package com.iflytek.sc.ssp.uc.client.filter;

import com.iflytek.sc.ssp.uc.client.constant.UCConstant;
import com.iflytek.sc.ssp.uc.client.context.UCCasServiceContext;
import com.iflytek.sc.ssp.uc.client.util.RegexUrlPathMatcher;
import com.iflytek.sc.ssp.uc.client.util.UrlMatcher;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.util.InvalidPropertiesFormatException;
import java.util.LinkedHashSet;
import java.util.Properties;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;
import org.jasig.cas.client.authentication.Saml11AuthenticationFilter;
import org.jasig.cas.client.session.SingleSignOutFilter;
import org.jasig.cas.client.util.AbstractConfigurationFilter;
import org.jasig.cas.client.util.AssertionThreadLocalFilter;
import org.jasig.cas.client.util.HttpServletRequestWrapperFilter;
import org.jasig.cas.client.validation.Saml11TicketValidationFilter;
import org.jasig.cas.client.validation.Saml11TicketValidator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/iflytek/sc/ssp/uc/client/filter/Saml11FilterChainProxy.class */
public class Saml11FilterChainProxy extends AbstractConfigurationFilter {
    private Filter[] filters;
    private UCConstant ucConstant;
    private String casAuthAjaxContext;
    Logger logger = LoggerFactory.getLogger(Saml11FilterChainProxy.class);
    private UrlMatcher urlMatcher = new RegexUrlPathMatcher();
    private int sessionTimeOut = 30;

    public void destroy() {
        for (int i = 0; i < this.filters.length; i++) {
            if (this.filters[i] != null) {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Destroying Filter defined in ApplicationContext: '" + this.filters[i].toString() + "'");
                }
                this.filters[i].destroy();
            }
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        this.logger.debug("进入FilterChainProxy进行拦截...");
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpSession session = httpServletRequest.getSession(false);
        if (session != null && this.sessionTimeOut > 0) {
            session.setMaxInactiveInterval(this.sessionTimeOut * 60);
        }
        if (servletResponse instanceof HttpServletResponse) {
            ((HttpServletResponse) servletResponse).setHeader("P3P", "CP=CAO PSA OUR IDC DSP COR ADM DEVi TAIi PSD IVAi IVDi CONi HIS IND CNT");
        }
        String parameter = servletRequest.getParameter("ticket");
        if (!isResource(httpServletRequest.getServletPath()) && StringUtils.isBlank(parameter)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        FilterInvocation filterInvocation = new FilterInvocation(servletRequest, servletResponse, filterChain);
        if (this.filters.length != 0) {
            new VirtualFilterChain(filterInvocation, this.filters).doFilter(filterInvocation.getRequest(), filterInvocation.getResponse());
            return;
        }
        if (this.logger.isDebugEnabled()) {
            this.logger.debug(filterInvocation.getRequestUrl() + " has an empty filter list");
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private boolean isResource(String str) {
        if (StringUtils.isNotBlank(this.ucConstant.getNoAuthorizationUrls())) {
            for (String str2 : StringUtils.split(this.ucConstant.getNoAuthorizationUrls(), ",")) {
                if (this.urlMatcher.pathMatchesUrl(this.urlMatcher.compile(str2), str)) {
                    return false;
                }
            }
        }
        if (!StringUtils.isNotBlank(this.ucConstant.getAuthorizationUrls())) {
            return false;
        }
        for (String str3 : StringUtils.split(this.ucConstant.getAuthorizationUrls(), ",")) {
            if (this.urlMatcher.pathMatchesUrl(this.urlMatcher.compile(str3), str)) {
                return true;
            }
        }
        return false;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        Properties properties = new Properties();
        Properties properties2 = new Properties();
        UCConstant uCConstant = new UCConstant();
        String initParameter = filterConfig.getInitParameter("uc-config");
        String initParameter2 = filterConfig.getInitParameter("moduleName");
        String initParameter3 = filterConfig.getInitParameter("timeOut");
        if (StringUtils.isNumeric(initParameter3)) {
            this.sessionTimeOut = Integer.parseInt(initParameter3);
        }
        if (StringUtils.isNotBlank(initParameter)) {
            try {
                if (initParameter.endsWith("xml")) {
                    properties.loadFromXML(new FileInputStream(initParameter));
                } else if (initParameter.endsWith("properties")) {
                    this.logger.debug("ucConfig" + initParameter);
                    properties.load(new FileInputStream(initParameter));
                } else {
                    String str = System.getenv(initParameter);
                    String str2 = str + "/" + initParameter2 + "/uc-client.properties";
                    this.logger.debug("configFilePath=" + str2);
                    properties.load(new FileInputStream(str2));
                    String str3 = str + "/uc-common/uc-common.properties";
                    this.logger.debug("configFilePath=" + str3);
                    properties2.load(new FileInputStream(str3));
                }
            } catch (FileNotFoundException e) {
                this.logger.warn("外部配置文件不存在:{}", initParameter);
            } catch (InvalidPropertiesFormatException e2) {
                this.logger.warn("外部配置文件格式错误:{}", initParameter);
            } catch (IOException e3) {
                this.logger.warn("外部配置文件读取错误:{}", initParameter);
            }
        }
        if (properties.isEmpty()) {
            URL resource = getClass().getClassLoader().getResource("/config/uc-client.xml");
            if (resource != null) {
                try {
                    properties.loadFromXML(new FileInputStream(resource.getFile()));
                } catch (FileNotFoundException e4) {
                    this.logger.warn("类路径中配置文件不存在：uc-client.xml");
                } catch (InvalidPropertiesFormatException e5) {
                    this.logger.warn("类路径中配置文件格式错误：uc-client.xml");
                } catch (IOException e6) {
                    this.logger.warn("类路径中配置文件读取错误：uc-client.xml");
                } catch (Exception e7) {
                    this.logger.warn("类路径中配置文件读取错误：uc-client.xml");
                }
            }
        }
        if (properties.isEmpty()) {
            URL resource2 = getClass().getClassLoader().getResource("/config/uc-client.properties");
            if (resource2 != null) {
                try {
                    properties.load(new FileInputStream(resource2.getFile()));
                } catch (FileNotFoundException e8) {
                    this.logger.warn("类路径中配置文件不存在:uc-client.properties");
                } catch (InvalidPropertiesFormatException e9) {
                    this.logger.warn("类路径中配置文件格式错误:uc-client.properties");
                } catch (IOException e10) {
                    this.logger.warn("类路径中配置文件读取错误:uc-client.properties");
                } catch (Exception e11) {
                    this.logger.warn("类路径中配置文件读取错误:uc-client.properties");
                }
            }
        }
        if (properties.isEmpty()) {
            this.logger.error("uc-client配置文件加载失败！");
        }
        uCConstant.setAppCode(properties.getProperty("uccp.client.appCode"));
        uCConstant.setAppSecret(properties.getProperty("uccp.client.appSecret"));
        uCConstant.setCasClientContext(properties.getProperty("cas.client.context"));
        uCConstant.setCasContext(properties.getProperty("cas.context"));
        uCConstant.setCasValidContext(properties.getProperty("cas.valid.context"));
        uCConstant.setCasContextLogin(properties.getProperty("cas.context.login", "/login"));
        uCConstant.setCasContextLogout(properties.getProperty("cas.context.logout", "/logout"));
        uCConstant.setAuthorizationUrls(properties.getProperty("uccp.authorizationUrls"));
        uCConstant.setNoAuthorizationUrls(properties.getProperty("uccp.noAuthorizationUrls"));
        uCConstant.setResturl(properties.getProperty("uccp.service.url"));
        UCCasServiceContext.init(uCConstant);
        this.ucConstant = uCConstant;
        this.casAuthAjaxContext = filterConfig.getInitParameter("casAuthAjaxContext");
        this.filters = obtainAllDefinedFilters(uCConstant);
        for (int i = 0; i < this.filters.length; i++) {
            if (this.filters[i] != null) {
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug("Initializing Filter defined in ApplicationContext: '" + this.filters[i].toString() + "'");
                }
                this.filters[i].init(filterConfig);
            }
        }
    }

    private Filter[] obtainAllDefinedFilters(UCConstant uCConstant) {
        LinkedHashSet linkedHashSet = new LinkedHashSet();
        SingleSignOutFilter singleSignOutFilter = new SingleSignOutFilter();
        singleSignOutFilter.setCasServerUrlPrefix(uCConstant.getCasContext());
        singleSignOutFilter.setIgnoreInitConfiguration(true);
        linkedHashSet.add(singleSignOutFilter);
        Saml11AuthenticationFilter saml11AuthenticationFilter = new Saml11AuthenticationFilter();
        saml11AuthenticationFilter.setCasServerLoginUrl(uCConstant.getCasContext() + uCConstant.getCasContextLogin());
        saml11AuthenticationFilter.setServerName(uCConstant.getCasClientContext());
        saml11AuthenticationFilter.setIgnoreInitConfiguration(true);
        linkedHashSet.add(saml11AuthenticationFilter);
        Saml11TicketValidationFilter saml11TicketValidationFilter = new Saml11TicketValidationFilter();
        saml11TicketValidationFilter.setUseSession(true);
        saml11TicketValidationFilter.setServerName(uCConstant.getCasClientContext());
        saml11TicketValidationFilter.setRedirectAfterValidation(true);
        saml11TicketValidationFilter.setIgnoreInitConfiguration(true);
        Saml11TicketValidator saml11TicketValidator = StringUtils.isNotBlank(uCConstant.getCasValidContext()) ? new Saml11TicketValidator(uCConstant.getCasValidContext()) : new Saml11TicketValidator(uCConstant.getCasContext());
        saml11TicketValidator.setTolerance(300000L);
        saml11TicketValidationFilter.setTicketValidator(saml11TicketValidator);
        linkedHashSet.add(saml11TicketValidationFilter);
        linkedHashSet.add(new AssertionThreadLocalFilter());
        linkedHashSet.add(new HttpServletRequestWrapperFilter());
        return (Filter[]) linkedHashSet.toArray(new Filter[0]);
    }

    public UCConstant getUCConstant() {
        return this.ucConstant;
    }

    public void setUaacConstant(UCConstant uCConstant) {
        this.ucConstant = uCConstant;
        UCCasServiceContext.init(uCConstant);
        this.filters = obtainAllDefinedFilters(uCConstant);
    }
}
