package com.ekingstar.jigsaw.servletfilter.hook.filter;

import com.ekingstar.jigsaw.util.ExtPropconfigUtil;
import com.ekingstar.jigsaw.util.HttpClientUtil;
import com.liferay.portal.kernel.json.JSONException;
import com.liferay.portal.kernel.json.JSONFactoryUtil;
import com.liferay.portal.kernel.json.JSONObject;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Date;
import java.util.HashSet;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.NameValuePair;

/* loaded from: input_file:WEB-INF/classes/com/ekingstar/jigsaw/servletfilter/hook/filter/BizAPIOAuthTokenFilter.class */
public class BizAPIOAuthTokenFilter implements Filter {
    private static String oauth_provider_server_url = null;
    private static String oauth_client_id = null;
    private static String oauth_client_secret = null;
    private static String oauth_client_server_url = null;

    public void destroy() {
        System.out.println("BizAPIOAuthTokenFilter.destroy");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        Boolean booleanFromDB;
        System.out.println("BizAPIOAuthTokenFilter.doFilter");
        try {
            booleanFromDB = ExtPropconfigUtil.getBooleanFromDB("biz-api.oauth.enabled", false);
            System.out.println(booleanFromDB);
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (!booleanFromDB.booleanValue()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (oauth_provider_server_url == null || oauth_provider_server_url.length() == 0) {
            oauth_provider_server_url = ExtPropconfigUtil.getStringFromDB("biz-api.oauth.provider.server.url", "http://localhost:9038/biz-api/oauth");
            oauth_client_id = ExtPropconfigUtil.getStringFromDB("biz-api.oauth.client.id", "client-api-resource");
            oauth_client_secret = ExtPropconfigUtil.getStringFromDB("biz-api.oauth.client.secret", "secret-api-resource");
            oauth_client_server_url = ExtPropconfigUtil.getStringFromDB("biz-api.oauth.client.server.url", "http://localhost:9008");
        }
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String requestURI = httpServletRequest.getRequestURI();
        if ("/login.jsp".equalsIgnoreCase(requestURI) || "/cas-logout.jsp".equalsIgnoreCase(requestURI) || "/c/portal/login".equalsIgnoreCase(requestURI) || "/c/portal/logout".equalsIgnoreCase(requestURI)) {
            System.out.println("remove OAuth Cookies and Session");
            removeCookies(httpServletRequest, httpServletResponse, "access_token", "token_type", "refresh_token", "expires_in", "scope", "expires_timestamp");
            removeSession(httpServletRequest, "access_token");
            removeSession(httpServletRequest, "token_type");
            removeSession(httpServletRequest, "refresh_token");
            removeSession(httpServletRequest, "expires_in");
            removeSession(httpServletRequest, "scope");
            removeSession(httpServletRequest, "expires_timestamp");
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (requestURI.startsWith("/web/")) {
            String str = oauth_client_server_url + requestURI;
            System.out.println(str + "==" + httpServletRequest.getQueryString());
            long time = new Date().getTime();
            String parameter = httpServletRequest.getParameter("code");
            String parameter2 = httpServletRequest.getParameter("state");
            if (parameter == null || parameter2 == null) {
                String session = getSession(httpServletRequest, "access_token");
                String session2 = getSession(httpServletRequest, "expires_timestamp");
                if (session != null && session2 != null && session2.length() > 0) {
                    long parseLong = Long.parseLong(session2);
                    System.out.println(parseLong + ">" + time + "==" + (parseLong > time));
                    if (parseLong > time) {
                        filterChain.doFilter(servletRequest, servletResponse);
                        return;
                    }
                    String session3 = getSession(httpServletRequest, "refresh_token");
                    if (session3 != null && session3.length() > 0) {
                        String str2 = oauth_provider_server_url + "/token";
                        System.out.println(str2);
                        String str3 = new String(Base64.encodeBase64String((oauth_client_id + ":" + oauth_client_secret).getBytes("UTF-8")));
                        System.out.println("basic=" + str3);
                        String post = HttpClientUtil.post(str2, new Header[]{new Header("Authorization", "Basic " + str3)}, new NameValuePair[]{new NameValuePair("grant_type", "refresh_token"), new NameValuePair("refresh_token", session3)}, "UTF-8", 0);
                        System.out.println(post);
                        if (!JSONFactoryUtil.createJSONObject(post).has("error")) {
                            processToken(httpServletRequest, httpServletResponse, post, time);
                            filterChain.doFilter(servletRequest, servletResponse);
                            return;
                        }
                    }
                }
                String str4 = String.valueOf(time) + "_" + String.valueOf(Double.valueOf(Math.random() * time).longValue());
                String queryString = httpServletRequest.getQueryString();
                if (queryString != null) {
                    setSession(httpServletRequest, httpServletResponse, str + "_" + str4, queryString);
                }
                httpServletResponse.sendRedirect((oauth_provider_server_url + "/authorize") + "?client_id=" + oauth_client_id + "&response_type=code&redirect_uri=" + str + "&state=" + str4);
                return;
            }
            String post2 = HttpClientUtil.post(oauth_provider_server_url + "/token", new Header[]{new Header("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8"), new Header("Authorization", "Basic " + new String(Base64.encodeBase64String((oauth_client_id + ":" + oauth_client_secret).getBytes("UTF-8"))))}, new NameValuePair[]{new NameValuePair("grant_type", "authorization_code"), new NameValuePair("code", parameter), new NameValuePair("redirect_uri", str)}, "UTF-8", 0);
            System.out.println(post2);
            if (!JSONFactoryUtil.createJSONObject(post2).has("error")) {
                processToken(httpServletRequest, httpServletResponse, post2, time);
                String session4 = getSession(httpServletRequest, str + "_" + parameter2);
                if (session4 != null) {
                    str = str + "?" + session4;
                }
                httpServletResponse.sendRedirect(str);
                return;
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void processToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, long j) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException, JSONException {
        JSONObject createJSONObject = JSONFactoryUtil.createJSONObject(str);
        if (createJSONObject.has("access_token")) {
            String string = createJSONObject.getString("access_token");
            String string2 = createJSONObject.getString("token_type");
            String string3 = createJSONObject.getString("refresh_token");
            int i = createJSONObject.getInt("expires_in");
            String string4 = createJSONObject.getString("scope");
            setCookie(httpServletRequest, httpServletResponse, "access_token", string.toString());
            setSession(httpServletRequest, httpServletResponse, "access_token", string);
            setSession(httpServletRequest, httpServletResponse, "token_type", string2);
            setSession(httpServletRequest, httpServletResponse, "expires_in", String.valueOf(i));
            setSession(httpServletRequest, httpServletResponse, "refresh_token", string3);
            setSession(httpServletRequest, httpServletResponse, "scope", string4);
            setSession(httpServletRequest, httpServletResponse, "expires_timestamp", String.valueOf(j + (i * 1000)));
        }
    }

    private void setSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        httpServletRequest.getSession().setAttribute(str, str2);
    }

    private String getSession(HttpServletRequest httpServletRequest, String str) {
        HttpSession session = httpServletRequest.getSession();
        if (session.getAttribute(str) == null) {
            return null;
        }
        return (String) session.getAttribute(str);
    }

    private void removeSession(HttpServletRequest httpServletRequest, String str) {
        httpServletRequest.getSession().removeAttribute(str);
    }

    private void setCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        String contextPath = httpServletRequest.getContextPath();
        Cookie cookie = new Cookie(str, str2);
        cookie.setPath(contextPath);
        httpServletResponse.addCookie(cookie);
    }

    private String getCookie(HttpServletRequest httpServletRequest, String str) {
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (cookie.getName().equalsIgnoreCase(str)) {
                return cookie.getValue();
            }
        }
        return null;
    }

    private void removeCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String... strArr) {
        String contextPath = httpServletRequest.getContextPath();
        HashSet hashSet = new HashSet();
        for (String str : strArr) {
            hashSet.add(str);
        }
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (hashSet.contains(cookie.getName())) {
                Cookie cookie2 = new Cookie(cookie.getName(), (String) null);
                cookie2.setMaxAge(0);
                cookie2.setPath(contextPath);
                httpServletResponse.addCookie(cookie2);
            }
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        System.out.println("BizAPIOAuthTokenFilter.init");
    }
}
