    private String isloginUrl;
    private TicketValidator myTicketValidator;
    private String myServerName;

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.yonyou.yht.web.cas.ProxyReceivingTicketValidationFilter
    public void initInternal(FilterConfig filterConfig) throws ServletException {
        String propertyByKey = YhtClientPropertyUtil.getPropertyByKey("servername");
        if (CommonUtils.isBlank(propertyByKey)) {
            propertyByKey = getPropertyFromInitParams(filterConfig, "serverName", null);
        }
        if (propertyByKey != null && propertyByKey.endsWith("/")) {
            propertyByKey = propertyByKey.substring(0, propertyByKey.length() - 1);
        }
        setServerName(propertyByKey);
        setMyServerName(propertyByKey);
        String propertyByKey2 = YhtClientPropertyUtil.getPropertyByKey(SUB_PATH);
        this.isloginUrl = propertyByKey;
        if (StringUtils.isNotBlank(propertyByKey2)) {
            this.isloginUrl += "/" + propertyByKey2;
        }
        this.isloginUrl += "/yhtssoticketvalidate";
        this.logger.debug("isloginUrl url:\"{}\"", this.isloginUrl);
        this.myTicketValidator = getTicketValidator(filterConfig);
        super.initInternal(filterConfig);
    }

    @Override // com.yonyou.yht.web.cas.ProxyReceivingTicketValidationFilter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        this.logger.debug("islogincheck filter url:\"{}\"", httpServletRequest.getRequestURL());
        if (!httpServletRequest.getRequestURI().endsWith(YHT_LOGIN_CHECK_URI)) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
        }
        String retrieveTicketFromRequest = retrieveTicketFromRequest(httpServletRequest);
        if (!CommonUtils.isNotBlank(retrieveTicketFromRequest)) {
            this.logger.info("not found Ticket in the url");
            returnValidateStatus(httpServletResponse, false);
            return;
        }
        this.logger.debug("Attempting to validate ticket: {}, {} ", retrieveTicketFromRequest, this.myTicketValidator);
        try {
            Assertion validate = this.myTicketValidator.validate(retrieveTicketFromRequest, computeServiceUrl(httpServletRequest, httpServletResponse));
            this.logger.debug("Successfully authenticated user: {}", validate.getPrincipal().getName());
            httpServletRequest.setAttribute("_const_cas_assertion_", validate);
            HttpSession session = httpServletRequest.getSession();
            if (session != null) {
                session.setAttribute("_const_cas_assertion_", validate);
            }
            super.createToken(retrieveTicketFromRequest, validate, httpServletResponse);
            super.saveAssertion(retrieveTicketFromRequest, validate);
            onSuccessfulValidation(httpServletRequest, httpServletResponse, validate);
            saveLoginInfo(retrieveTicketFromRequest, validate, httpServletRequest, httpServletResponse);
            returnValidateStatus(httpServletResponse, true);
        } catch (Exception e) {
            this.logger.error("Ticket Validate FilterError", e);
            returnValidateStatus(httpServletResponse, false);
        } catch (TicketValidationException e2) {
            returnValidateStatus(httpServletResponse, false);
        }
    }

    protected final String computeServiceUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        return SsoClientHelper.constructServiceUrl(httpServletRequest, httpServletResponse, null, AuthenticationFilter2.myServerName, getArtifactParameterName(), true);
    }

    public final void setMyServerName(String str) {
        if (str == null || !str.endsWith("/")) {
            this.myServerName = str;
        } else {
            this.myServerName = str.substring(0, str.length() - 1);
            this.logger.info("Eliminated extra slash from serverName [{}].  It is now [{}]", str, this.myServerName);
        }
    }

    private void returnValidateStatus(HttpServletResponse httpServletResponse, boolean z) throws IOException {
        httpServletResponse.setStatus(200);
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("needrelogin", Boolean.valueOf(!z));
        jSONObject.put("status", Boolean.valueOf(z));
        if (z) {
            jSONObject.put("msg", "Ticket合法，请直接前往目的URL");
        } else {
            jSONObject.put("msg", "Ticket校验失败");
        }
        jSONObject.put(SingleSignOutHandler.DEFAULT_REDIRECR_URL_NAME, this.isloginUrl);
        String jSONObject2 = jSONObject.toString();
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write(jSONObject2);
        writer.flush();
    }
}
