package com.esen.eacl.webinit;

import com.esen.eacl.Login;
import com.esen.eacl.WebUtils;
import com.esen.eacl.api.token.TokenLog;
import com.esen.eacl.api.token.TokenLogService;
import com.esen.eacl.log.token.ETokenModuleOperationRegistry;
import com.esen.eacl.token.InterfaceUrlSetsConfig;
import com.esen.eacl.token.SecretKeyService;
import com.esen.eacl.token.TokenConst;
import com.esen.eacl.token.TokenService;
import com.esen.eacl.token.TokenSignService;
import com.esen.eacl.token.business.TokenState;
import com.esen.eacl.token.entity.SecretKeyEntity;
import com.esen.eacl.token.entity.TokenEntity;
import com.esen.ecore.log.Operation;
import com.esen.eweb.result.RestResultInfo;
import com.esen.eweb.webinit.RefreshApplicationContextEvent;
import com.esen.util.ExceptionHandler;
import com.esen.util.StrFunc;
import com.esen.util.i18n.I18N;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.bind.annotation.RequestMethod;

@Configuration
/* loaded from: input_file:com/esen/eacl/webinit/FilterTokenCheck.class */
public class FilterTokenCheck implements Filter, RefreshApplicationContextEvent {
    public static final Logger logger = LoggerFactory.getLogger(FilterTokenCheck.class);
    private TokenService tokenService;
    private SecretKeyService secretKeyService;
    private InterfaceUrlSetsConfig freeLoginSets;
    private TokenLogService logService;
    private TokenSignService tokenSignService;

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void refreshContext(ApplicationContext applicationContext) {
        this.tokenService = (TokenService) applicationContext.getBean(TokenService.class);
        this.secretKeyService = (SecretKeyService) applicationContext.getBean(SecretKeyService.class);
        this.freeLoginSets = (InterfaceUrlSetsConfig) applicationContext.getBean(InterfaceUrlSetsConfig.class);
        this.logService = (TokenLogService) applicationContext.getBean(TokenLogService.class);
        this.tokenSignService = (TokenSignService) applicationContext.getBean(TokenSignService.class);
    }

    protected void checkTokenValid(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2, long j) throws Exception {
        if (StrFunc.isNull(str2)) {
            return;
        }
        String param = getParam(httpServletRequest, TokenConst.SIGN_PARAM);
        if (StrFunc.isNull(param)) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.webinit.filtertokencheck.noesensignparam", "没有esensign参数，无法正常使用esentoken免密访问。");
        }
        checkTokenParams(httpServletRequest, str, str2, param, j);
    }

    protected void checkTokenParams(HttpServletRequest httpServletRequest, String str, String str2, String str3, long j) throws Exception {
        String[] split = this.tokenSignService.decodeSign(str3).split(",");
        if (split.length == 1) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.webinit.filtertokencheck.esensigniserror", "esensign参数有误，无法正常使用esentoken免密访问。");
        }
        String str4 = split[0];
        String str5 = split[1];
        if (!StrFunc.compareStr(str2, str4) || str.indexOf(str5) == -1) {
            ExceptionHandler.throwRuntimeException("com.esen.eacl.webinit.filtertokencheck.thirdsystokenorsignerror", "第三方系统携带的esensign有误，无法正常免密访问。");
            return;
        }
        TokenState checkTokenValid = this.tokenService.checkTokenValid(str2, true);
        if (checkTokenValid != TokenState.STATE_SUC) {
            ExceptionHandler.throwRuntimeException(checkTokenValid.getKey(), checkTokenValid.getMessage());
        }
        TokenEntity find = this.tokenService.find(str2);
        Login login = WebUtils.getLogin(httpServletRequest);
        int type = find.getType();
        if (type == 1) {
            String userid = find.getUserid();
            if (login.isLogined() && StrFunc.compareStr(userid, login.getId())) {
                return;
            }
            login.loginWithOutPwd(userid);
            if (!login.isLogined()) {
                ExceptionHandler.throwRuntimeException("com.esen.eacl.webinit.filtertokencheck.loginusernouse", "使用系统用户[{0}]登录失败，请检查系统用户是否可用。", new Object[]{userid});
            }
            logInfo(j, ETokenModuleOperationRegistry.ETokenOperation.OP_USESYSTOKEN, I18N.getString("com.esen.eacl.webinit.filtertokencheck.usertokenaccess", "系统内携带令牌token免密访问系统", I18N.getDefaultLocale(), (Object[]) null), I18N.getString("com.esen.eacl.webinit.filtertokencheck.sysuserusertokenaccessdetail", "系统内用户名[{0}]使用令牌token进行免密访问。", I18N.getDefaultLocale(), new Object[]{userid}), str2, str);
        } else if (type == 2) {
            String str6 = split[2];
            String appid = find.getAppid();
            String param = getParam(httpServletRequest, "userid");
            if (StrFunc.isNull(param) || !StrFunc.compareStr(str6, param)) {
                ExceptionHandler.throwRuntimeException("com.esen.eacl.webinit.filtertokencheck.thirdsysuseriderror", "第三方系统没有携带userid参数或与签名用户不一致，免密访问失败。");
            }
            SecretKeyEntity find2 = this.secretKeyService.find(appid);
            if (find2 == null) {
                ExceptionHandler.throwRuntimeException("com.esen.eacl.webinit.filtertokencheck.thirdappidnoexistnouser", "第三方系统账号[{0}]不存在，无法正常使用该账号进行免密访问。", new Object[]{appid});
            }
            String freeLoginUrls = find2.getFreeLoginUrls();
            boolean z = true;
            if (!StrFunc.isNull(freeLoginUrls)) {
                String[] split2 = freeLoginUrls.split(",");
                int i = 0;
                int length = split2.length;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    if (this.freeLoginSets.getInterfaceUrlById(split2[i]).getUrl().indexOf(str) != -1) {
                        httpServletRequest.setAttribute(TokenConst.ISFREELOGIN, true);
                        z = false;
                        break;
                    }
                    i++;
                }
            }
            if (z) {
                login.loginWithOutPwd(str6);
                if (!login.isLogined()) {
                    ExceptionHandler.throwRuntimeException("com.esen.eacl.webinit.filtertokencheck.loginusernouse", "使用系统用户[{0}]登录失败，请检查系统用户是否可用。", new Object[]{param});
                }
            }
            logInfo(j, ETokenModuleOperationRegistry.ETokenOperation.OP_USETHIRDTOKEN, I18N.getString("com.esen.eacl.webinit.filtertokencheck.gaintokenaccess", "第三方携带令牌token免密访问系统", I18N.getDefaultLocale(), (Object[]) null), I18N.getString("com.esen.eacl.webinit.filtertokencheck.thirdgaintokenaccessdetail", "第三方系统账号[{0}]获取令牌token使用用户名[{1}]进行免密访问。", I18N.getDefaultLocale(), new Object[]{appid, str6}), str2, str);
        }
        httpServletRequest.setAttribute(TokenConst.ISSINGLEREQ, Boolean.valueOf(!find.isNeedSession()));
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        long currentTimeMillis = System.currentTimeMillis();
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI_withoutContextPath = WebUtils.getRequestURI_withoutContextPath(httpServletRequest);
        if (StrFunc.compareStr(requestURI_withoutContextPath, "/eweb/error.do")) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        try {
            checkTokenValid(httpServletRequest, httpServletResponse, requestURI_withoutContextPath, getParam(httpServletRequest, TokenConst.TOKEN_PARAM), currentTimeMillis);
        } catch (Exception e) {
            logError(currentTimeMillis, ETokenModuleOperationRegistry.ETokenOperation.OP_USETOKEN, I18N.getString("com.esen.eacl.webinit.filtertokencheck.tokenaccessfail", "携带令牌token免密访问系统失败。", I18N.getDefaultLocale(), (Object[]) null), I18N.getString("com.esen.eacl.webinit.filtertokencheck.tokenaccessfaildetail", "携带令牌token免密访问系统失败，原因如下：{0}", I18N.getDefaultLocale(), new Object[]{StrFunc.exception2DefaultLocalstr(e)}), null, requestURI_withoutContextPath, null);
            if (!StrFunc.compareStr(httpServletRequest.getMethod(), RequestMethod.GET.name())) {
                httpServletResponse.setContentType("text/plain; charset=UTF-8");
                RestResultInfo restResultInfo = new RestResultInfo();
                restResultInfo.setException(e);
                servletResponse.getWriter().write(restResultInfo.toJSONString());
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private String getParam(HttpServletRequest httpServletRequest, String str) {
        String header = httpServletRequest.getHeader(str);
        if (StrFunc.isNull(header)) {
            header = httpServletRequest.getParameter(str);
        }
        return header;
    }

    public void destroy() {
    }

    protected void logInfo(long j, Operation operation, String str, String str2, String str3, String str4) {
        TokenLog tokenLog = this.logService.createTokenLog().interfacePath(str4).token(str3);
        tokenLog.info().start(j).op(operation).desc(str).detail(str2).end();
        tokenLog.add();
    }

    protected void logError(long j, Operation operation, String str, String str2, String str3, String str4, Exception exc) {
        TokenLog tokenLog = this.logService.createTokenLog().interfacePath(str4).token(str3);
        tokenLog.error().start(j).op(operation).desc(str).detail(str2).exception(exc).end();
        tokenLog.add();
    }
}
