package cn.myapps.base.web.filter;

import cn.myapps.authtime.common.service.AuthTimeServiceManager;
import cn.myapps.authtime.user.model.UserVO;
import cn.myapps.base.web.WebUser;
import cn.myapps.common.Environment;
import cn.myapps.common.controller.Resource;
import cn.myapps.common.util.PropertyUtil;
import cn.myapps.common.util.Security;
import cn.myapps.common.util.SpringApplicationContextUtil;
import cn.myapps.common.util.StringUtil;
import cn.myapps.designtime.common.cache.DesignTimeSerializableCache;
import cn.myapps.designtime.common.util.fs.VirtualFileSystemUtils;
import cn.myapps.runtime.mobile.security.service.SecurityServiceImpl;
import cn.myapps.runtime.security.Firewall;
import cn.myapps.runtime.security.PayloadXssRequestWrapper;
import cn.myapps.runtime.security.XssHttpServletRequestWrapper;
import cn.myapps.support.lanxin.service.LanxinOAuth2Handle;
import cn.myapps.support.weixin.WeixinServiceProxy;
import cn.myapps.util.http.CookieUtil;
import cn.myapps.util.uri.RequestIpUtil;
import com.KGitextpdf.text.Annotation;
import com.KGitextpdf.text.pdf.PdfBoolean;
import com.KGitextpdf.text.pdf.PdfObject;
import com.bcxin.components.TenantContext;
import com.bcxin.saas.core.InjectResolver;
import com.bcxin.saas.core.components.DataPermissionScopeConfig;
import com.bcxin.saas.core.components.FeatureOptionChecker;
import com.bcxin.saas.core.components.JsonProvider;
import com.bcxin.saas.core.components.SecondCacheProvider;
import com.bcxin.saas.core.components.ThreadContextManager;
import com.bcxin.saas.core.exceptions.SaasUnAuthorizeException;
import com.bcxin.saas.core.logs.OutputLogProvider;
import com.bcxin.saas.core.utils.ComponentUtils;
import com.bcxin.saas.logging.LoggerProviderImpl;
import java.io.File;
import java.io.IOException;
import java.util.Collections;
import java.util.UUID;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import jodd.net.HttpStatus;
import net.lingala.zip4j.util.InternalZipConstants;
import org.apache.logging.log4j.ThreadContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.StringUtils;

/* loaded from: input_file:cn/myapps/base/web/filter/SecurityFilter.class */
public class SecurityFilter implements Filter {
    private static final Logger logger = LoggerFactory.getLogger(SecurityFilter.class);
    private Firewall firewall = null;

    /* JADX WARN: Finally extract failed */
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String requestURI = httpServletRequest.getRequestURI();
        if (ComponentUtils.isFilterIgnored(requestURI) || checkIfBearerOrAnUser(requestURI, httpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (!DesignTimeSerializableCache.readyForHandle()) {
            ThreadContext.put("ignore", PdfBoolean.TRUE);
            ((HttpServletResponse) servletResponse).setStatus(HttpStatus.HttpStatus405.error405().status());
            servletResponse.getWriter().write(((JsonProvider) SpringApplicationContextUtil.getBean(JsonProvider.class)).getJson(Resource.error(405, "组件加载中", Collections.emptyList())));
            return;
        }
        ThreadContext.put("log.persistence", PdfBoolean.TRUE);
        ThreadContext.put("traceId", UUID.randomUUID().toString());
        ThreadContext.put("requestURI", requestURI);
        ThreadContext.put("ipAddress", RequestIpUtil.getIp(httpServletRequest));
        SecondCacheProvider secondCacheProvider = (SecondCacheProvider) SpringApplicationContextUtil.getBean(SecondCacheProvider.class);
        try {
            try {
                secondCacheProvider.setData("KEY_FileSystemManager", true);
                try {
                    Cookie cookie = CookieUtil.getCookie(LoggerProviderImpl.JDBC_APPENDER_ENABLED_PRINT_FLAG, httpServletRequest);
                    if (cookie == null || !PdfBoolean.TRUE.equalsIgnoreCase(cookie.getValue())) {
                        FeatureOptionChecker.enable(LoggerProviderImpl.JDBC_APPENDER_ENABLED_PRINT_FLAG, false);
                    } else {
                        FeatureOptionChecker.enable(LoggerProviderImpl.JDBC_APPENDER_ENABLED_PRINT_FLAG, true);
                    }
                    if (httpServletRequest.getRequestURI().contains("/macro/log")) {
                        CookieUtil.setCookie(LoggerProviderImpl.JDBC_APPENDER_ENABLED_PRINT_FLAG, PdfBoolean.TRUE, (HttpServletResponse) servletResponse);
                        FeatureOptionChecker.enable(LoggerProviderImpl.JDBC_APPENDER_ENABLED_PRINT_FLAG, true);
                    }
                } catch (Exception e) {
                    e.printStackTrace();
                }
                HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
                try {
                    Environment environment = Environment.getInstance();
                    String method = httpServletRequest.getMethod();
                    if (method.equals("GET") || method.equals("POST") || method.equals("PUT") || method.equals("DELETE") || method.equals("PATCH")) {
                        if (StringUtil.isBlank(environment.getBaseUrl()) && !httpServletRequest.getRequestURI().contains("/actuator/health")) {
                            environment.setBaseUrl(httpServletRequest.getRequestURL().toString().replaceAll(httpServletRequest.getRequestURI(), PdfObject.NOTHING));
                        }
                        String queryString = httpServletRequest.getQueryString();
                        if (isLoginURI(requestURI, httpServletRequest)) {
                            filterChain.doFilter(servletRequest, servletResponse);
                            ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                            VirtualFileSystemUtils.tryClose();
                            OutputLogProvider.flush();
                            try {
                                ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                            } catch (Exception e2) {
                                e2.printStackTrace();
                            }
                            try {
                                secondCacheProvider.clear();
                                return;
                            } catch (Exception e3) {
                                e3.printStackTrace();
                                return;
                            }
                        }
                        if (this.firewall == null) {
                            this.firewall = Firewall.getInstance();
                        }
                        try {
                            if (!this.firewall.excute(httpServletRequest, httpServletResponse)) {
                                ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                VirtualFileSystemUtils.tryClose();
                                OutputLogProvider.flush();
                                try {
                                    ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                } catch (Exception e4) {
                                    e4.printStackTrace();
                                }
                                try {
                                    secondCacheProvider.clear();
                                    return;
                                } catch (Exception e5) {
                                    e5.printStackTrace();
                                    return;
                                }
                            }
                            if (this.firewall != null && this.firewall.isStartFirewall() && this.firewall.isStrongMode() && !this.firewall.isIgnoreUri(requestURI.toLowerCase())) {
                                servletRequest = new PayloadXssRequestWrapper(new XssHttpServletRequestWrapper(httpServletRequest));
                            }
                            String parameter = httpServletRequest.getParameter("mode");
                            if (parameter != null && parameter.equals("email")) {
                                httpServletRequest.setAttribute("handleUrl", httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + requestURI + "?" + queryString);
                            }
                            if (isExcludeURI(requestURI, httpServletRequest)) {
                                if (requestURI.indexOf("/domain/login") < 0) {
                                    filterChain.doFilter(servletRequest, servletResponse);
                                } else {
                                    httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/domain/index.html#/login");
                                }
                                ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                VirtualFileSystemUtils.tryClose();
                                OutputLogProvider.flush();
                                try {
                                    ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                } catch (Exception e6) {
                                    e6.printStackTrace();
                                }
                                try {
                                    secondCacheProvider.clear();
                                    return;
                                } catch (Exception e7) {
                                    e7.printStackTrace();
                                    return;
                                }
                            }
                            if (isDomainAdminURI(httpServletRequest)) {
                                try {
                                    WebUser adminUser = AuthTimeServiceManager.getAdminUser(httpServletRequest);
                                    if (adminUser == null) {
                                        responseUnauthorized(httpServletResponse, httpServletRequest);
                                    } else {
                                        try {
                                            String token = Security.getToken(adminUser.getId());
                                            Long adminExpiresAtFromToken = Security.getAdminExpiresAtFromToken(httpServletRequest);
                                            if (adminExpiresAtFromToken == null || adminExpiresAtFromToken.longValue() - System.currentTimeMillis() < 3600000) {
                                                Cookie cookie2 = new Cookie("adminToken", token);
                                                cookie2.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
                                                httpServletResponse.addCookie(cookie2);
                                            }
                                        } catch (Exception e8) {
                                            e8.printStackTrace();
                                        }
                                        filterChain.doFilter(servletRequest, servletResponse);
                                    }
                                } catch (Exception e9) {
                                    responseUnauthorized(httpServletResponse, httpServletRequest);
                                }
                            } else {
                                WebUser webUser = AuthTimeServiceManager.getWebUser(httpServletRequest);
                                if (webUser == null) {
                                    if (isRequireWeixinAuth(httpServletRequest)) {
                                        try {
                                            WeixinServiceProxy.auth(httpServletRequest, httpServletResponse, filterChain);
                                            if (isRequireWeixinAuth(httpServletRequest)) {
                                                httpServletResponse.sendRedirect(httpServletRequest.getParameter("jumpTo"));
                                                ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                                VirtualFileSystemUtils.tryClose();
                                                OutputLogProvider.flush();
                                                try {
                                                    ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                                } catch (Exception e10) {
                                                    e10.printStackTrace();
                                                }
                                                try {
                                                    secondCacheProvider.clear();
                                                    return;
                                                } catch (Exception e11) {
                                                    e11.printStackTrace();
                                                    return;
                                                }
                                            }
                                        } catch (Exception e12) {
                                            e12.printStackTrace();
                                        }
                                    }
                                    if (isFromApp(httpServletRequest)) {
                                        if (queryString != null && queryString.indexOf("jump") >= 0 && queryString.indexOf("userId") >= 0) {
                                            setWebUser(servletRequest.getParameter("userId"), httpServletRequest, httpServletResponse);
                                            filterChain.doFilter(servletRequest, servletResponse);
                                            ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                            VirtualFileSystemUtils.tryClose();
                                            OutputLogProvider.flush();
                                            try {
                                                ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                            } catch (Exception e13) {
                                                e13.printStackTrace();
                                            }
                                            try {
                                                secondCacheProvider.clear();
                                                return;
                                            } catch (Exception e14) {
                                                e14.printStackTrace();
                                                return;
                                            }
                                        }
                                        try {
                                            new SecurityServiceImpl().sso(httpServletRequest, httpServletResponse, filterChain);
                                        } catch (Exception e15) {
                                            e15.printStackTrace();
                                        }
                                    }
                                }
                                if (webUser != null) {
                                    ThreadContext.put("userId", webUser.getId());
                                    ThreadContext.put("orgId", webUser.getDomainid());
                                    TenantContext.EmployeeOrgBasicInfo init = TenantContext.getInstance().init((DataPermissionScopeConfig) SpringApplicationContextUtil.getBean(DataPermissionScopeConfig.class), (InjectResolver) SpringApplicationContextUtil.getBean(InjectResolver.class), webUser.getDomainid(), webUser.getId());
                                    try {
                                        Security.addAccessToken2ResponseCookie(servletRequest, servletResponse);
                                        String token2 = Security.getToken(init.getEmployeeId());
                                        if (Security.getUserExpiresAtFromToken(httpServletRequest).longValue() - System.currentTimeMillis() < 3600000) {
                                            Cookie cookie3 = new Cookie("accessToken", token2);
                                            cookie3.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
                                            cookie3.setMaxAge(7200);
                                            httpServletResponse.addCookie(cookie3);
                                        }
                                        if (isRequireWeixinAuth(httpServletRequest)) {
                                            httpServletResponse.sendRedirect(httpServletRequest.getParameter("jumpTo"));
                                            ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                            VirtualFileSystemUtils.tryClose();
                                            OutputLogProvider.flush();
                                            try {
                                                ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                            } catch (Exception e16) {
                                                e16.printStackTrace();
                                            }
                                            try {
                                                secondCacheProvider.clear();
                                                return;
                                            } catch (Exception e17) {
                                                e17.printStackTrace();
                                                return;
                                            }
                                        }
                                    } catch (Exception e18) {
                                        logger.error("设置AccessToken过期问题:{}", requestURI, e18);
                                    }
                                }
                                if (requestURI.matches("^.*" + ((HttpServletRequest) servletRequest).getContextPath() + InternalZipConstants.ZIP_FILE_SEPARATOR) || requestURI.matches("^.*/portal/good/index.html")) {
                                    try {
                                        String userIdFromToken = Security.getUserIdFromToken(httpServletRequest);
                                        if (userIdFromToken == null) {
                                            userIdFromToken = Security.getDebugUserIdFromToken(httpServletRequest);
                                        }
                                        if (userIdFromToken != null) {
                                            filterChain.doFilter(servletRequest, servletResponse);
                                            ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                            VirtualFileSystemUtils.tryClose();
                                            OutputLogProvider.flush();
                                            try {
                                                ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                            } catch (Exception e19) {
                                                e19.printStackTrace();
                                            }
                                            try {
                                                secondCacheProvider.clear();
                                                return;
                                            } catch (Exception e20) {
                                                e20.printStackTrace();
                                                return;
                                            }
                                        }
                                        if (getWarContextPath(httpServletRequest).equals(PdfObject.NOTHING)) {
                                            httpServletResponse.sendRedirect("./login/login.html");
                                            ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                            VirtualFileSystemUtils.tryClose();
                                            OutputLogProvider.flush();
                                            try {
                                                ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                            } catch (Exception e21) {
                                                e21.printStackTrace();
                                            }
                                            try {
                                                secondCacheProvider.clear();
                                                return;
                                            } catch (Exception e22) {
                                                e22.printStackTrace();
                                                return;
                                            }
                                        }
                                        httpServletResponse.sendRedirect("/signon/login.html?url=" + httpServletRequest.getRequestURI());
                                        ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                        VirtualFileSystemUtils.tryClose();
                                        OutputLogProvider.flush();
                                        try {
                                            ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                        } catch (Exception e23) {
                                            e23.printStackTrace();
                                        }
                                        try {
                                            secondCacheProvider.clear();
                                            return;
                                        } catch (Exception e24) {
                                            e24.printStackTrace();
                                            return;
                                        }
                                    } catch (Exception e25) {
                                        httpServletResponse.sendRedirect("/signon/login.html?url=" + httpServletRequest.getRequestURI());
                                        ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                        VirtualFileSystemUtils.tryClose();
                                        OutputLogProvider.flush();
                                        try {
                                            ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                        } catch (Exception e26) {
                                            e26.printStackTrace();
                                        }
                                        try {
                                            secondCacheProvider.clear();
                                            return;
                                        } catch (Exception e27) {
                                            e27.printStackTrace();
                                            return;
                                        }
                                    }
                                }
                                if (isForegroundURI(requestURI)) {
                                    Security.addAccessToken2ResponseCookie(servletRequest, servletResponse);
                                    if (webUser != null) {
                                        if (parameter != null && parameter.equals("email")) {
                                            httpServletRequest.getRequestDispatcher("/portal/share/security/handle.jsp").forward(servletRequest, servletResponse);
                                        } else if (requestURI.indexOf("portal/phone/main.jsp") <= -1 || StringUtil.isBlank(servletRequest.getParameter("jumpToUrl"))) {
                                            try {
                                                filterChain.doFilter(servletRequest, servletResponse);
                                                ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                                                VirtualFileSystemUtils.tryClose();
                                                OutputLogProvider.flush();
                                                try {
                                                    ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
                                                } catch (Exception e28) {
                                                    e28.printStackTrace();
                                                }
                                                try {
                                                    secondCacheProvider.clear();
                                                    return;
                                                } catch (Exception e29) {
                                                    e29.printStackTrace();
                                                    return;
                                                }
                                            } catch (Exception e30) {
                                                e30.printStackTrace();
                                            }
                                        } else {
                                            String parameter2 = servletRequest.getParameter("jumpToUrl");
                                            String parameter3 = servletRequest.getParameter(Annotation.APPLICATION);
                                            String substring = parameter2.substring(parameter2.indexOf("_formid") + 8, parameter2.indexOf("&"));
                                            String substring2 = servletRequest.getParameter("jumpToUrl").substring(servletRequest.getParameter("jumpToUrl").indexOf("&") + 1);
                                            String parameter4 = servletRequest.getParameter("accessToken");
                                            if (parameter4 == null) {
                                                parameter4 = servletRequest.getParameter("access_token");
                                            }
                                            Cookie cookie4 = new Cookie("accessToken", parameter4);
                                            cookie4.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
                                            httpServletResponse.addCookie(cookie4);
                                            String substring3 = substring2.substring(substring2.indexOf("_docid") + 7, substring2.indexOf("&"));
                                            httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/mobile/index.html?application=" + parameter3 + "&linkType=00&actionContent=" + substring + "&docId=" + substring3 + "#/open?linkType=00&actionContent=" + substring + "&docId=" + substring3);
                                        }
                                    } else if ("sso".equals(PropertyUtil.get("authentication.type"))) {
                                        String header = httpServletRequest.getHeader("Authorization");
                                        if (!"cn.myapps.security.sso.ADUserSSO".equals(PropertyUtil.get("sso.implementation")) || header != null) {
                                            if (!StringUtil.isBlank(PdfObject.NOTHING)) {
                                                servletRequest.setAttribute("errorMsg", PdfObject.NOTHING);
                                            }
                                            if ("cn.myapps.security.sso.CookieUserSSO".equals(PropertyUtil.get("sso.implementation"))) {
                                                httpServletRequest.getRequestDispatcher("/portal/share/security/login.jsp").forward(servletRequest, servletResponse);
                                            }
                                        }
                                    } else if (parameter != null && parameter.equals("email")) {
                                        httpServletRequest.getRequestDispatcher("/portal/share/security/login.jsp").forward(servletRequest, servletResponse);
                                    } else if (isRequireWeixinAuth(httpServletRequest)) {
                                        try {
                                            WeixinServiceProxy.auth(httpServletRequest, httpServletResponse, filterChain);
                                        } catch (Exception e31) {
                                            e31.printStackTrace();
                                        }
                                    } else if (isRequireLanxinAuth(httpServletRequest)) {
                                        try {
                                            LanxinOAuth2Handle.auth(httpServletRequest, httpServletResponse, filterChain);
                                        } catch (Exception e32) {
                                            e32.printStackTrace();
                                        }
                                    } else if (isFromApp(httpServletRequest)) {
                                        if (queryString == null || queryString.indexOf("jump") < 0) {
                                            try {
                                                new SecurityServiceImpl().sso(httpServletRequest, httpServletResponse, filterChain);
                                            } catch (Exception e33) {
                                                e33.printStackTrace();
                                            }
                                        } else {
                                            Cookie cookie5 = new Cookie("accessToken", servletRequest.getParameter("access_token"));
                                            cookie5.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
                                            httpServletResponse.addCookie(cookie5);
                                        }
                                    } else if (CheckAgent(httpServletRequest.getHeader("User-Agent")) && StringUtils.hasLength(httpServletRequest.getHeader("Referer"))) {
                                        httpServletResponse.sendRedirect("/static/signon/index.html?url=" + ((HttpServletRequest) servletRequest).getContextPath());
                                    } else {
                                        httpServletResponse.setStatus(401);
                                    }
                                } else {
                                    httpServletResponse.sendRedirect("/static/signon/index.html?url=" + httpServletRequest.getContextPath());
                                }
                            }
                        } catch (Exception e34) {
                            throw new ServletException(e34.getMessage());
                        }
                    }
                    ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                    VirtualFileSystemUtils.tryClose();
                    OutputLogProvider.flush();
                } catch (Throwable th) {
                    ThreadContext.put("responseStatus", String.valueOf(httpServletResponse.getStatus()));
                    VirtualFileSystemUtils.tryClose();
                    OutputLogProvider.flush();
                    throw th;
                }
            } catch (Throwable th2) {
                logger.error("请求(url={}, method={})发生异常", new Object[]{requestURI, httpServletRequest.getMethod(), th2});
                throw th2;
            }
        } finally {
            try {
                ((ThreadContextManager) SpringApplicationContextUtil.getBean(ThreadContextManager.class)).clear();
            } catch (Exception e35) {
                e35.printStackTrace();
            }
            try {
                secondCacheProvider.clear();
            } catch (Exception e36) {
                e36.printStackTrace();
            }
        }
    }

    private boolean isRequireLanxinAuth(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("user-agent");
        String queryString = httpServletRequest.getQueryString();
        return header.contains("Lanxin") && queryString != null && queryString.indexOf("code") >= 0 && queryString.indexOf("state") >= 0;
    }

    private boolean isRequireWeixinAuth(HttpServletRequest httpServletRequest) {
        String queryString = httpServletRequest.getQueryString();
        return "MicroMessenger".contains("MicroMessenger") && httpServletRequest.getRequestURI().indexOf("/sso") >= 0 && queryString != null && queryString.indexOf("code") >= 0 && queryString.indexOf("state") >= 0;
    }

    private boolean isFromApp(HttpServletRequest httpServletRequest) {
        String queryString = httpServletRequest.getQueryString();
        return queryString != null && queryString.indexOf("mode") >= 0 && queryString.indexOf("access_token") >= 0;
    }

    private boolean isExcludeURI(String str, HttpServletRequest httpServletRequest) {
        if ("eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhdXRoMCIsImV4cCI6Nzk5OTkyMDAwMCwidXNlcm5hbWUiOiJDcHFxNUc2akhUZlZTUmV5eGdXIn0.OmjyOeRc5er7cUrfGoehcMZAb-O-g79B495Xx6e_OPI".equals(httpServletRequest.getHeader("accessToken"))) {
            return true;
        }
        return (str.indexOf("mobile") >= 0 && str.indexOf("mobile/index.html") > 0) || str.indexOf("help") >= 0 || str.matches("^.*actuator/health$") || str.matches("^.*.jpg$|^.*.gif$|^.*.png$|^.*.js$|^.*.css$|^.*.map$|^.*.html$|^.*.woff$") || str.startsWith(new StringBuilder().append(httpServletRequest.getContextPath()).append("/extend/").toString()) || str.startsWith(new StringBuilder().append(httpServletRequest.getContextPath()).append("/common/").toString()) || str.startsWith(new StringBuilder().append(httpServletRequest.getContextPath()).append("/tray/service/").toString()) || str.indexOf("/uploads/") >= 0 || str.indexOf("/servlet/AdminServlet") >= 0 || str.indexOf("/dingding.html") >= 0 || str.indexOf("loginInDialog.action") >= 0 || str.equals(InternalZipConstants.ZIP_FILE_SEPARATOR) || str.indexOf("/admin") >= 0 || str.indexOf("/checkCodeImg") >= 0 || str.indexOf("woff") >= 0 || str.indexOf("/dingding/") >= 0 || str.indexOf("/changelanguage") >= 0 || str.indexOf("desktop") >= 0 || str.indexOf("/core/macro/debuger/") >= 0 || str.indexOf("smsauth.action") >= 0 || str.indexOf("saas/multilanguage/change") >= 0 || str.indexOf("saas/changeLanguageKm") >= 0 || str.indexOf("/weioa365/services") >= 0 || str.indexOf("/weixin/") >= 0 || str.indexOf("/lanxin/") >= 0 || str.indexOf("/portal/component/user/") >= 0 || str.indexOf("/rest/") >= 0 || str.indexOf("/monitors/workflows/") >= 0 || str.indexOf("/runtime/app/") >= 0 || str.indexOf("/macro") >= 0 || str.indexOf("/actuator") >= 0 || str.indexOf("/showjrxml/") >= 0 || str.indexOf("/getCustomColumnsInfos") >= 0 || str.indexOf("/tray/service") >= 0 || str.indexOf("/office/service") >= 0 || str.indexOf("/domain/index.html") >= 0 || str.indexOf("/iwebpdf") >= 0 || str.indexOf("/bcxin/") >= 0 || str.indexOf("/runtime/database/sync") >= 0 || str.indexOf("/getAccessToken") >= 0 || str.indexOf("/runtime/sync/") >= 0 || str.indexOf("/notifyOverDue") >= 0 || str.indexOf("/accessToken") >= 0;
    }

    private boolean isForegroundURI(String str) {
        return str.indexOf("/portal/") >= 0 || str.indexOf("/mobile/") >= 0 || str.indexOf("/pm/") >= 0 || str.indexOf("/km/") >= 0 || str.indexOf("/kms/") >= 0 || str.indexOf("/kmswap/") >= 0 || str.indexOf("/rm/") >= 0 || str.indexOf("/message/") >= 0 || str.indexOf("/attendance/") >= 0 || str.indexOf("/dispatcher.html") >= 0 || str.indexOf("/index.html") >= 0 || str.indexOf("/saas/weioa/") >= 0 || str.indexOf("/contacts/") >= 0 || str.indexOf("/qm/") >= 0 || str.indexOf("/jasperreport/") >= 0 || str.indexOf("/magic-api/") >= 0 || str.indexOf("/api/v2/runtime/") >= 0 || str.indexOf("/bcxin/") >= 0 || str.indexOf("/v2/sync") >= 0 || str.indexOf("/v3/extends") >= 0 || str.indexOf("/api/runtime/") >= 0 || (str.indexOf("/api/runtime-ex/") >= 0 && str.indexOf("/workflow/storage/runtime/intervention") < 0);
    }

    private boolean isLoginURI(String str, HttpServletRequest httpServletRequest) {
        return (str.matches(new StringBuilder().append("^").append(new StringBuilder().append(httpServletRequest.getContextPath()).append("/api/debuglogin.*").toString()).toString()) || str.matches(new StringBuilder().append("^").append(httpServletRequest.getContextPath()).append("/login/debuglogin.html").toString())) ? AuthTimeServiceManager.getAdminUser(httpServletRequest) != null : str.matches(new StringBuilder().append("^").append(new StringBuilder().append(httpServletRequest.getContextPath()).append("/api/runtime/login.*").toString()).toString()) || str.matches(new StringBuilder().append("^").append(new StringBuilder().append(httpServletRequest.getContextPath()).append("/login.*").toString()).toString()) || str.matches(new StringBuilder().append("^").append(new StringBuilder().append(httpServletRequest.getContextPath()).append("/actuator/health").toString()).toString());
    }

    private boolean isDomainAdminURI(HttpServletRequest httpServletRequest) {
        String str = httpServletRequest.getContextPath() + "/api/authtime/.*";
        String requestURI = httpServletRequest.getRequestURI();
        return requestURI.matches(new StringBuilder().append("^").append(str).toString()) || requestURI.indexOf("/systemMonitor") >= 0 || requestURI.indexOf("/system/monitor/time") >= 0 || requestURI.indexOf("/servlet/AdminServlet") >= 0 || requestURI.indexOf("/core/monitor") >= 0 || requestURI.indexOf("swagger") >= 0 || requestURI.indexOf("api-docs") >= 0 || requestURI.indexOf("/synchronization") >= 0;
    }

    public void destroy() {
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public static boolean CheckAgent(String str) {
        boolean z = false;
        String[] strArr = {"Android", "iPhone", "iPod", "iPad", "Windows Phone", "MQQBrowser"};
        int length = strArr.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (str.contains(strArr[i])) {
                z = true;
                break;
            }
            i++;
        }
        return z;
    }

    private void responseUnauthorized(HttpServletResponse httpServletResponse, HttpServletRequest httpServletRequest) {
        httpServletResponse.setStatus(401);
    }

    public String getWarContextPath(HttpServletRequest httpServletRequest) {
        PropertyUtil.getPath();
        File[] listFiles = new File(httpServletRequest.getRealPath(InternalZipConstants.ZIP_FILE_SEPARATOR)).getParentFile().listFiles();
        String str = PdfObject.NOTHING;
        int length = listFiles.length;
        int i = 0;
        loop0: while (true) {
            if (i >= length) {
                break;
            }
            File file = listFiles[i];
            File[] listFiles2 = file.listFiles();
            if (file.isDirectory()) {
                for (File file2 : listFiles2) {
                    if (file2.getName().equals("portal")) {
                        str = file.getName();
                        break loop0;
                    }
                }
            }
            i++;
        }
        return str;
    }

    private void setWebUser(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        try {
            UserVO doView = AuthTimeServiceManager.userRuntimeService().doView(str);
            if (doView != null) {
                Security.addAccessToken2ResponseCookie(httpServletRequest, httpServletResponse);
                HttpSession session = httpServletRequest.getSession();
                WebUser webUser = new WebUser(doView);
                webUser.setRecordLog(doView.getDomain().getLog().booleanValue());
                webUser.setServerAddr(httpServletRequest.getScheme() + "://" + httpServletRequest.getServerName() + ":" + httpServletRequest.getServerPort() + InternalZipConstants.ZIP_FILE_SEPARATOR);
                webUser.setEquipment(1);
                session.setAttribute("SKINTYPE", "phone");
                session.setAttribute("visit_from_app", PdfBoolean.TRUE);
                String token = Security.getToken(str);
                webUser.setACCESS_TOKEN(httpServletRequest, token);
                WebUser.setWebUser(webUser, httpServletRequest);
                Cookie cookie = new Cookie("accessToken", token);
                cookie.setPath(InternalZipConstants.ZIP_FILE_SEPARATOR);
                httpServletResponse.addCookie(cookie);
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private boolean checkIfBearerOrAnUser(String str, HttpServletRequest httpServletRequest) {
        if (!str.contains("/magic-api/bearer-users")) {
            return str.contains("/magic-api/anonymous-users");
        }
        if (StringUtil.isBlank(Security.extractBearerUserId(httpServletRequest))) {
            throw new SaasUnAuthorizeException(String.format("%s API 对于的Bearer Token不能为空", str));
        }
        return true;
    }
}
