package com.alogic.oauth.client;

import com.alogic.auth.Constants;
import com.alogic.auth.Session;
import com.alogic.auth.SessionManager;
import com.alogic.auth.SessionManagerFactory;
import com.alogic.load.Loader;
import com.alogic.oauth.OAuthConstants;
import com.alogic.oauth.client.loader.FromInner;
import com.anysoft.util.BaseException;
import com.anysoft.util.Configurable;
import com.anysoft.util.Factory;
import com.anysoft.util.IOTools;
import com.anysoft.util.Properties;
import com.anysoft.util.PropertiesConstants;
import com.anysoft.util.Settings;
import com.anysoft.util.XMLConfigurable;
import com.anysoft.util.XmlElementProperties;
import com.anysoft.util.XmlTools;
import com.anysoft.webloader.FilterConfigProperties;
import com.anysoft.webloader.HttpClientTool;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.lang3.exception.ExceptionUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:com/alogic/oauth/client/OAuthAuthz.class */
public class OAuthAuthz implements Filter, OAuthConstants, XMLConfigurable, Configurable {
    protected static final Logger LOG = LoggerFactory.getLogger(OAuthAuthz.class);
    protected static final String DEFAULT = "java:///conf/alogic.oauth.client.xml#App";
    protected String dftServerId = "default";
    protected String cmdPrefix = "/oauthclient";
    protected String returnURL = "returnUrl";
    protected Loader<OAuthServer> loader = null;
    protected String sessionGroup = "$oauth-client";
    protected HttpClientTool clientTool = null;
    protected Pattern pattern = Pattern.compile("/callback/(?<from>[\\w|\\-]+)/(?<action>[\\w|\\-]+)");

    public void configure(Properties properties) {
        this.dftServerId = PropertiesConstants.getString(properties, "dftServer", this.dftServerId);
        this.cmdPrefix = PropertiesConstants.getString(properties, "cmdPrefix", this.cmdPrefix);
        this.returnURL = PropertiesConstants.getString(properties, "auth.para.url", this.returnURL);
        this.sessionGroup = PropertiesConstants.getString(properties, "oauth.client.group", this.sessionGroup);
        this.clientTool = (HttpClientTool) Settings.getToolkit(HttpClientTool.class);
    }

    public void configure(Element element, Properties properties) {
        XmlElementProperties xmlElementProperties = new XmlElementProperties(element, properties);
        Element firstElementByPath = XmlTools.getFirstElementByPath(element, "servers");
        if (firstElementByPath != null) {
            try {
                this.loader = (Loader) new Factory().newInstance(firstElementByPath, xmlElementProperties, "loader", FromInner.class.getName());
            } catch (Exception e) {
                LOG.error("Can not create loader with " + XmlTools.node2String(firstElementByPath));
                LOG.error(ExceptionUtils.getStackTrace(e));
            }
        }
        configure(xmlElementProperties);
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        FilterConfigProperties filterConfigProperties = new FilterConfigProperties(filterConfig);
        String string = PropertiesConstants.getString(filterConfigProperties, "oauth.client.master", DEFAULT);
        InputStream inputStream = null;
        try {
            try {
                inputStream = Settings.getResourceFactory().load(string, PropertiesConstants.getString(filterConfigProperties, "oauth.client.secondary", DEFAULT), (Object) null);
                Document loadFromInputStream = XmlTools.loadFromInputStream(inputStream);
                if (loadFromInputStream != null) {
                    configure(loadFromInputStream.getDocumentElement(), filterConfigProperties);
                }
                IOTools.close(new Closeable[]{inputStream});
            } catch (Exception e) {
                LOG.error("Can not init oauth client with file : " + string);
                IOTools.close(new Closeable[]{inputStream});
            }
        } catch (Throwable th) {
            IOTools.close(new Closeable[]{inputStream});
            throw th;
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        SessionManager sessionManager = SessionManagerFactory.getDefault();
        Session session = sessionManager.getSession(httpServletRequest, httpServletResponse, true);
        String command = getCommand(httpServletRequest.getContextPath(), httpServletRequest.getRequestURI());
        LOG.info("cmd = " + command);
        if (StringUtils.isNotEmpty(command)) {
            if (command.startsWith("/callback")) {
                Matcher matcher = this.pattern.matcher(command);
                if (!matcher.find()) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, "core.e1000:Unsupported command:" + command);
                    return;
                }
                String group = matcher.group("from");
                OAuthServer server = getServer(group);
                if (server == null) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, "core.e1000:Unsupported oauth server,id=" + group);
                    return;
                } else if (matcher.group("action").equals("bind")) {
                    server.doBindCallback(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                } else {
                    server.doLoginCallback(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                }
            }
            if (command.startsWith("/login")) {
                String parameter = getParameter(httpServletRequest, "from", this.dftServerId);
                OAuthServer server2 = getServer(parameter);
                if (server2 == null) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, "core.e1000:Unsupported oauth server,id=" + parameter);
                    return;
                }
                String parameter2 = getParameter(httpServletRequest, this.returnURL, "");
                if (StringUtils.isNotEmpty(parameter2)) {
                    session.hSet(this.sessionGroup, this.returnURL, parameter2, true);
                }
                session.hSet(this.sessionGroup, "from", parameter, true);
                try {
                    server2.doLoginRequest(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                } catch (BaseException e) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, String.format("%s:%s", e.getCode(), e.getMessage()));
                    return;
                }
            }
            if (command.startsWith("/bind")) {
                String parameter3 = getParameter(httpServletRequest, "from", this.dftServerId);
                OAuthServer server3 = getServer(parameter3);
                if (server3 == null) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, "core.e1000:Unsupported oauth server,id=" + parameter3);
                    return;
                }
                String parameter4 = getParameter(httpServletRequest, this.returnURL, "");
                if (StringUtils.isNotEmpty(parameter4)) {
                    session.hSet(this.sessionGroup, this.returnURL, parameter4, true);
                }
                session.hSet(this.sessionGroup, "from", parameter3, true);
                try {
                    server3.doBindRequest(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                } catch (BaseException e2) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, String.format("%s:%s", e2.getCode(), e2.getMessage()));
                    return;
                }
            }
            if (command.startsWith("/cmd")) {
                String hGet = session.hGet(this.sessionGroup, "from", this.dftServerId);
                OAuthServer server4 = getServer(hGet);
                if (server4 == null) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, "core.e1000:Unsupported oauth server,id=" + hGet);
                    return;
                }
                try {
                    server4.doCommand(httpServletRequest, httpServletResponse, sessionManager, session);
                    return;
                } catch (BaseException e3) {
                    this.clientTool.sendError(httpServletResponse, Constants.E404, String.format("%s:%s", e3.getCode(), e3.getMessage()));
                    return;
                }
            }
        }
        if (session.isLoggedIn()) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String parameter5 = getParameter(httpServletRequest, "from", this.dftServerId);
        OAuthServer server5 = getServer(parameter5);
        if (server5 == null) {
            this.clientTool.sendError(httpServletResponse, Constants.E404, "core.e1000:Unsupported oauth server,id=" + parameter5);
            return;
        }
        String requestURI = httpServletRequest.getRequestURI();
        String queryString = httpServletRequest.getQueryString();
        if (StringUtils.isNotEmpty(queryString)) {
            requestURI = requestURI + "?" + queryString;
        }
        session.hSet(this.sessionGroup, this.returnURL, requestURI, true);
        session.hSet(this.sessionGroup, "from", parameter5, true);
        try {
            server5.doLoginRequest(httpServletRequest, httpServletResponse, sessionManager, session);
        } catch (BaseException e4) {
            this.clientTool.sendError(httpServletResponse, Constants.E404, String.format("%s:%s", e4.getCode(), e4.getMessage()));
        }
    }

    public void destroy() {
    }

    protected OAuthServer getServer(String str) {
        if (this.loader == null) {
            return null;
        }
        return (OAuthServer) this.loader.load(str, true);
    }

    protected String getCommand(String str, String str2) {
        String str3 = str + this.cmdPrefix;
        return str2.startsWith(str3) ? str2.substring(str3.length()) : "";
    }

    protected String getParameter(HttpServletRequest httpServletRequest, String str, String str2) {
        String parameter = httpServletRequest.getParameter(str);
        return StringUtils.isEmpty(parameter) ? str2 : parameter;
    }
}
