package com.definesys.mpaas.query.security;

import com.definesys.mpaas.common.adapter.IMpaasSSOAuthentication;
import com.definesys.mpaas.common.adapter.UserProfile;
import com.definesys.mpaas.query.conf.MpaasQueryConfig;
import com.definesys.mpaas.query.session.MpaasSession;
import java.io.IOException;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:com/definesys/mpaas/query/security/SecurityGate.class */
public class SecurityGate {
    private MpaasQueryConfig config;
    private IMpaasSSOAuthentication ssoAuthentication;

    public SecurityGate(MpaasQueryConfig mpaasQueryConfig, IMpaasSSOAuthentication iMpaasSSOAuthentication) {
        this.config = mpaasQueryConfig;
        this.ssoAuthentication = iMpaasSSOAuthentication;
    }

    public void unAuthorized(ServletResponse servletResponse) {
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        try {
            httpServletResponse.getOutputStream().write("{\"code\":\"error\",\"message\":\"Unauthorized\"}".getBytes());
        } catch (IOException e) {
            e.printStackTrace();
        }
        httpServletResponse.setStatus(401);
    }

    public boolean auth(HttpServletRequest httpServletRequest, boolean z) {
        UserProfile userProfile = UserProfile.anonymous;
        try {
            if (this.config.isCustomAuth() || this.ssoAuthentication != null) {
                userProfile = customeAuth(httpServletRequest);
            }
            if (!this.config.isCustomAuth() && userProfile.isAnonymous()) {
                userProfile = httpHeadAuth(httpServletRequest);
            }
        } catch (Throwable th) {
            if (!z) {
                th.printStackTrace();
            }
        }
        MpaasSession.setUserProfile(userProfile);
        return !userProfile.isAnonymous();
    }

    private UserProfile httpHeadAuth(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(this.config.userHeaderName);
        UserProfile userProfile = new UserProfile();
        userProfile.setAnonymous(false);
        if (header == null || header.trim().length() == 0) {
            header = "anonymous";
            userProfile.setAnonymous(true);
        }
        userProfile.setUid(header);
        userProfile.setUserName("匿名用户");
        return userProfile;
    }

    private UserProfile customeAuth(HttpServletRequest httpServletRequest) {
        UserProfile userProfile = UserProfile.anonymous;
        if (this.ssoAuthentication != null) {
            userProfile = this.ssoAuthentication.ssoAuth(getHeaders(httpServletRequest), getCookies(httpServletRequest));
        }
        return userProfile;
    }

    private Map<String, String> getCookies(HttpServletRequest httpServletRequest) {
        Cookie[] cookies = httpServletRequest.getCookies();
        HashMap hashMap = new HashMap();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                hashMap.put(cookie.getName(), cookie.getValue());
            }
        }
        return hashMap;
    }

    private Map<String, String> getHeaders(HttpServletRequest httpServletRequest) {
        HashMap hashMap = new HashMap();
        Enumeration headerNames = httpServletRequest.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String str = (String) headerNames.nextElement();
            hashMap.put(str, httpServletRequest.getHeader(str));
        }
        return hashMap;
    }

    public boolean validateURISecurity(String str) {
        boolean z = false;
        if (this.config.publicFilter != null && this.config.publicFilter.trim().length() > 0) {
            for (String str2 : this.config.publicFilter.split(",")) {
                if (str.matches(str2) || str.endsWith(str2)) {
                    z = true;
                    break;
                }
            }
        }
        return z;
    }
}
