package com.cfwx.rox.web.common.filter;

import com.cfwx.multichannel.userinterface.redis.RedisService;
import com.cfwx.rox.web.common.ConfigProperties;
import com.cfwx.rox.web.common.Constants;
import com.cfwx.rox.web.common.constant.EnumRedisConstant;
import com.cfwx.rox.web.common.model.vo.CurrentUser;
import com.cfwx.rox.web.common.service.ICommonAuthorityService;
import com.cfwx.rox.web.common.util.MD5;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.servlet.ServletInputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import oracle.sql.CharacterSet;
import org.apache.commons.lang.StringUtils;
import org.apache.cxf.jaxrs.ext.search.FiqlParser;
import org.eclipse.jetty.server.SessionManager;
import org.jboss.netty.handler.codec.rtsp.RtspHeaders;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.propertyeditors.CustomDateEditor;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:WEB-INF/lib/WebCommon-1.0-RELEASE.jar:com/cfwx/rox/web/common/filter/LoginInterceptor.class */
public class LoginInterceptor extends HandlerInterceptorAdapter {
    public static ModelAndView modelAndView;

    @Autowired
    private ICommonAuthorityService authorityService;
    protected static Logger logger = LoggerFactory.getLogger(LoginInterceptor.class);
    public static List<String> noAuthorized = new ArrayList();
    public static RedisService redisService = new RedisService();
    public static List<String> intervalUris = new ArrayList();

    private static void init() {
        for (String str : ConfigProperties.getStringValue(RtspHeaders.Values.URL).split(FiqlParser.AND)) {
            noAuthorized.add(str);
        }
        for (String str2 : ConfigProperties.getStringValue("intervalUris").split(FiqlParser.AND)) {
            intervalUris.add(str2);
        }
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        CurrentUser currentUser;
        modelAndView = new ModelAndView();
        String contextPath = httpServletRequest.getContextPath();
        String requestURI = httpServletRequest.getRequestURI();
        Map<String, String[]> parameterMap = httpServletRequest.getParameterMap();
        String replaceFirst = requestURI.replaceFirst(contextPath + "/", "");
        if (StringUtils.equals(requestURI, "/")) {
            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/login/loginIndex");
            return false;
        }
        filtration(httpServletRequest, replaceFirst);
        if (false == noAuthorized.contains(replaceFirst)) {
            Object attribute = httpServletRequest.getSession().getAttribute(Constants.USER_LOGIN_FLAG);
            if (null == attribute) {
                if (StringUtils.isNotEmpty(httpServletRequest.getParameter(SessionManager.__DefaultSessionIdPathParameterName))) {
                    return true;
                }
                if (!"XMLHttpRequest".equals(httpServletRequest.getHeader("X-Requested-With"))) {
                    httpServletResponse.sendRedirect(contextPath + "/login/loginIndex?dir=1");
                    return false;
                }
                httpServletResponse.addHeader("sessionstatus", "timeOut");
                httpServletResponse.addHeader("loginPath", "/login/loginIndex?dir=1");
                httpServletResponse.sendError(CharacterSet.AR8SAKHR707_CHARSET, "User has not login");
                return false;
            }
            if (!this.authorityService.hasAuthority((CurrentUser) attribute, requestURI)) {
                httpServletResponse.sendRedirect(contextPath + "/home/refused");
                return false;
            }
        }
        if ("XMLHttpRequest".equals(httpServletRequest.getHeader("X-Requested-With"))) {
            RedisService redisService2 = new RedisService();
            if (httpServletRequest.getSession() != null && (currentUser = (CurrentUser) httpServletRequest.getSession().getAttribute(Constants.USER_LOGIN_FLAG)) != null) {
                HashMap<String, String> body = getBody(httpServletRequest);
                String md5s = MD5.md5s(Constants.TOKEN_KEY_PRE + currentUser.getUser().getId());
                String str = body.get(md5s);
                if (StringUtils.isEmpty(str) && parameterMap != null && !parameterMap.isEmpty() && parameterMap.get(md5s) != null && parameterMap.get(md5s).length > 0) {
                    str = parameterMap.get(md5s)[0];
                }
                String str2 = redisService2.get(md5s);
                if (str == null || str2 == null || !str.equals(str2)) {
                    httpServletResponse.addHeader("sessionstatus", "timeOut");
                    httpServletResponse.addHeader("loginPath", "/login/loginIndex?dir=1");
                    httpServletResponse.sendError(CharacterSet.AR8SAKHR707_CHARSET, "User has not login");
                    return false;
                }
            }
        }
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }

    public static HashMap<String, String> getBody(HttpServletRequest httpServletRequest) throws IOException {
        HashMap<String, String> hashMap = new HashMap<>();
        StringBuilder sb = new StringBuilder();
        BufferedReader bufferedReader = null;
        try {
            try {
                ServletInputStream inputStream = httpServletRequest.getInputStream();
                if (inputStream != null) {
                    bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
                    char[] cArr = new char[128];
                    while (true) {
                        int read = bufferedReader.read(cArr);
                        if (read <= 0) {
                            break;
                        }
                        sb.append(cArr, 0, read);
                        String[] split = sb.toString().split("=");
                        hashMap.put(split[0], split[1]);
                    }
                } else {
                    sb.append("");
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (IOException e) {
                        throw e;
                    }
                }
                return hashMap;
            } catch (IOException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (IOException e3) {
                    throw e3;
                }
            }
            throw th;
        }
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, ModelAndView modelAndView2) throws Exception {
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, Exception exc) throws Exception {
    }

    public void setViewName(String str) {
        modelAndView.setViewName(str);
    }

    public void addObject(String str, Object obj) {
        modelAndView.addObject(str, obj);
    }

    @InitBinder
    public void initBinder(WebDataBinder webDataBinder) {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
        simpleDateFormat.setLenient(false);
        webDataBinder.registerCustomEditor(Date.class, new CustomDateEditor(simpleDateFormat, true));
    }

    private void filtration(HttpServletRequest httpServletRequest, String str) {
        String hget = redisService.hget(EnumRedisConstant.HashSetKey.WEB_SESSION_ID.getValue(), httpServletRequest.getSession().getId());
        Long valueOf = null != hget ? Long.valueOf(Long.parseLong(hget)) : null;
        if (valueOf != null && valueOf.longValue() != 0 && new Date().getTime() - valueOf.longValue() > httpServletRequest.getSession().getMaxInactiveInterval() * 1000) {
            deleTempRedisData(httpServletRequest.getSession());
            httpServletRequest.getSession().invalidate();
        }
        if (false == intervalUris.contains(str)) {
            redisService.hset(EnumRedisConstant.HashSetKey.WEB_SESSION_ID.getValue(), httpServletRequest.getSession().getId(), String.valueOf(new Date().getTime()));
        }
    }

    public static void deleTempRedisData(HttpSession httpSession) {
        redisService.hdel(EnumRedisConstant.HashSetKey.WEB_SESSION_ID.getValue(), httpSession.getId());
        CurrentUser currentUser = (CurrentUser) httpSession.getAttribute(Constants.USER_LOGIN_FLAG);
        if (null != currentUser) {
            redisService.hdel(EnumRedisConstant.HashSetKey.IntroductionCustomerInfo.getValue(), EnumRedisConstant.CustomerInfoImportKey.Registration.getValue() + "_" + currentUser.getUser().getId());
            redisService.hdel(EnumRedisConstant.HashSetKey.IntroductionCustomerInfo.getValue(), EnumRedisConstant.CustomerInfoImportKey.Obtain.getValue() + "_" + currentUser.getUser().getId());
        }
    }

    static {
        init();
    }
}
