package com.aisino2.core.web;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: classes.dex */
public class AuthFilter implements Filter {
    private String authClass;
    private Authorization authorization;
    private String loginURL;
    private String[] noFilterURLs;
    private final Log log = LogFactory.getLog(AuthFilter.class);
    private boolean checkAuth = false;

    private String getFuncDefine(HttpServletRequest httpServletRequest) {
        return String.valueOf(httpServletRequest.getServletPath()) + "?method=" + httpServletRequest.getParameter("method");
    }

    private boolean isExpiredSession(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        return session == null || session.getAttribute(this.authorization.getUserSessionKey()) == null;
    }

    private boolean isNoFilterURL(String str) {
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= this.noFilterURLs.length) {
                break;
            }
            if (str.indexOf(this.noFilterURLs[i]) > 0) {
                z = true;
                break;
            }
            i++;
        }
        return z;
    }

    public void destroy() {
        this.loginURL = null;
        this.authClass = null;
        this.checkAuth = false;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (isExpiredSession(httpServletRequest)) {
            if (isNoFilterURL(httpServletRequest.getServletPath())) {
                filterChain.doFilter(httpServletRequest, httpServletResponse);
                return;
            } else {
                httpServletRequest.getSession().invalidate();
                httpServletResponse.sendRedirect(String.valueOf(httpServletRequest.getContextPath()) + this.loginURL);
                return;
            }
        }
        if (this.checkAuth) {
            int userID = this.authorization.getUserID(httpServletRequest);
            String funcDefine = getFuncDefine(httpServletRequest);
            if (!this.authorization.hasFunction(userID, funcDefine)) {
                httpServletResponse.sendRedirect(this.loginURL);
            }
            httpServletRequest.getSession().setAttribute("AcParam", this.authorization.getFunctionParam(userID, funcDefine));
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.loginURL = filterConfig.getInitParameter("loginURL");
        this.authClass = filterConfig.getInitParameter("authClass");
        this.noFilterURLs = filterConfig.getInitParameter("noFilterURL").split(",");
        String initParameter = filterConfig.getInitParameter("checkAuth");
        if (initParameter == null) {
            this.checkAuth = false;
        } else if (initParameter.equalsIgnoreCase("true")) {
            this.checkAuth = true;
        } else if (initParameter.equalsIgnoreCase("yes")) {
            this.checkAuth = true;
        } else {
            this.checkAuth = false;
        }
        try {
            if (this.log.isDebugEnabled()) {
                this.log.debug("==========new Authorization instance start===========");
            }
            this.authorization = (Authorization) Class.forName(this.authClass).newInstance();
            if (this.log.isDebugEnabled()) {
                this.log.debug("==========new Authorization instance end=============");
            }
        } catch (Exception e) {
            if (this.log.isErrorEnabled()) {
                this.log.error(e);
            }
            throw new ServletException(e);
        }
    }
}
