package com.fr.decision.webservice.v10.security;

import com.fr.decision.config.WatermarkConfig;
import com.fr.decision.record.OperateConstants;
import com.fr.decision.record.OperateMessage;
import com.fr.decision.security.WatermarkData;
import com.fr.decision.security.WatermarkTextType;
import com.fr.decision.security.WebSecurityContext;
import com.fr.decision.security.base.WatermarkNamespace;
import com.fr.decision.security.entity.BlockIpEntity;
import com.fr.decision.system.SystemContext;
import com.fr.decision.webservice.bean.security.AccessControlBean;
import com.fr.decision.webservice.bean.security.SecurityBean;
import com.fr.decision.webservice.bean.security.WatermarkBean;
import com.fr.decision.webservice.exception.security.ExistXssStringException;
import com.fr.decision.webservice.exception.security.WatermarkConfigOutOfRangeException;
import com.fr.intelli.record.MetricRegistry;
import com.fr.intelli.webservice.log.IntelliLogConstants;
import com.fr.log.FineLoggerFactory;
import com.fr.performance.memory.MemoryConstant;
import com.fr.security.WebSecurityConfig;
import com.fr.stable.query.data.DataList;
import com.fr.third.fasterxml.jackson.core.JsonProcessingException;
import com.fr.third.fasterxml.jackson.databind.ObjectMapper;
import com.fr.transaction.Configurations;
import com.fr.transaction.WorkerAdaptor;
import java.awt.Color;
import java.util.HashMap;
import java.util.Map;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:fine-decision-10.0.jar:com/fr/decision/webservice/v10/security/SecurityService.class */
public class SecurityService {
    private static volatile SecurityService instance;
    private static final int MIN_HORIZONTALGAP = 100;
    private static final int MIN_VERTICALGAP = 50;
    private static final Pattern SCRIPT_PATTERN = Pattern.compile(".*script>.*", 2);
    private static final Pattern EVAL_PATTERN = Pattern.compile(".*eval\\((.*?)\\).*", 42);
    private static final Pattern EXPRESSION_PATTERN = Pattern.compile(".*expression\\((.*?)\\).*", 42);
    private static final ObjectMapper objectMapper = new ObjectMapper();

    public static SecurityService getInstance() {
        if (instance == null) {
            synchronized (SecurityService.class) {
                if (instance == null) {
                    instance = new SecurityService();
                }
            }
        }
        return instance;
    }

    public SecurityBean getSecurityBean() {
        SecurityBean securityBean = new SecurityBean();
        securityBean.setSecurityCookieEnabled(WebSecurityConfig.getInstance().isSecurityCookieEnabled());
        securityBean.setHstsEnabled(WebSecurityConfig.getInstance().isHstsEnabled());
        securityBean.setFileVerificationEnabled(WebSecurityConfig.getInstance().isFileVerificationEnabled());
        securityBean.setRemoteEvaluateLimitEnabled(WebSecurityConfig.getInstance().isRemoteEvaluateLimitEnabled());
        securityBean.setHttpHeadersEnabled(WebSecurityConfig.getInstance().isHttpHeadersEnabled());
        securityBean.setContentSecurityPolicyEnabled(WebSecurityConfig.getInstance().isContentSecurityPolicyEnabled());
        securityBean.setContentTypeOptionsEnabled(WebSecurityConfig.getInstance().isContentTypeOptionsEnabled());
        securityBean.setCacheControlEnabled(WebSecurityConfig.getInstance().isCacheControlEnabled());
        securityBean.setFrameOptionsEnabled(WebSecurityConfig.getInstance().isFrameOptionsEnabled());
        securityBean.setXssProtectionEnabled(WebSecurityConfig.getInstance().isXssProtectionEnabled());
        securityBean.setSecuredResponse(WebSecurityConfig.getInstance().isSecuredResponse());
        return securityBean;
    }

    public void setSecurityBean(final SecurityBean securityBean) {
        Configurations.update(new WorkerAdaptor(WebSecurityConfig.class, new Class[0]) { // from class: com.fr.decision.webservice.v10.security.SecurityService.1
            @Override // com.fr.transaction.Worker
            public void run() {
                WebSecurityConfig.getInstance().setSecurityCookieEnabled(securityBean.isSecurityCookieEnabled());
                WebSecurityConfig.getInstance().setHstsEnabled(securityBean.isHstsEnabled());
                WebSecurityConfig.getInstance().setFileVerificationEnabled(securityBean.isFileVerificationEnabled());
                WebSecurityConfig.getInstance().setRemoteEvaluateLimitEnabled(securityBean.isRemoteEvaluateLimitEnabled());
                WebSecurityConfig.getInstance().setHttpHeadersEnabled(securityBean.isHttpHeadersEnabled());
                WebSecurityConfig.getInstance().setFrameOptionsEnabled(securityBean.isFrameOptionsEnabled());
                WebSecurityConfig.getInstance().setXssProtectionEnabled(securityBean.isXssProtectionEnabled());
                WebSecurityConfig.getInstance().setContentSecurityPolicyEnabled(securityBean.isContentSecurityPolicyEnabled());
                WebSecurityConfig.getInstance().setContentTypeOptionsEnabled(securityBean.isContentTypeOptionsEnabled());
                WebSecurityConfig.getInstance().isCacheControlEnabled(securityBean.isCacheControlEnabled());
                WebSecurityConfig.getInstance().setSecuredResponse(securityBean.isSecuredResponse());
            }
        });
    }

    public AccessControlBean getAccessControlBean() {
        AccessControlBean accessControlBean = new AccessControlBean();
        accessControlBean.setRateLimitCount(WebSecurityConfig.getInstance().getRateLimitCount());
        accessControlBean.setRateLimitUnitTime(WebSecurityConfig.getInstance().getRateLimitUnitTime());
        accessControlBean.setRateLimitEnabled(WebSecurityConfig.getInstance().getRateLimitEnabled());
        return accessControlBean;
    }

    public void setAccessControlBean(final AccessControlBean accessControlBean) {
        Configurations.update(new WorkerAdaptor(WebSecurityConfig.class, new Class[0]) { // from class: com.fr.decision.webservice.v10.security.SecurityService.2
            @Override // com.fr.transaction.Worker
            public void run() {
                WebSecurityConfig.getInstance().setRateLimitCount(accessControlBean.getRateLimitCount());
                WebSecurityConfig.getInstance().setRateLimitUnitTime(accessControlBean.getRateLimitUnitTime());
                WebSecurityConfig.getInstance().setRateLimitEnabled(accessControlBean.isRateLimitEnabled());
            }
        });
    }

    public Map<String, Object> getBlackIpList(int i, int i2) throws Exception {
        HashMap hashMap = new HashMap(i2);
        DataList<BlockIpEntity> blockIps = WebSecurityContext.getInstance().getBlockIps(i, i2);
        hashMap.put("items", blockIps.getList());
        hashMap.put(IntelliLogConstants.TOTAL, Long.valueOf(blockIps.getTotalCount()));
        hashMap.put("page", Integer.valueOf(i));
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public boolean deleteBlockIp(String str) throws Exception {
        BlockIpEntity blockIpEntity = (BlockIpEntity) SystemContext.getInstance().getBlockIpController().getById(str);
        SystemContext.getInstance().getBlockIpController().remove(str);
        WebSecurityContext.getInstance().removeBlockIp(blockIpEntity.getIp());
        return true;
    }

    public WatermarkBean getWatermarkBean() {
        WatermarkBean watermarkBean = new WatermarkBean();
        WatermarkData watermarkData = WatermarkConfig.getInstance().getWatermarkData();
        watermarkBean.setValid(WatermarkConfig.getInstance().isValid());
        watermarkBean.setColor(colorToString(watermarkData.getColor()));
        watermarkBean.setFontSize(watermarkData.getFontSize());
        watermarkBean.setText(watermarkData.getText());
        watermarkBean.setTextType(watermarkData.getTextType().value());
        watermarkBean.setHorizontalGap(watermarkData.getHorizontalGap());
        watermarkBean.setVerticalGap(watermarkData.getVerticalGap());
        return watermarkBean;
    }

    public void setWatermarkConfig(final WatermarkBean watermarkBean) {
        int horizontalGap = watermarkBean.getHorizontalGap();
        int verticalGap = watermarkBean.getVerticalGap();
        if (horizontalGap < 100 || verticalGap < 50) {
            throw new WatermarkConfigOutOfRangeException();
        }
        final WatermarkData watermarkData = new WatermarkData();
        watermarkData.setColor(new Color(Integer.parseInt(watermarkBean.getColor().substring(1), 16)));
        watermarkData.setFontSize(watermarkBean.getFontSize());
        watermarkData.setHorizontalGap(horizontalGap);
        watermarkData.setVerticalGap(verticalGap);
        WatermarkTextType parse = WatermarkTextType.parse(watermarkBean.getTextType());
        watermarkData.setTextType(parse);
        if (parse != WatermarkTextType.FORMULA) {
            watermarkData.setText(WatermarkConfig.getInstance().getWatermarkData().getText());
        } else {
            watermarkData.setText(watermarkBean.getText());
        }
        Configurations.update(new WorkerAdaptor(WatermarkConfig.class, new Class[0]) { // from class: com.fr.decision.webservice.v10.security.SecurityService.3
            @Override // com.fr.transaction.Worker
            public void run() {
                String str;
                if (watermarkBean.isValid() && watermarkBean.isValid() == WatermarkConfig.getInstance().isValid()) {
                    str = OperateConstants.UPDATE;
                } else {
                    str = watermarkBean.isValid() ? OperateConstants.OPEN : OperateConstants.CLOSE;
                }
                WatermarkConfig.getInstance().setValid(watermarkBean.isValid());
                WatermarkConfig.getInstance().setWatermarkData(watermarkData);
                String str2 = null;
                try {
                    str2 = SecurityService.objectMapper.writeValueAsString(watermarkBean);
                } catch (JsonProcessingException e) {
                    FineLoggerFactory.getLogger().error(e.getMessage());
                }
                MetricRegistry.getMetric().submit(OperateMessage.build("Dec-Management_Security", "Dec-Security_Global_Watermark", "Dec-Security_Global_Watermark", str, str2));
            }
        });
    }

    public WatermarkBean getParsedWatermarkBean(HttpServletRequest httpServletRequest) throws Exception {
        return parseWatermarkText(httpServletRequest, getWatermarkBean());
    }

    public WatermarkBean parseWatermarkText(HttpServletRequest httpServletRequest, WatermarkBean watermarkBean) throws Exception {
        checkXss(watermarkBean.getFieldValueString());
        watermarkBean.setText(WatermarkTextType.parse(watermarkBean.getTextType()).generateWaterMarkText(WatermarkNamespace.createCalculator(httpServletRequest), watermarkBean.getText()));
        return watermarkBean;
    }

    public static void checkXss(String str) throws Exception {
        String replaceAll = str.replaceAll(" ", "");
        if (SCRIPT_PATTERN.matcher(replaceAll).matches() || EVAL_PATTERN.matcher(replaceAll).matches() || EXPRESSION_PATTERN.matcher(replaceAll).matches()) {
            throw new ExistXssStringException();
        }
    }

    private String colorToString(Color color) {
        StringBuilder sb = new StringBuilder(Integer.toHexString(color.getRGB() & MemoryConstant.MEMORY_CHECK_COUNT_16MB));
        while (sb.length() < 6) {
            sb.insert(0, "0");
        }
        sb.insert(0, "#");
        return sb.toString();
    }
}
