package com.raqsoft.center.console;

import com.raqsoft.center.Center;
import com.raqsoft.center.Config;
import com.raqsoft.center.entity.User;
import com.raqsoft.center.util.HttpRequestUtil;
import com.raqsoft.center.util.PrintWriteUtil;
import com.scudata.common.Logger;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.Iterator;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.json.JSONException;

/* loaded from: input_file:com/raqsoft/center/console/LoginFilter.class */
public class LoginFilter implements Filter {
    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String[] strArr;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        if (stringBuffer.indexOf(".css") > 0) {
            httpServletResponse.setContentType("text/css;charset=UTF-8");
        } else if (stringBuffer.indexOf(".svg") > 0) {
            httpServletResponse.setContentType("image/svg+xml;charset=UTF-8");
        } else if (stringBuffer.indexOf(".png") > 0) {
            httpServletResponse.setContentType("image/png;charset=UTF-8");
        } else if (stringBuffer.indexOf(".jpg") > 0) {
            httpServletResponse.setContentType("image/jpeg;charset=UTF-8");
        } else if (stringBuffer.indexOf(".js") > 0) {
            httpServletResponse.setContentType("application/javascript");
        } else if (stringBuffer.indexOf(".gif") > 0) {
            httpServletResponse.setContentType("image/gif;charset=UTF-8");
        } else if (stringBuffer.indexOf(".woff2") > 0) {
            httpServletResponse.setContentType("font/woff2;charset=UTF-8");
        } else if (stringBuffer.indexOf(".woff") > 0) {
            httpServletResponse.setContentType("font/woff;charset=UTF-8");
        } else if (stringBuffer.indexOf(".ttf") > 0) {
            httpServletResponse.setContentType("font/ttf;charset=UTF-8");
        } else {
            httpServletResponse.setContentType("text/html;charset=UTF-8");
        }
        HttpSession session = httpServletRequest.getSession();
        Iterator it = servletRequest.getParameterMap().values().iterator();
        if (it.hasNext() && (strArr = (String[]) it.next()) != null && !isValidParam(strArr)) {
            Logger.debug("请求参数中含有非法字符");
            return;
        }
        String parameter = httpServletRequest.getParameter("action");
        if (stringBuffer.indexOf("login.jsp") >= 0) {
            String serverConfig = Center.getConfig().getServerConfig("validImg");
            session.setAttribute("enableValieImg", (serverConfig.equals("no_value") || serverConfig.equals("1")) ? "true" : "false");
            if ("1".equals(Center.getConfig().ssoConfig().enabled)) {
                session.setAttribute("enableSso", true);
            } else {
                session.setAttribute("enableSso", false);
            }
        }
        if (stringBuffer.indexOf("ssoActivate.jsp") >= 0) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if ("372".equals(parameter)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        SsoConfig ssoConfig = Center.getConfig().ssoConfig();
        if ("3".equals(parameter)) {
            String parameter2 = httpServletRequest.getParameter("userName");
            if (Center.isAccountLocked(parameter2)) {
                PrintWriteUtil.pwWrite("账户登录次数过多被锁定，请" + Center.LOCKTIME + "分钟后再试", (HttpServletResponse) servletResponse);
                return;
            }
            if (httpServletRequest.getSession().getAttribute("userObj") == null) {
                if ("admin".equals(parameter2)) {
                    filterChain.doFilter(servletRequest, servletResponse);
                    return;
                }
                if ("1".equals(ssoConfig.enabled)) {
                    if (ssoConfig.version == 1) {
                        Logger.debug("sso version " + ssoConfig.version);
                        filterChain.doFilter(servletRequest, servletResponse);
                        return;
                    }
                    Logger.debug("执行sso登录");
                    String str = HttpRequestUtil.get(ssoConfig.loginUrl.replace("{0}", URLEncoder.encode(parameter2, "utf-8")).replace("{1}", servletRequest.getParameter("p")), ssoConfig.method);
                    Logger.debug("sso登录结果令牌" + str);
                    if (str != null) {
                        SsoManger.addrqSsoLoginToCookie(httpServletResponse, str);
                        SsoManger.loginRemoteSsoUser((HttpServletRequest) servletRequest, parameter2);
                        httpServletRequest.getRequestDispatcher("/raqsoft/center/centerIndex.jsp").forward(servletRequest, servletResponse);
                        return;
                    }
                }
            }
        } else if ("80".equals(parameter) || "52".equals(parameter) || "74".equals(parameter) || "75".equals(parameter) || "81".equals(parameter) || "82".equals(parameter) || "5".equals(parameter) || "90".equals(parameter) || "91".equals(parameter) || stringBuffer.indexOf("center/wxcode.html") >= 0 || stringBuffer.indexOf("center/wxlogin.jsp") >= 0 || stringBuffer.indexOf("/wxlogin") >= 0 || stringBuffer.indexOf("center/images") >= 0 || stringBuffer.indexOf("login.jsp") >= 0 || stringBuffer.indexOf("login.js") >= 0 || stringBuffer.indexOf("layui") >= 0 || stringBuffer.indexOf("center/mobile") >= 0) {
            if (stringBuffer.indexOf("login.jsp") >= 0 && stringBuffer.indexOf("center/wxlogin.jsp") == -1) {
                try {
                    if (SsoManger.checkCookie((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse)) {
                        httpServletRequest.getRequestDispatcher("/raqsoft/center/centerIndex.jsp").forward(servletRequest, servletResponse);
                        return;
                    }
                    servletRequest.setAttribute("passEncode", Boolean.valueOf(Center.getConfig().passEncode()));
                } catch (IOException e) {
                    e.printStackTrace();
                    return;
                } catch (JSONException e2) {
                    e2.printStackTrace();
                    return;
                } catch (ServletException e3) {
                    e3.printStackTrace();
                    return;
                }
            }
        } else if (servletRequest instanceof HttpServletRequest) {
            if (session.getAttribute("userObj") == null) {
                try {
                    if (SsoManger.checkCookie((HttpServletRequest) servletRequest, (HttpServletResponse) servletResponse)) {
                        filterChain.doFilter(servletRequest, servletResponse);
                        return;
                    }
                    session.setAttribute("rqv5_login_userId", (Object) null);
                    session.setAttribute("rqv5_manager_login", (Object) null);
                    session.invalidate();
                    servletResponse.setContentType("text/html;charset=UTF-8");
                    getOut(ssoConfig, httpServletRequest, servletResponse);
                    String str2 = ssoConfig.enabled.contentEquals("1") ? ssoConfig.loginUrl : null;
                    if (str2 == null || str2.equals("no_value")) {
                        str2 = String.valueOf(httpServletRequest.getServletContext().getContextPath()) + "/raqsoft/center/login.jsp";
                    }
                    servletResponse.getWriter().print("<script language='javascript' type='text/javascript'>top.window.location='" + str2 + "';</script>");
                    return;
                } catch (JSONException e4) {
                    e4.printStackTrace();
                    return;
                } catch (ServletException e5) {
                    e5.printStackTrace();
                    return;
                } catch (IOException e6) {
                    e6.printStackTrace();
                    return;
                }
            }
            if (parameter != null && !checkActionAuth(parameter, (User) session.getAttribute("userObj"))) {
                servletResponse.setContentType("text/html;charset=UTF-8");
                String str3 = ssoConfig.enabled.contentEquals("1") ? ssoConfig.loginUrl : null;
                if (str3 == null || str3.equals("no_value")) {
                    str3 = String.valueOf(httpServletRequest.getServletContext().getContextPath()) + "/raqsoft/center/login.jsp";
                }
                servletResponse.getWriter().print("<script language='javascript' type='text/javascript'>top.window.location='" + str3 + "';</script>");
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    public static boolean localLoginUserWithoutPassword(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        HttpSession session = httpServletRequest.getSession();
        String parameter = httpServletRequest.getParameter("userName");
        Config config = Center.getConfig();
        User[] cachedUsers = Center.getUserManager().getCachedUsers();
        User user = null;
        if ("admin".equals(parameter)) {
            String superManagerEmail = config.getSuperManagerEmail();
            user = new User("admin", "admin", "0", config.getElement("managerPass").getText(), "", superManagerEmail, "", "");
            session.setAttribute("rqv5_manager_login", "yes");
            session.setAttribute("supermanager", "yes");
            session.setAttribute("loginType", "supermanager");
            session.setAttribute("userObj", user);
            if (superManagerEmail == null || superManagerEmail.length() == 0) {
                session.setAttribute("no_email", "yes");
            }
        } else {
            for (User user2 : cachedUsers) {
                if (user2.getUserName() != null && user2.getUserName().equals(parameter)) {
                    user = user2;
                }
            }
            if (user != null) {
                if (user.getRoleIds().contains("1")) {
                    session.setAttribute("rqv5_manager_login", "yes");
                    session.setAttribute("rqv5_login_userId", user.getUserId());
                    session.setAttribute("loginType", "normalManager");
                    session.setAttribute("userObj", user);
                    LoginServlet.setMarcoAndParam(session, user);
                } else {
                    if (!LoginServlet.addLoginToApp(httpServletRequest, user, false)) {
                        return false;
                    }
                    session.setAttribute("rqv5_login_userId", user.getUserId());
                    session.setAttribute("userObj", user);
                    session.setAttribute("loginType", "user");
                    LoginServlet.setMarcoAndParam(session, user);
                }
            }
        }
        LoginServlet.setUserNameAsParam(user);
        LoginServlet.setRoleNameAsParam(user);
        session.setMaxInactiveInterval(Center.maxInactiveInterval);
        return true;
    }

    private boolean checkActionAuth(String str, User user) {
        int parseInt = Integer.parseInt(str);
        if (user.getRoleIds().size() <= 0) {
            if (user.getRoleId() == null) {
                return false;
            }
            int parseInt2 = Integer.parseInt(user.getRoleId());
            switch (parseInt) {
                case 16:
                case 34:
                case 62:
                    return parseInt2 == 1 || parseInt2 == 0;
                case 31:
                    return parseInt2 >= 0;
                case 61:
                    return parseInt2 >= 0;
                default:
                    return true;
            }
        }
        boolean z = true;
        Iterator<String> it = user.getRoleIds().iterator();
        while (it.hasNext()) {
            int parseInt3 = Integer.parseInt(it.next());
            switch (parseInt) {
                case 16:
                case 34:
                case 62:
                    if (parseInt3 != 1 && parseInt3 != 0) {
                        z = false;
                        break;
                    } else {
                        return true;
                    }
                    break;
                case 31:
                    if (parseInt3 < 0) {
                        z = false;
                        break;
                    } else {
                        return true;
                    }
                case 61:
                    if (parseInt3 < 0) {
                        z = false;
                        break;
                    } else {
                        return true;
                    }
            }
        }
        return z;
    }

    private boolean isValidParam(String[] strArr) {
        for (String str : strArr) {
            if (str != null && str.indexOf(60) >= 0) {
                return false;
            }
            if (str != null && str.indexOf(62) >= 0) {
                return false;
            }
        }
        return true;
    }

    private void getOut(SsoConfig ssoConfig, HttpServletRequest httpServletRequest, ServletResponse servletResponse) throws IOException {
        String str = ssoConfig.enabled.contentEquals("1") ? ssoConfig.loginUrl : null;
        if (str == null || str.equals("no_value")) {
            str = String.valueOf(httpServletRequest.getServletContext().getContextPath()) + "/raqsoft/center/login.jsp";
        }
        servletResponse.getWriter().print("<script language='javascript' type='text/javascript'>top.window.location='" + str + "';</script>");
    }
}
