package com.supwisdom.platform.module.security.oauth2.provider.filter;

import com.supwisdom.platform.core.common.util.HttpClientUtil;
import com.supwisdom.platform.module.security.util.RSA;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Date;
import java.util.HashSet;
import java.util.Properties;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.sf.json.JSONObject;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.NameValuePair;
import org.springframework.security.crypto.codec.Base64;

/* loaded from: input_file:com/supwisdom/platform/module/security/oauth2/provider/filter/OAuthTokenFilter.class */
public class OAuthTokenFilter implements Filter {
    private static String oauth_server_uri = null;
    private static String client_server_uri = null;
    private static String oauth_client_id = null;
    private static String oauth_client_secret = null;

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        try {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
            String servletPath = httpServletRequest.getServletPath();
            if ("/login.jsp".equalsIgnoreCase(servletPath) || "/cas-logout.jsp".equalsIgnoreCase(servletPath)) {
                removeCookies(httpServletRequest, httpServletResponse, "access_token", "token_type", "refresh_token", "expires_in", "scope", "expires_timestamp");
                httpServletRequest.getSession().invalidate();
                filterChain.doFilter(servletRequest, servletResponse);
                return;
            }
            String str = String.valueOf(client_server_uri) + servletPath;
            System.out.println(str);
            long time = new Date().getTime();
            String parameter = httpServletRequest.getParameter("code");
            if (parameter != null) {
                String str2 = String.valueOf(oauth_server_uri) + "/oauth/token";
                System.out.println(str2);
                String post = HttpClientUtil.post(str2, new Header[]{new Header("Authorization", "Basic " + new String(Base64.encode((String.valueOf(oauth_client_id) + ":" + oauth_client_secret).getBytes("UTF-8"))))}, new NameValuePair[]{new NameValuePair("grant_type", "authorization_code"), new NameValuePair("code", parameter), new NameValuePair("redirect_uri", str)}, "UTF-8", 0);
                System.out.println(post);
                if (JSONObject.fromObject(post).containsKey("error")) {
                    return;
                }
                processToken(httpServletRequest, httpServletResponse, post, time);
                httpServletResponse.sendRedirect(str);
                return;
            }
            String session = getSession(httpServletRequest, "access_token");
            String session2 = getSession(httpServletRequest, "expires_timestamp");
            if (session != null && session2 != null && session2.length() > 0) {
                long parseLong = Long.parseLong(session2);
                System.out.println(String.valueOf(parseLong) + ">" + time + "==" + (parseLong > time));
                if (parseLong > time) {
                    filterChain.doFilter(servletRequest, servletResponse);
                    return;
                }
                String session3 = getSession(httpServletRequest, "refresh_token");
                if (session3 != null && session3.length() > 0) {
                    String str3 = String.valueOf(oauth_server_uri) + "/oauth/token";
                    System.out.println(str3);
                    String str4 = new String(Base64.encode((String.valueOf(oauth_client_id) + ":" + oauth_client_secret).getBytes("UTF-8")));
                    System.out.println("basic=" + str4);
                    String post2 = HttpClientUtil.post(str3, new Header[]{new Header("Authorization", "Basic " + str4)}, new NameValuePair[]{new NameValuePair("grant_type", "refresh_token"), new NameValuePair("refresh_token", session3)}, "UTF-8", 0);
                    if (!JSONObject.fromObject(post2).containsKey("error")) {
                        processToken(httpServletRequest, httpServletResponse, post2, time);
                        filterChain.doFilter(servletRequest, servletResponse);
                        return;
                    }
                }
            }
            httpServletResponse.sendRedirect(String.valueOf(String.valueOf(oauth_server_uri) + "/oauth/authorize") + "?client_id=" + oauth_client_id + "&response_type=code&redirect_uri=" + str + "&state=" + time);
        } catch (Exception e) {
            e.printStackTrace();
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    private void processToken(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, long j) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException {
        JSONObject fromObject = JSONObject.fromObject(str);
        if (fromObject.containsKey("access_token")) {
            String string = fromObject.getString("access_token");
            String string2 = fromObject.getString("token_type");
            String string3 = fromObject.getString("refresh_token");
            long j2 = fromObject.getLong("expires_in");
            String string4 = fromObject.getString("scope");
            String cookie = getCookie(httpServletRequest, "modulus");
            String cookie2 = getCookie(httpServletRequest, "exponent");
            if (cookie == null || cookie2 == null) {
                setCookie(httpServletRequest, httpServletResponse, "access_token", string.toString());
            } else {
                System.out.println("N = " + cookie);
                System.out.println("e = " + cookie2);
                RSA rsa = new RSA();
                rsa.initPublicKey(cookie, cookie2);
                byte[] encrypt = rsa.encrypt(string.getBytes("UTF-8"));
                StringBuilder sb = new StringBuilder();
                for (byte b : encrypt) {
                    String hexString = Integer.toHexString(b & 255);
                    if (hexString.length() < 2) {
                        sb.append(0);
                    }
                    sb.append(hexString);
                }
                System.out.println("encrypt_access_token = " + sb.toString());
                setCookie(httpServletRequest, httpServletResponse, "access_token", sb.toString());
            }
            setSession(httpServletRequest, httpServletResponse, "access_token", string);
            setSession(httpServletRequest, httpServletResponse, "token_type", string2);
            setSession(httpServletRequest, httpServletResponse, "expires_in", String.valueOf(j2));
            setSession(httpServletRequest, httpServletResponse, "refresh_token", string3);
            setSession(httpServletRequest, httpServletResponse, "scope", string4);
            setSession(httpServletRequest, httpServletResponse, "expires_timestamp", String.valueOf(j + (j2 * 1000)));
        }
    }

    private void setSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        httpServletRequest.getSession().setAttribute(str, str2);
    }

    private String getSession(HttpServletRequest httpServletRequest, String str) {
        HttpSession session = httpServletRequest.getSession();
        if (session.getAttribute(str) == null) {
            return null;
        }
        return (String) session.getAttribute(str);
    }

    private void setCookie(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        String contextPath = httpServletRequest.getContextPath();
        if (contextPath == null || contextPath.length() == 0) {
            contextPath = "/";
        }
        Cookie cookie = new Cookie(str, str2);
        cookie.setPath(contextPath);
        httpServletResponse.addCookie(cookie);
    }

    private String getCookie(HttpServletRequest httpServletRequest, String str) {
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (cookie.getName().equalsIgnoreCase(str)) {
                return cookie.getValue();
            }
        }
        return null;
    }

    private void removeCookies(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String... strArr) {
        String str = String.valueOf(httpServletRequest.getContextPath()) + "/";
        HashSet hashSet = new HashSet();
        for (String str2 : strArr) {
            hashSet.add(str2);
        }
        for (Cookie cookie : httpServletRequest.getCookies()) {
            if (hashSet.contains(cookie.getName())) {
                Cookie cookie2 = new Cookie(cookie.getName(), (String) null);
                cookie2.setMaxAge(0);
                cookie2.setPath(str);
                httpServletResponse.addCookie(cookie2);
            }
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        if (oauth_server_uri == null) {
            try {
                Properties properties = new Properties();
                properties.load(OAuthTokenFilter.class.getResourceAsStream("/oauth2-client.properties"));
                oauth_server_uri = properties.getProperty("oauth.server.uri");
                oauth_client_id = properties.getProperty("oauth.client.id", "client-api-resource");
                oauth_client_secret = properties.getProperty("oauth.client.secret", "secret-api-resource");
                client_server_uri = properties.getProperty("client.server.uri");
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }
}
