package com.els.common.filter;

import cn.hutool.core.util.StrUtil;
import com.els.common.exception.ELSBootException;
import com.els.common.util.I18nUtil;
import com.els.common.util.SpringContextUtils;
import com.els.config.StaticConfig;
import java.io.IOException;
import java.net.URL;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.core.env.Environment;

/* loaded from: input_file:com/els/common/filter/CsrfFilter.class */
public class CsrfFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(CsrfFilter.class);
    private String csrfWhiteDomains = ((Environment) SpringContextUtils.getBean(Environment.class)).getProperty("els.csrf.white.domains");

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String header = ((HttpServletRequest) servletRequest).getHeader("referer");
        if (!StrUtil.isNotBlank(header)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        URL url = new URL(header);
        String host = url.getHost();
        if (host.equals("localhost") || host.equals("127.0.0.1")) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String hostAndPort = getHostAndPort(url);
        if (getHostAndPort(new URL((String) ((StaticConfig) SpringContextUtils.getBean(StaticConfig.class)).getConfig().get("service.address"))).equalsIgnoreCase(hostAndPort)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else if (isCsrfWhiteDomains(hostAndPort)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            forwardToController(servletRequest, servletResponse);
        }
    }

    private String getHostAndPort(URL url) {
        String host = url.getHost();
        int port = url.getPort();
        return port == -1 ? host : host + ":" + port;
    }

    private void forwardToController(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
        servletRequest.setAttribute("filter.error", new ELSBootException(I18nUtil.translate("i18n_alert_WWWWHXCLQVVIOqBy_2b60332d", "csrf跨站点伪造请求已经被拦截")));
        servletRequest.getRequestDispatcher("/error/exception-throw").forward(servletRequest, servletResponse);
    }

    public void destroy() {
    }

    private boolean isCsrfWhiteDomains(String str) {
        if (!StrUtil.isNotBlank(this.csrfWhiteDomains)) {
            return false;
        }
        for (String str2 : this.csrfWhiteDomains.split(",")) {
            if (!StrUtil.isBlank(str2) && str.toLowerCase().contains(str2.toLowerCase())) {
                log.info("符合跨站点请求【域名】白名单：refererHost = {}", str);
                return true;
            }
        }
        return false;
    }
}
