package com.els.filter;

import cn.hutool.core.util.StrUtil;
import cn.hutool.json.JSONUtil;
import com.els.common.exception.ELSBootException;
import com.els.framework.poi.util.PoiElUtil;
import com.els.modules.system.error.ErrorController;
import com.els.modules.system.util.I18nUtil;
import java.io.IOException;
import java.net.URL;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/els/filter/CsrfFilter.class */
public class CsrfFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(CsrfFilter.class);
    private String[] csrfWhitePaths;
    private String[] csrfWhiteDomains;

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String header = httpServletRequest.getHeader("referer");
        if (StrUtil.isBlank(header)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        URL url = new URL(header);
        String host = url.getHost();
        int port = url.getPort();
        String str = port == -1 ? host : host + ":" + port;
        URL url2 = new URL(httpServletRequest.getRequestURL().toString());
        String host2 = url2.getHost();
        int port2 = url2.getPort();
        if ((port2 == -1 ? host2 : host2 + ":" + port2).equalsIgnoreCase(str)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (isCsrfWhiteDomains(str)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String path = url2.getPath();
        log.info("path = " + path);
        log.info("actionPath = " + path.replaceAll(servletRequest.getServletContext().getContextPath(), PoiElUtil.EMPTY));
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private void forwardToController(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
        servletRequest.setAttribute(ErrorController.FILTER_ERROR, new ELSBootException(I18nUtil.translate(PoiElUtil.EMPTY, "csrf跨站点伪造请求已经被拦截")));
        servletRequest.getRequestDispatcher("/error/exception-throw").forward(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    private boolean isCsrfWhitePaths(String str) {
        if (this.csrfWhitePaths == null || this.csrfWhitePaths.length <= 0) {
            return false;
        }
        for (String str2 : this.csrfWhitePaths) {
            if (!StrUtil.isBlank(str2) && str2.equals(str)) {
                log.info("跨站点请求所有路径白名单：csrfWhitePaths = " + JSONUtil.toJsonStr(this.csrfWhitePaths));
                log.info("符合跨站点请求路径白名单：path = " + str);
                return true;
            }
        }
        return false;
    }

    private boolean isCsrfWhiteDomains(String str) {
        if (this.csrfWhiteDomains == null || this.csrfWhiteDomains.length <= 0) {
            return false;
        }
        for (String str2 : this.csrfWhiteDomains) {
            if (!StrUtil.isBlank(str2) && str2.equals(str)) {
                log.info("跨站点请求所有【域名】]白名单：csrfWhiteDomains = " + JSONUtil.toJsonStr(this.csrfWhiteDomains));
                log.info("符合跨站点请求【域名】白名单：refererHost = " + str);
                return true;
            }
        }
        log.info("跨站点请求非法【域名】：refererHost = " + str);
        return false;
    }
}
