package cn.gtmap.realestate.supervise.service;

import cn.gtmap.realestate.supervise.constant.Constant;
import cn.gtmap.realestate.supervise.service.impl.SecuritySSOHandleServiceImpl;
import cn.gtmap.realestate.supervise.utils.AESSecutiryUtil;
import cn.gtmap.realestate.supervise.utils.IpUtil;
import cn.gtmap.realestate.supervise.utils.OperationalLogUtil;
import com.gtis.config.AppConfig;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:cn/gtmap/realestate/supervise/service/SecurityUrlCheckFilter.class */
public class SecurityUrlCheckFilter implements Filter {
    private String excludedPages;
    private String[] excludedPageArray;
    private String includedPages;
    private String[] includedPageArray;
    private SecuritySSOHandleService securitySSOHandleService = new SecuritySSOHandleServiceImpl();
    private String SSOLoginPage = AppConfig.getProperty("portal.url") + "/loginPage";
    private String noPermissionPage = AppConfig.getProperty("portal.url") + "/401";
    private String otherPortalUrl = AppConfig.getProperty("other.portal.url");

    public void init(FilterConfig filterConfig) throws ServletException {
        this.excludedPages = filterConfig.getInitParameter("excludedPages");
        if (StringUtils.isNotEmpty(this.excludedPages)) {
            this.excludedPageArray = this.excludedPages.split(",");
        }
        if (this.excludedPageArray != null && this.excludedPageArray.length != 0) {
            for (int i = 0; i < this.excludedPageArray.length; i++) {
                this.excludedPageArray[i] = StringUtils.trim(this.excludedPageArray[i]);
            }
        }
        this.includedPages = filterConfig.getInitParameter("includedPages");
        if (StringUtils.isNotEmpty(this.includedPages)) {
            this.includedPageArray = this.includedPages.split(",");
        }
        if (this.includedPageArray == null || this.includedPageArray.length == 0) {
            return;
        }
        for (int i2 = 0; i2 < this.includedPageArray.length; i2++) {
            this.includedPageArray[i2] = StringUtils.trim(this.includedPageArray[i2]);
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String servletPath = httpServletRequest.getServletPath();
        String substring = StringUtils.substring(httpServletRequest.getContextPath(), 1);
        boolean z = false;
        if (this.includedPageArray != null && this.includedPageArray.length > 0) {
            z = true;
            String[] strArr = this.includedPageArray;
            int length = strArr.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (validUrl(servletPath, strArr[i])) {
                    z = false;
                    break;
                }
                i++;
            }
        }
        if (this.excludedPageArray != null && this.excludedPageArray.length > 0) {
            String[] strArr2 = this.excludedPageArray;
            int length2 = strArr2.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length2) {
                    break;
                }
                if (validUrl(servletPath, strArr2[i2])) {
                    z = true;
                    break;
                }
                i2++;
            }
        }
        if (z) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String property = AppConfig.getProperty("platform.cookiename");
        Cookie[] cookies = httpServletRequest.getCookies();
        boolean z2 = false;
        if (cookies != null) {
            for (int i3 = 0; i3 < cookies.length; i3++) {
                if (cookies[i3].getName().equals(property)) {
                    String value = cookies[i3].getValue();
                    String ipAddr = IpUtil.getIpAddr(httpServletRequest);
                    String[] split = value.split("ip");
                    if (split.length == 2 && StringUtils.equals(ipAddr, AESSecutiryUtil.decrypt(split[1]))) {
                        if (null == this.securitySSOHandleService.validUser(value)) {
                            if (StringUtils.isNotBlank(this.otherPortalUrl)) {
                                httpServletResponse.sendRedirect(this.otherPortalUrl);
                            } else {
                                httpServletResponse.sendRedirect(this.SSOLoginPage);
                            }
                        } else if (this.securitySSOHandleService.validResource(servletPath, value, substring)) {
                            filterChain.doFilter(servletRequest, servletResponse);
                        } else {
                            OperationalLogUtil.log(httpServletRequest, "9", "无权访问:" + servletPath, Constant.PORTAL);
                            httpServletResponse.sendRedirect(this.noPermissionPage);
                        }
                    }
                    z2 = true;
                }
            }
        }
        if (z2) {
            return;
        }
        httpServletResponse.sendRedirect(this.SSOLoginPage);
    }

    private boolean validUrl(String str, String str2) {
        if (str2.endsWith("/*") || str2.endsWith("/**")) {
            str2 = str2.replace("*", "");
        }
        return str.startsWith(str2) || StringUtils.equals(str, str2.substring(0, str2.length() - 1));
    }

    public void destroy() {
    }
}
