package com.seeyon.ctp.common.spring;

import com.seeyon.ctp.common.AppContext;
import com.seeyon.ctp.common.GlobalNames;
import com.seeyon.ctp.common.ServerState;
import com.seeyon.ctp.common.SystemEnvironment;
import com.seeyon.ctp.common.aspect.AspectAnnotationAware;
import com.seeyon.ctp.common.authenticate.domain.User;
import com.seeyon.ctp.common.code.EnumsConfigLoader;
import com.seeyon.ctp.common.constants.Constants;
import com.seeyon.ctp.common.constants.SystemProperties;
import com.seeyon.ctp.common.exceptions.BusinessException;
import com.seeyon.ctp.common.exceptions.InfrastructureException;
import com.seeyon.ctp.common.i18n.ResourceUtil;
import com.seeyon.ctp.common.lbs.paramters.AttendanceParamKeyConstant;
import com.seeyon.ctp.common.security.SecurityHelper;
import com.seeyon.ctp.common.service.AjaxController;
import com.seeyon.ctp.common.service.NeedlessCheckLoginAnnotationAware;
import com.seeyon.ctp.common.web.util.WebUtil;
import com.seeyon.ctp.login.CurrentUserToSeeyonApp;
import com.seeyon.ctp.login.online.OnlineManager;
import com.seeyon.ctp.monitor.perfmon.PerfLogConfig;
import com.seeyon.ctp.monitor.perfmon.PerfmonMisc;
import com.seeyon.ctp.services.security.CtpSecurityService;
import com.seeyon.ctp.thread.monitor.ThreadMonitor;
import com.seeyon.ctp.util.Cookies;
import com.seeyon.ctp.util.StringUtil;
import com.seeyon.ctp.util.Strings;
import com.seeyon.ctp.util.UUIDLong;
import com.seeyon.ctp.util.ZipUtil;
import com.seeyon.ctp.util.cache.CachePojoManager;
import com.seeyon.ctp.util.json.JsonErrorObject;
import com.seeyon.ctp.util.json.mapper.JSONMapper;
import java.io.PrintWriter;
import java.lang.reflect.Proxy;
import java.net.URLEncoder;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.log4j.Logger;
import org.springframework.aop.framework.AdvisedSupport;
import org.springframework.beans.DirectFieldAccessor;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:com/seeyon/ctp/common/spring/CTPHandlerInterceptor.class */
public class CTPHandlerInterceptor extends HandlerInterceptorAdapter {
    private CtpSecurityService ctpSecurityService;
    private static final String JSON_PARAMS_KEY = "_json_params";
    private static final String DIGEST_PARAMS_KEY = "v";
    private OnlineManager onlineManager;
    private static final String ADVISED_FIELD_NAME = "advised";
    private static final Log logc = LogFactory.getLog(CTPHandlerInterceptor.class);
    private static final Log logCapability = LogFactory.getLog("capability");
    private static ThreadLocal<Long> startTime = new ThreadLocal<>();
    private static ThreadLocal<String> methodTL = new ThreadLocal<>();
    private static final Logger LOGGER = Logger.getLogger(CTPHandlerInterceptor.class);

    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        startTime.set(Long.valueOf(System.currentTimeMillis()));
        PerfmonMisc.setUuid(String.valueOf(UUIDLong.longUUID()));
        String aopProxy = getAopProxy(obj);
        String parameter = httpServletRequest.getParameter("method");
        if ("com.seeyon.v3x.common.controller.GenericController".equals(aopProxy)) {
            parameter = httpServletRequest.getParameter("ViewPage");
        } else if (parameter == null) {
            parameter = AttendanceParamKeyConstant.C_sGetAttendanceListInfo_String_Index;
        }
        methodTL.set(parameter);
        WebUtil.setRequest(httpServletRequest);
        WebUtil.setResponse(httpServletResponse);
        if (SystemEnvironment.getContextPath() == null) {
            SystemProperties.getInstance().put(SystemEnvironment.ENV_APPLICATION_CONTEXT_PATH_KEY, httpServletRequest.getContextPath());
        }
        String requestURI = httpServletRequest.getRequestURI();
        if (requestURI.matches(".*?/{2,}.*?")) {
            throw new BusinessException("url格式错误有超过2根以上的'/'" + requestURI);
        }
        int indexOf = requestURI.indexOf(59);
        String substring = requestURI.substring(httpServletRequest.getContextPath().length(), indexOf == -1 ? requestURI.length() : indexOf);
        boolean equals = "/ajax.do".equals(substring);
        String str = substring;
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null) {
            str = String.valueOf(str) + "?" + queryString;
        }
        String str2 = str;
        boolean z = false;
        User user = null;
        try {
            user = (User) AppContext.getSessionContext(Constants.SESSION_CURRENT_USER);
        } catch (InfrastructureException unused) {
        }
        if (equals) {
            String parameter2 = httpServletRequest.getParameter("managerName");
            String parameter3 = httpServletRequest.getParameter("managerMethod");
            if (parameter3 != null) {
                validateUserRole(getAopProxy(AppContext.getBean(parameter2)), parameter3, user);
            }
            str2 = String.valueOf(parameter2) + "." + parameter3;
        }
        ThreadMonitor.startMonitor(String.valueOf(str) + " " + (queryString == null ? "" : queryString));
        if (user == null) {
            AppContext.removeThreadContext(GlobalNames.SESSION_CONTEXT_USERINFO_KEY);
            Map<String, Set<String>> needlessUrlMap = new NeedlessCheckLoginAnnotationAware().getNeedlessUrlMap();
            Set<String> keySet = needlessUrlMap.keySet();
            String requestURI2 = httpServletRequest.getRequestURI();
            for (String str3 : keySet) {
                if (requestURI2.indexOf(str3) != -1) {
                    Set<String> set = needlessUrlMap.get(str3);
                    z = set.contains("*") || set.contains(parameter);
                }
            }
        } else {
            AppContext.putThreadContext(GlobalNames.SESSION_CONTEXT_USERINFO_KEY, user);
        }
        if (!z && !User.isIgnoreUrl(str2, httpServletRequest, httpServletResponse)) {
            boolean checkSessionPre = checkSessionPre(httpServletRequest, httpServletResponse, obj.getClass().getCanonicalName(), equals);
            if (!checkSessionPre) {
                return checkSessionPre;
            }
            validateUserRole(aopProxy, parameter, user);
            User.validateResource(str, true);
        }
        String str4 = (String) httpServletRequest.getAttribute(JSON_PARAMS_KEY);
        if (str4 == null) {
            str4 = httpServletRequest.getParameter(JSON_PARAMS_KEY);
        }
        if (str4 != null) {
            AppContext.putThreadContext(GlobalNames.THREAD_CONTEXT_JSONSTR_KEY, str4);
        }
        String digestUrlParam = SecurityHelper.getDigestUrlParam(String.valueOf(substring) + (parameter == null ? "" : " " + parameter));
        if (digestUrlParam != null) {
            String parameter4 = httpServletRequest.getParameter(DIGEST_PARAMS_KEY);
            if (Strings.isBlank(parameter4)) {
                illegalAccess(str);
            }
            String[] split = digestUrlParam.split("\\,");
            StringBuilder sb = new StringBuilder();
            for (String str5 : split) {
                String parameter5 = httpServletRequest.getParameter(str5);
                if (parameter5 != null) {
                    sb.append(parameter5);
                }
            }
            if (!SecurityHelper.verify(sb.toString(), parameter4)) {
                illegalAccess(str);
            }
        }
        String replace = substring.substring(1).replace(".do", "").replace('/', '_');
        if (parameter != null) {
            replace = replace.concat("_").concat(parameter);
        }
        httpServletRequest.setAttribute("_currentPathId", replace);
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }

    private void validateUserRole(String str, String str2, User user) throws BusinessException {
        if (user == null) {
            return;
        }
        Set<String> set = CachePojoManager.getmethodNeedRole(String.valueOf(str) + "." + str2);
        this.ctpSecurityService = (CtpSecurityService) AppContext.getBean("ctpSecurityService");
        if (!CollectionUtils.isEmpty(set)) {
            this.ctpSecurityService.validateRole(user, str2, set);
        } else {
            this.ctpSecurityService.validateRole(user, str2, CachePojoManager.getclazzNeedRole(str));
        }
    }

    private boolean checkSessionPre(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, boolean z) throws Exception {
        User currentUser = AppContext.getCurrentUser();
        String userOnlineMessage = CurrentUserToSeeyonApp.getUserOnlineMessage();
        String contextPath = httpServletRequest.getContextPath();
        if (userOnlineMessage == null) {
            if (ServerState.getInstance().isShutdown()) {
                ServerState serverState = ServerState.getInstance();
                if (serverState.isForceLogout()) {
                    String string = ResourceUtil.getString("ServerState.shutdown", serverState.getComment());
                    PrintWriter writer = httpServletResponse.getWriter();
                    if (isFromMobile(httpServletRequest, currentUser)) {
                        writer.println("<meta http-equiv='Refresh' content='0;url=" + httpServletRequest.getContextPath() + "/common/mobileprompt.jsp?message=" + URLEncoder.encode(string, AjaxController.responseEncoding) + "' />");
                        writer.close();
                        return false;
                    }
                    if (currentUser != null && currentUser.isFromM1()) {
                        writer.print(m1ErrorResponse(httpServletRequest, string));
                        httpServletResponse.setStatus(500);
                        return false;
                    }
                }
            }
            if (!isFromMobile(httpServletRequest, currentUser) && (currentUser == null || !currentUser.isFromM1())) {
                return true;
            }
            if (this.onlineManager == null) {
                this.onlineManager = (OnlineManager) AppContext.getBean("onlineManager");
            }
            this.onlineManager.updateOnlineState(currentUser);
            return true;
        }
        httpServletResponse.setContentType("text/html; charset=UTF-8");
        PrintWriter writer2 = httpServletResponse.getWriter();
        if (isFromMobile(httpServletRequest, currentUser)) {
            writer2.println("<meta http-equiv='Refresh' content='0;url=" + contextPath + "/common/mobileprompt.jsp?message=" + URLEncoder.encode(userOnlineMessage, AjaxController.responseEncoding) + "' />");
        } else if ((currentUser != null && currentUser.isFromM1()) || Strings.isNotBlank(httpServletRequest.getParameter("ClientRequestPath"))) {
            writer2.print(m1ErrorResponse(httpServletRequest, userOnlineMessage));
            httpServletResponse.setStatus(500);
        } else if (z) {
            writer2.print("");
            httpServletResponse.addHeader("__LOGOUT", "o");
        } else {
            writer2.println("<section data-role=\"page\">");
            writer2.println("<script type=\"text/javascript\">var _ctxPath='" + SystemEnvironment.getContextPath() + "';</script>");
            writer2.println("<script type=\"text/javascript\" src=\"" + SystemEnvironment.getContextPath() + "/common/all-min.js\"></script>");
            writer2.println("<script>");
            writer2.println("alert(\"" + Strings.escapeJavascript(userOnlineMessage) + "\");");
            writer2.println("self.close();");
            writer2.println("try{");
            if (currentUser == null || currentUser.getUserSSOFrom() == null || !currentUser.getUserSSOFrom().equals(Constants.user_sso_from.nc_portal.name())) {
                writer2.println("getCtpTop().location.href = '" + contextPath + "/main.do?method=logout';");
            } else {
                writer2.println("getCtpTop().location.href = '" + contextPath + "/main.do?method=logout?toPortal=toPortal';");
            }
            writer2.println("}catch(e){}");
            writer2.println("</script>");
            writer2.println("</section>");
        }
        writer2.close();
        return false;
    }

    private String m1ErrorResponse(HttpServletRequest httpServletRequest, String str) throws Exception {
        String parameter = httpServletRequest.getParameter("responseCompress");
        JsonErrorObject jsonErrorObject = new JsonErrorObject();
        jsonErrorObject.setMessage(str);
        jsonErrorObject.setDetails("");
        jsonErrorObject.setCode("10000");
        return ZipUtil.compressResponse(JSONMapper.toJSON(jsonErrorObject).render(false), parameter, AjaxController.responseEncoding, LOGGER);
    }

    private boolean isFromMobile(HttpServletRequest httpServletRequest, User user) {
        return Constants.login_useragent_from.mobile.name().equals(Cookies.get(httpServletRequest, "u_login_from")) || Constants.login_useragent_from.mobile.name().equals(user == null ? null : user.getUserAgentFrom());
    }

    private void illegalAccess(String str) {
        InfrastructureException infrastructureException = new InfrastructureException("Illegal access");
        LOGGER.error("User:" + AppContext.currentUserName() + ";URL:" + str, infrastructureException);
        throw infrastructureException;
    }

    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView) throws Exception {
        HashMap hashMap = new HashMap();
        Enumeration attributeNames = httpServletRequest.getAttributeNames();
        while (attributeNames.hasMoreElements()) {
            String str = (String) attributeNames.nextElement();
            Object attribute = httpServletRequest.getAttribute(str);
            if (str.startsWith("ff")) {
                hashMap.put(str.substring(2), attribute);
            }
        }
        if (hashMap.size() > 0) {
            httpServletRequest.setAttribute("_FILL_MAP", StringUtil.replace(JSONMapper.toJSON(hashMap).render(false), "</script>", "<//script>"));
        }
        httpServletRequest.setAttribute("_JSON_PLUGIN", SystemEnvironment.getPluginIdsJsonStr());
        if (httpServletRequest.getSession(false) != null) {
            httpServletRequest.setAttribute("CurrentUser", AppContext.getCurrentUser());
        }
        httpServletRequest.setAttribute("enu", EnumsConfigLoader.getEnumCachMap());
        setRequestAttr(httpServletRequest, modelAndView);
        AspectAnnotationAware.execute(obj, httpServletRequest.getParameter("method"));
        super.postHandle(httpServletRequest, httpServletResponse, obj, modelAndView);
    }

    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
        String parameter;
        try {
            try {
                if (logCapability.isDebugEnabled()) {
                    long currentTimeMillis = System.currentTimeMillis() - startTime.get().longValue();
                    String str = "";
                    try {
                        str = AppContext.currentUserLoginName();
                    } catch (Exception unused) {
                    }
                    if (currentTimeMillis >= PerfLogConfig.getSlowlaunchControllerTime()) {
                        String str2 = String.valueOf(PerfmonMisc.getAopProxy(obj)) + "." + methodTL.get();
                        if (str2.startsWith("AjaxController") && (parameter = httpServletRequest.getParameter("managerName")) != null) {
                            String replaceAll = parameter.replaceAll(",", " ");
                            if ("sectionManager".equalsIgnoreCase(replaceAll)) {
                                String parameter2 = httpServletRequest.getParameter("arguments");
                                if (parameter2 != null) {
                                    parameter2 = parameter2.substring(19, parameter2.indexOf("\"", 20));
                                }
                                str2 = String.valueOf(replaceAll) + "." + parameter2;
                            } else {
                                str2 = String.valueOf(replaceAll) + "." + httpServletRequest.getParameter("managerMethod");
                            }
                        }
                        logCapability.debug(String.valueOf(httpServletRequest.getRemoteAddr()) + "," + str + "," + str2 + "," + currentTimeMillis + (PerfLogConfig.isRecordControllerParam() ? "," + httpServletRequest.getQueryString() : ""));
                    }
                }
            } catch (Throwable th) {
                logc.warn("输出操作日志错误", th);
                startTime.remove();
                methodTL.remove();
            }
            AppContext.clearThreadContext();
            ThreadMonitor.stopMonitor();
            super.afterCompletion(httpServletRequest, httpServletResponse, obj, exc);
        } finally {
            startTime.remove();
            methodTL.remove();
        }
    }

    private void setRequestAttr(HttpServletRequest httpServletRequest, ModelAndView modelAndView) {
        String requestURI = httpServletRequest.getRequestURI();
        String str = requestURI.toString();
        String scheme = httpServletRequest.getScheme();
        String serverName = httpServletRequest.getServerName();
        int serverPort = httpServletRequest.getServerPort();
        String contextPath = httpServletRequest.getContextPath();
        if (modelAndView != null) {
            modelAndView.addObject("ctp_htmlAtt", " xmlns=\"http://www.w3.org/1999/xhtml\" ");
            modelAndView.addObject("ctp_DTD", " <!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"" + contextPath + "seeyonoa/ui/DTD/xhtml1-transitional.dtd\">");
            modelAndView.addObject("ctp_uri", requestURI);
            modelAndView.addObject("ctp_url", str);
            modelAndView.addObject("ctp_scheme", scheme);
            modelAndView.addObject("ctp_server", serverName);
            modelAndView.addObject("ctp_port", Integer.valueOf(serverPort));
            modelAndView.addObject("ctp_contextPath", contextPath);
        }
    }

    public static String getAopProxy(Object obj) {
        return getTargetClassFromJdkDynamicAopProxy(obj).getName();
    }

    public static Class getTargetClassFromJdkDynamicAopProxy(Object obj) {
        try {
            AdvisedSupport advisedSupport = (AdvisedSupport) new DirectFieldAccessor(Proxy.getInvocationHandler(obj)).getPropertyValue(ADVISED_FIELD_NAME);
            Class targetClass = advisedSupport.getTargetClass();
            return Proxy.isProxyClass(targetClass) ? getTargetClassFromJdkDynamicAopProxy(advisedSupport.getTargetSource().getTarget()) : targetClass;
        } catch (Exception unused) {
            return obj.getClass();
        }
    }
}
