package io.nem.xpx.ws.filters;

import com.google.common.net.HttpHeaders;
import io.nem.apps.util.JsonUtils;
import io.nem.xpx.ws.model.GenericResponseMessage;
import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;

@WebFilter
/* loaded from: input_file:BOOT-INF/classes/io/nem/xpx/ws/filters/PrivateOnlyValidationFilter.class */
public class PrivateOnlyValidationFilter implements Filter {
    String[] trustedIps;

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        this.trustedIps = filterConfig.getInitParameter("trustedips").split(",");
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String clientIpAddr = getClientIpAddr((HttpServletRequest) servletRequest);
        String localAddr = servletRequest.getLocalAddr();
        if (clientIpAddr != null && localAddr != null && clientIpAddr.equals(localAddr)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else if (checkIfTrustedIp(clientIpAddr, this.trustedIps)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            ((HttpServletResponse) servletResponse).setStatus(HttpStatus.BAD_REQUEST.value());
            ((HttpServletResponse) servletResponse).getWriter().write(JsonUtils.toJson(new GenericResponseMessage(HttpStatus.BAD_REQUEST, "Endpoint can only be accessed via trusted or local addresses.")));
        }
    }

    private String listDownTrustedIp(String[] strArr) {
        String str = "";
        for (String str2 : strArr) {
            str = str + str2 + ",";
        }
        return str;
    }

    private boolean checkIfTrustedIp(String str, String[] strArr) {
        if (strArr.length != 1 || strArr[0].equals("")) {
            return true;
        }
        for (String str2 : strArr) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    public String getClientIpAddr(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader(HttpHeaders.X_FORWARDED_FOR);
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("Proxy-Client-IP");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("WL-Proxy-Client-IP");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("HTTP_X_FORWARDED_FOR");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("HTTP_X_FORWARDED");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("HTTP_X_CLUSTER_CLIENT_IP");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("HTTP_CLIENT_IP");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("HTTP_FORWARDED_FOR");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("HTTP_FORWARDED");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("HTTP_VIA");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getHeader("REMOTE_ADDR");
        }
        if (header == null || header.length() == 0 || header.equalsIgnoreCase("unknown")) {
            header = httpServletRequest.getRemoteAddr();
        }
        return header;
    }

    @Override // javax.servlet.Filter
    public void destroy() {
    }
}
