package bingo.security;

import bingo.common.core.ApplicationFactory;
import bingo.common.core.utils.StringUtils;
import bingo.environment.EnvironmentFilter;
import bingo.security.utils.Util;
import com.raizlabs.android.dbflow.sql.language.Condition;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.context.support.WebApplicationContextUtils;

/* loaded from: classes.dex */
public class SecurityFilter implements Filter {
    public static final String AJAX_REQUEST_HEADER = "x-requested-with";
    public static final String AJAX_REQUEST_VALUE = "XMLHttpRequest";
    public static final String IGNORE_PATTERN_PARAM = "ignore-pattern";
    public static final String INCLUDE_PATTERN_PARAM = "include-pattern";
    public static final String LOAD_ENV_PARAM = "load-env";
    public static final String LOGIN_URL_PARAM = "login-url";
    public static final String PROVIDER_BAEN_NAME = "provider-bean";
    private static final Logger log = LoggerFactory.getLogger(SecurityFilter.class);
    protected String encoding = "UTF-8";
    protected Filter environmentFilter;
    protected Pattern ignorePattern;
    private String ignorePatternString;
    protected Pattern includePattern;
    private String includePatternString;
    protected String loginUrl;
    protected ISecurityProvider provider;
    private String providerName;

    /* loaded from: classes.dex */
    protected class EnvironmentFilterChain implements FilterChain {
        private final FilterChain chain;

        public EnvironmentFilterChain(FilterChain filterChain) {
            this.chain = filterChain;
        }

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
            SecurityFilter.this.doSecurityFilter(servletRequest, servletResponse, this.chain);
        }
    }

    private void initSecurityProvider() {
        if (this.provider == null) {
            synchronized (ISecurityProvider.class) {
                if (this.provider == null) {
                    if (Util.isNullOrEmpty(this.providerName)) {
                        this.providerName = "securityProvider";
                    }
                    if (ApplicationFactory.containsBean(this.providerName)) {
                        this.provider = (ISecurityProvider) ApplicationFactory.getBeanForName(ISecurityProvider.class, this.providerName);
                    } else {
                        this.provider = (ISecurityProvider) ApplicationFactory.getFirstBeanOfType(ISecurityProvider.class);
                    }
                    log.info("Security Framework Inited, Provider : {}", this.provider.getClass().getName());
                }
            }
        }
    }

    private void setIgnorePattern(String str) {
        if (Util.isNullOrEmpty(str)) {
            return;
        }
        String replaceAll = str.replaceAll("\\.", "\\\\.").replaceAll("\\*", ".*");
        log.debug("ignore-pattern regex : {}", replaceAll);
        this.ignorePattern = Pattern.compile(replaceAll);
    }

    private void setIncludePattern(String str) {
        if (Util.isNullOrEmpty(str)) {
            return;
        }
        String replaceAll = str.replaceAll("\\.", "\\\\.").replaceAll("\\*", ".*");
        log.debug("ignore-pattern regex : {}", replaceAll);
        this.includePattern = Pattern.compile(replaceAll);
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (this.environmentFilter != null) {
            this.environmentFilter.doFilter(servletRequest, servletResponse, new EnvironmentFilterChain(filterChain));
        } else {
            doSecurityFilter(servletRequest, servletResponse, filterChain);
        }
    }

    protected void doSecurityFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        initSecurityProvider();
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        SecurityContext securityContext = new SecurityContext(httpServletRequest, this.provider);
        SecurityContext.context.set(securityContext);
        try {
            String requestPath = Util.getRequestPath(httpServletRequest);
            if (this.provider.authenticate(httpServletRequest)) {
                securityContext.user = this.provider.getCurrentUser(httpServletRequest);
                if (this.provider.authorize(httpServletRequest)) {
                    filterChain.doFilter(servletRequest, servletResponse);
                } else {
                    handleNotAuthorized(httpServletRequest, httpServletResponse);
                }
            } else {
                if (ignores(requestPath) || isLoginPath(requestPath)) {
                    filterChain.doFilter(servletRequest, httpServletResponse);
                    return;
                }
                handleNotAuthenticated(httpServletRequest, httpServletResponse);
            }
        } finally {
            SecurityContext.context.set(null);
        }
    }

    protected Object getBean(ServletContext servletContext, String str) throws ServletException {
        WebApplicationContext requiredWebApplicationContext = WebApplicationContextUtils.getRequiredWebApplicationContext(servletContext);
        if (requiredWebApplicationContext == null) {
            throw new ServletException("spring not found");
        }
        return requiredWebApplicationContext.getBean(str);
    }

    public String getIgnorePatternString() {
        return this.ignorePatternString;
    }

    public String getIncludePatternString() {
        return this.includePatternString;
    }

    public String getLoginUrl() {
        if (StringUtils.isEmpty(this.loginUrl)) {
            this.loginUrl = "/login.jsp";
        }
        return this.loginUrl.startsWith("/") ? this.loginUrl : "/" + this.loginUrl;
    }

    protected void handleNotAuthenticated(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (isAjax(httpServletRequest)) {
            httpServletResponse.setStatus(401);
            return;
        }
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        String queryString = httpServletRequest.getQueryString();
        if (queryString != null) {
            stringBuffer = stringBuffer + Condition.Operation.EMPTY_PARAM + queryString;
        }
        httpServletResponse.sendRedirect(Util.appendQueryParam(httpServletRequest.getContextPath() + getLoginUrl(), "returnUrl", URLEncoder.encode(stringBuffer, this.encoding)));
    }

    protected void handleNotAuthorized(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setStatus(403);
    }

    protected boolean ignores(String str) {
        if (this.includePattern != null) {
            return !this.includePattern.matcher(str).matches();
        }
        if (this.ignorePattern != null) {
            return this.ignorePattern.matcher(str).matches();
        }
        return true;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.ignorePatternString = filterConfig.getInitParameter(IGNORE_PATTERN_PARAM);
        if (StringUtils.isNotEmpty(this.ignorePatternString)) {
            setIgnorePattern(this.ignorePatternString);
        }
        this.includePatternString = filterConfig.getInitParameter(IGNORE_PATTERN_PARAM);
        if (StringUtils.isNotEmpty(this.includePatternString)) {
            setIncludePattern(this.includePatternString);
        }
        String initParameter = filterConfig.getInitParameter(LOGIN_URL_PARAM);
        if (StringUtils.isNotEmpty(initParameter)) {
            setLoginUrl(initParameter);
        }
        this.providerName = filterConfig.getInitParameter(PROVIDER_BAEN_NAME);
        if (!"false".equalsIgnoreCase(filterConfig.getInitParameter(LOAD_ENV_PARAM))) {
            initEnvironmentFilter(filterConfig);
        }
        if (this.environmentFilter != null) {
            this.environmentFilter.init(filterConfig);
        }
    }

    protected void initEnvironmentFilter(FilterConfig filterConfig) {
        boolean z = false;
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        if (contextClassLoader != null) {
            try {
                contextClassLoader.loadClass("bingo.environment.EnvironmentFilter");
                z = true;
            } catch (ClassNotFoundException e) {
            } catch (NoClassDefFoundError e2) {
            }
        }
        if (!z) {
            try {
                SecurityFilter.class.getClassLoader().loadClass("bingo.environment.EnvironmentFilter");
                z = true;
            } catch (ClassNotFoundException e3) {
            } catch (NoClassDefFoundError e4) {
            }
        }
        if (z) {
            log.debug("found environment filter,load it");
            this.environmentFilter = new EnvironmentFilter();
        }
    }

    protected boolean isAjax(HttpServletRequest httpServletRequest) {
        return AJAX_REQUEST_VALUE.equals(httpServletRequest.getHeader(AJAX_REQUEST_HEADER));
    }

    protected boolean isLoginPath(String str) {
        return str.equals(getLoginUrl());
    }

    public void setEncoding(String str) {
        this.encoding = str;
    }

    public void setEnvironmentFilter(Filter filter) {
        this.environmentFilter = filter;
    }

    public void setIgnorePatternString(String str) {
        this.ignorePatternString = str;
        setIgnorePattern(str);
    }

    public void setIncludePatternString(String str) {
        this.includePatternString = str;
        setIncludePattern(str);
    }

    public void setLoginUrl(String str) {
        if (Util.isNullOrEmpty(str)) {
            return;
        }
        this.loginUrl = str.trim();
    }

    public void setProvider(ISecurityProvider iSecurityProvider) {
        this.provider = iSecurityProvider;
    }
}
