package org.support.project.web.logic;

import java.lang.annotation.Annotation;
import java.security.NoSuchAlgorithmException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.support.project.common.exception.SerializeException;
import org.support.project.common.log.Log;
import org.support.project.common.log.LogFactory;
import org.support.project.common.serialize.SerializeUtils;
import org.support.project.common.util.StringUtils;
import org.support.project.di.Container;
import org.support.project.di.DI;
import org.support.project.di.Instance;
import org.support.project.web.bean.CSRFTokens;
import org.support.project.web.common.HttpUtil;
import org.support.project.web.common.InvokeTarget;
import org.support.project.web.config.AppConfig;
import org.support.project.web.config.WebConfig;
import org.support.project.web.control.service.Delete;
import org.support.project.web.control.service.Get;
import org.support.project.web.control.service.Post;
import org.support.project.web.control.service.Put;
import org.support.project.web.dao.SystemConfigsDao;
import org.support.project.web.entity.SystemConfigsEntity;

@DI(instance = Instance.Singleton)
/* loaded from: input_file:org/support/project/web/logic/HttpRequestCheckLogic.class */
public class HttpRequestCheckLogic {
    private static final Log LOG = LogFactory.getLog(HttpRequestCheckLogic.class);
    private static final String CSRF_TOKENS = "CSRFTokens";
    private static final String CSRF_REQIDS = "CSRFReqIds";
    public static final String REQ_ID_KEY = "__REQ_ID_KEY";

    public static HttpRequestCheckLogic get() {
        return (HttpRequestCheckLogic) Container.getComp(HttpRequestCheckLogic.class);
    }

    public boolean checkReferrer(HttpServletRequest httpServletRequest) {
        SystemConfigsEntity selectOnKey = SystemConfigsDao.get().selectOnKey(WebConfig.KEY_SYSTEM_URL, AppConfig.get().getSystemName());
        if (selectOnKey == null) {
            return true;
        }
        String configValue = selectOnKey.getConfigValue();
        String header = httpServletRequest.getHeader("REFERER");
        if (header.startsWith(configValue)) {
            return true;
        }
        LOG.warn("It is a request from outside the system.");
        LOG.warn("Request: " + HttpUtil.getRequestInfo(httpServletRequest));
        LOG.warn("Referer: " + header);
        return false;
    }

    private String getSubscribeToken(InvokeTarget invokeTarget) {
        for (Annotation annotation : invokeTarget.getTargetMethod().getAnnotations()) {
            if (annotation instanceof Get) {
                return ((Get) annotation).subscribeToken();
            }
            if (annotation instanceof Put) {
                return ((Put) annotation).subscribeToken();
            }
            if (annotation instanceof Post) {
                return ((Post) annotation).subscribeToken();
            }
            if (annotation instanceof Delete) {
                return ((Delete) annotation).subscribeToken();
            }
        }
        return "";
    }

    private String getPublishToken(InvokeTarget invokeTarget) {
        for (Annotation annotation : invokeTarget.getTargetMethod().getAnnotations()) {
            if (annotation instanceof Get) {
                return ((Get) annotation).publishToken();
            }
            if (annotation instanceof Put) {
                return ((Put) annotation).publishToken();
            }
            if (annotation instanceof Post) {
                return ((Post) annotation).publishToken();
            }
            if (annotation instanceof Delete) {
                return ((Delete) annotation).publishToken();
            }
        }
        return "";
    }

    private boolean isCheckReferer(InvokeTarget invokeTarget) {
        for (Annotation annotation : invokeTarget.getTargetMethod().getAnnotations()) {
            if (annotation instanceof Get) {
                return ((Get) annotation).checkReferer();
            }
            if (annotation instanceof Put) {
                return ((Put) annotation).checkReferer();
            }
            if (annotation instanceof Post) {
                return ((Post) annotation).checkReferer();
            }
            if (annotation instanceof Delete) {
                return ((Delete) annotation).checkReferer();
            }
        }
        return false;
    }

    private boolean isCheckReqToken(InvokeTarget invokeTarget) {
        for (Annotation annotation : invokeTarget.getTargetMethod().getAnnotations()) {
            if (annotation instanceof Get) {
                return ((Get) annotation).checkReqToken();
            }
            if (annotation instanceof Put) {
                return ((Put) annotation).checkReqToken();
            }
            if (annotation instanceof Post) {
                return ((Post) annotation).checkReqToken();
            }
            if (annotation instanceof Delete) {
                return ((Delete) annotation).checkReqToken();
            }
        }
        return false;
    }

    public void setCSRFTocken(InvokeTarget invokeTarget, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws NoSuchAlgorithmException {
        String publishToken = getPublishToken(invokeTarget);
        if (StringUtils.isEmpty(publishToken)) {
            return;
        }
        HttpSession session = httpServletRequest.getSession();
        CSRFTokens cSRFTokens = (CSRFTokens) session.getAttribute(CSRF_TOKENS);
        if (cSRFTokens == null) {
            cSRFTokens = new CSRFTokens();
            session.setAttribute(CSRF_TOKENS, cSRFTokens);
        }
        cSRFTokens.addToken(publishToken);
        HttpUtil.setCookie(httpServletRequest, httpServletResponse, CSRF_TOKENS, SerializeUtils.objectToBase64(cSRFTokens));
        CSRFTokens cSRFTokens2 = (CSRFTokens) session.getAttribute(CSRF_REQIDS);
        if (cSRFTokens2 == null) {
            cSRFTokens2 = new CSRFTokens();
            session.setAttribute(CSRF_REQIDS, cSRFTokens2);
        }
        String addToken = cSRFTokens2.addToken(publishToken);
        if (LOG.isDebugEnabled()) {
            LOG.debug("Req Token : " + addToken);
        }
        httpServletRequest.setAttribute(REQ_ID_KEY, addToken);
    }

    public boolean checkCSRF(InvokeTarget invokeTarget, HttpServletRequest httpServletRequest) {
        CSRFTokens cSRFTokens;
        if (isCheckReferer(invokeTarget) && !get().checkReferrer(httpServletRequest)) {
            return false;
        }
        String subscribeToken = getSubscribeToken(invokeTarget);
        if (StringUtils.isEmpty(subscribeToken)) {
            return true;
        }
        HttpSession session = httpServletRequest.getSession();
        CSRFTokens cSRFTokens2 = (CSRFTokens) session.getAttribute(CSRF_TOKENS);
        if (cSRFTokens2 == null || (cSRFTokens = (CSRFTokens) session.getAttribute(CSRF_REQIDS)) == null) {
            return false;
        }
        String cookie = HttpUtil.getCookie(httpServletRequest, CSRF_TOKENS);
        if (StringUtils.isEmpty(cookie)) {
            return false;
        }
        try {
            if (!cSRFTokens2.checkToken(subscribeToken, (CSRFTokens) SerializeUtils.Base64ToObject(cookie, CSRFTokens.class))) {
                LOG.warn("Token NG : " + subscribeToken);
                return false;
            }
            if (!isCheckReqToken(invokeTarget)) {
                return true;
            }
            String parameter = httpServletRequest.getParameter(REQ_ID_KEY);
            if (cSRFTokens.checkToken(parameter)) {
                return true;
            }
            LOG.warn("Req Token NG : " + parameter);
            return false;
        } catch (SerializeException e) {
            LOG.trace("Failed to restore Token", e);
            return false;
        }
    }
}
