package com.dareway.framework.hxca;

import com.dareway.framework.common.GlobalNames;
import com.dareway.framework.dwsso.DwssoNames;
import com.dareway.framework.exception.AppException;
import com.dareway.framework.log.LogHandler;
import com.dareway.framework.util.DataObject;
import com.dareway.framework.util.SessionUtil;
import java.io.CharArrayWriter;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.Writer;
import java.lang.reflect.InvocationTargetException;
import java.net.URLEncoder;
import java.util.Enumeration;
import java.util.Iterator;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class HXAuthFilter implements Filter {
    private void dealException(HttpServletResponse httpServletResponse, Exception exc) {
        try {
            LogHandler.saveException(exc);
            exc.printStackTrace();
            CharArrayWriter charArrayWriter = new CharArrayWriter();
            exc.printStackTrace(new PrintWriter((Writer) charArrayWriter, true));
            String charArrayWriter2 = charArrayWriter.toString();
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("<pre>");
            stringBuffer.append(charArrayWriter2);
            stringBuffer.append("</pre>");
            httpServletResponse.setCharacterEncoding(GlobalNames.DEFAULT_ENCODING);
            httpServletResponse.getWriter().write(stringBuffer.toString());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private String getAccessTokenByAuthCode(String str, String str2) throws ServletException {
        String str3 = HXNames.hxRetrieveTokenURL + "?client_id=" + HXNames.hxClientId + "&client_secret=" + HXNames.hxClientSecret + "&redirect_uri=" + str + "&grant_type=authorization_code&code=" + str2;
        String request = str3.substring(0, 5).equalsIgnoreCase("https") ? HXHttpsUtil.request(str3) : HXHttpUtil.request(str3);
        if (request == null || request.equals("")) {
            throw new ServletException("汇信URL【" + str3 + "】返回结果为空，请检查!");
        }
        try {
            String string = new JSONObject(request).getString("access_token");
            if (string != null && !string.equals("")) {
                return string;
            }
            throw new ServletException("汇信URL【" + str3 + "】返回结果【" + request + "】中accessToken为空，请检查!");
        } catch (JSONException e) {
            throw new ServletException(e);
        }
    }

    private String getRedirectURI(HttpServletRequest httpServletRequest) throws ServletException {
        try {
            return URLEncoder.encode(HXNames.hxAppProxyURL + getRequestURI(httpServletRequest) + "?" + HXNames.hxAuthCodeReceivedKey + "=1", "UTF-8");
        } catch (IOException e) {
            throw new ServletException(e);
        }
    }

    private String getReqParams(HttpServletRequest httpServletRequest) {
        StringBuffer stringBuffer = new StringBuffer();
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (stringBuffer.indexOf("?") > -1) {
                stringBuffer.append("&");
            } else {
                stringBuffer.append("?");
            }
            stringBuffer.append(str + "=" + httpServletRequest.getParameter(str));
        }
        return stringBuffer.toString();
    }

    private String getRequestURI(HttpServletRequest httpServletRequest) throws ServletException {
        String requestURI = httpServletRequest.getRequestURI();
        int lastIndexOf = requestURI.lastIndexOf("logonDialog.jsp");
        return lastIndexOf != -1 ? requestURI.substring(0, lastIndexOf) : requestURI;
    }

    private DataObject getUserInfoByAccessToken(String str) throws ServletException {
        String str2 = HXNames.hxRetrieveUserInfoURL + "?access_token=" + str;
        String request = str2.substring(0, 5).equalsIgnoreCase("https") ? HXHttpsUtil.request(str2) : HXHttpUtil.request(str2);
        if (request == null || request.equals("")) {
            throw new ServletException("汇信URL【" + str2 + "】返回结果为空，请检查!");
        }
        try {
            DataObject dataObject = new DataObject();
            JSONObject jSONObject = new JSONObject(request);
            Iterator<String> keys = jSONObject.keys();
            while (keys.hasNext()) {
                String next = keys.next();
                dataObject.put(next, (Object) jSONObject.getString(next));
            }
            return dataObject;
        } catch (AppException e) {
            throw new ServletException(e);
        } catch (JSONException e2) {
            throw new ServletException(e2);
        }
    }

    private String loginAppByUserInfo(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, DataObject dataObject) throws ServletException {
        try {
            Class<?> cls = Class.forName(DwssoNames.LOGON_CLASS);
            return (String) cls.getMethod("doHxLogon", HttpServletRequest.class, HttpServletResponse.class, DataObject.class).invoke(cls.newInstance(), httpServletRequest, httpServletResponse, dataObject);
        } catch (ClassNotFoundException e) {
            throw new ServletException(e);
        } catch (IllegalAccessException e2) {
            throw new ServletException(e2);
        } catch (IllegalArgumentException e3) {
            throw new ServletException(e3);
        } catch (InstantiationException e4) {
            throw new ServletException(e4);
        } catch (NoSuchMethodException e5) {
            throw new ServletException(e5);
        } catch (SecurityException e6) {
            throw new ServletException(e6);
        } catch (InvocationTargetException e7) {
            throw new ServletException(e7);
        }
    }

    private void redirectToHxAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws ServletException {
        try {
            httpServletResponse.sendRedirect(HXNames.hxRetrieveAuthCodeURL + "?client_id=" + HXNames.hxClientId + "&redirect_uri=" + str + "&response_type=code&scope=read");
        } catch (IOException e) {
            throw new ServletException(e);
        }
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if ("c".equals(httpServletRequest.getParameter("_invoke_type"))) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if ("1".equals(httpServletRequest.getParameter("fromsso"))) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!HXNames.HX_LOGONON_MODE) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (HXNames.hxClientId == null || HXNames.hxClientId.equals("")) {
            throw new ServletException("汇信登录参数【hxClientId】为空，请检查!");
        }
        if (HXNames.hxClientSecret == null || HXNames.hxClientSecret.equals("")) {
            throw new ServletException("汇信登录参数【hxClientSecret】为空，请检查!");
        }
        if (HXNames.hxRetrieveAuthCodeURL == null || HXNames.hxRetrieveAuthCodeURL.equals("")) {
            throw new ServletException("汇信登录参数【hxRetrieveAuthCodeURL】为空，请检查!");
        }
        if (HXNames.hxRetrieveTokenURL == null || HXNames.hxRetrieveTokenURL.equals("")) {
            throw new ServletException("汇信登录参数【hxRetrieveTokenURL】为空，请检查!");
        }
        if (HXNames.hxRetrieveUserInfoURL == null || HXNames.hxRetrieveUserInfoURL.equals("")) {
            throw new ServletException("汇信登录参数【hxRetrieveUserInfoURL】为空，请检查!");
        }
        try {
            String requestURI = getRequestURI(httpServletRequest);
            if (httpServletRequest.getParameter(HXNames.hxAuthCodeReceivedKey) == null) {
                if (httpServletRequest.getSession(false) == null) {
                    redirectToHxAuth(httpServletRequest, httpServletResponse, getRedirectURI(httpServletRequest));
                    return;
                }
                String parameter = httpServletRequest.getParameter("__usersession_uuid");
                if (parameter != null && !"".equals(parameter) && !SessionUtil.isUserExist(httpServletRequest)) {
                    redirectToHxAuth(httpServletRequest, httpServletResponse, getRedirectURI(httpServletRequest));
                    return;
                }
                String reqParams = getReqParams(httpServletRequest);
                if (reqParams != null && !"".equals(reqParams)) {
                    filterChain.doFilter(httpServletRequest, httpServletResponse);
                    return;
                }
                redirectToHxAuth(httpServletRequest, httpServletResponse, getRedirectURI(httpServletRequest));
                return;
            }
            String parameter2 = httpServletRequest.getParameter("code");
            if (parameter2 == null || parameter2.equals("")) {
                throw new ServletException("汇信回调的URL中不包含参数code!");
            }
            String loginAppByUserInfo = loginAppByUserInfo(httpServletRequest, httpServletResponse, getUserInfoByAccessToken(getAccessTokenByAuthCode(getRedirectURI(httpServletRequest), parameter2)));
            if ((GlobalNames.WEB_APP + "/").equals(requestURI)) {
                requestURI = requestURI + "mainFrame.jsp";
            }
            httpServletResponse.sendRedirect(requestURI + "?__usersession_uuid=" + loginAppByUserInfo);
        } catch (Exception e) {
            dealException(httpServletResponse, e);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }
}
