package org.opengion.hayabusa.filter;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import org.opengion.fukurou.security.HybsCryptography;
import org.opengion.fukurou.system.ThrowUtil;
import org.opengion.fukurou.util.FileUtil;
import org.opengion.fukurou.util.StringUtil;
import org.opengion.hayabusa.common.HybsSystem;

/* loaded from: input_file:WEB-INF/lib/hayabusa7.2.9.1.jar:org/opengion/hayabusa/filter/URLCheckFilter.class */
public final class URLCheckFilter implements Filter {
    private static final HybsCryptography HYBS_CRYPTOGRAPHY = new HybsCryptography(HybsSystem.sys("URL_CHECK_CRYPT"));
    private static final String USERID_HEADER = HybsSystem.sys("USERID_HEADER_NAME");
    private boolean isDebug;
    private String ignoreURL;
    private String ommitURL;
    private String ommitReferer;
    private String filename = "jsp/custom/refuseAccess.html";
    private boolean isDecode = true;
    private String ignoreRelative = "false";
    private String encoding = "utf-8";

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (isValidAccess(servletRequest)) {
            servletRequest.setAttribute("RequestEncoding", this.encoding);
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (this.isDebug) {
            System.out.println("  check NG... ");
        }
        servletResponse.setContentType("text/html; charset=UTF-8");
        PrintWriter writer = servletResponse.getWriter();
        writer.println(refuseMsg());
        writer.flush();
    }

    public void init(FilterConfig filterConfig) {
        this.filename = HybsSystem.getRealPath() + StringUtil.nval(filterConfig.getInitParameter("filename"), this.filename);
        this.isDecode = StringUtil.nval(filterConfig.getInitParameter("decode"), true);
        this.ignoreURL = filterConfig.getInitParameter("ignoreURL");
        this.ignoreRelative = filterConfig.getInitParameter("ignoreRelative");
        this.isDebug = StringUtil.nval(filterConfig.getInitParameter("debug"), false);
        this.ommitURL = filterConfig.getInitParameter("ommitURL");
        this.ommitReferer = filterConfig.getInitParameter("ommitReferer");
        this.encoding = StringUtil.nval(filterConfig.getInitParameter("encoding"), this.encoding);
    }

    public void destroy() {
    }

    private String refuseMsg() {
        return FileUtil.getValue(this.filename, "UTF-8");
    }

    private boolean isValidAccess(ServletRequest servletRequest) {
        if (this.isDebug) {
            System.out.println(((HttpServletRequest) servletRequest).getRequestURI());
        }
        String queryString = ((HttpServletRequest) servletRequest).getQueryString();
        String stringBuffer = ((HttpServletRequest) servletRequest).getRequestURL().toString();
        String header = ((HttpServletRequest) servletRequest).getHeader("REFERER");
        if (header != null && this.ommitReferer != null && header.indexOf(this.ommitReferer) >= 0) {
            if (!this.isDebug) {
                return true;
            }
            System.out.println("URLCheck ommitRef" + stringBuffer);
            return true;
        }
        String str = stringBuffer + (queryString != null ? "?" + queryString : "");
        if (this.ommitURL != null && str.matches(this.ommitURL)) {
            if (!this.isDebug) {
                return true;
            }
            System.out.println("URLCheck ommitURL" + str);
            return true;
        }
        String parameter = servletRequest.getParameter(HybsSystem.URL_CHECK_KEY);
        if (parameter == null || parameter.isEmpty()) {
            if (!this.isDebug) {
                return false;
            }
            System.out.println("  check NG [ No Check Key ] = " + str);
            return false;
        }
        boolean z = false;
        try {
            parameter = HYBS_CRYPTOGRAPHY.decrypt(parameter).replace("&amp;", "&");
            if (this.isDebug) {
                System.out.println("  checkKey=" + parameter);
            }
            int lastIndexOf = parameter.lastIndexOf(",time=");
            int lastIndexOf2 = parameter.lastIndexOf(",userid=");
            String substring = parameter.substring(0, lastIndexOf);
            long parseLong = Long.parseLong(parameter.substring(lastIndexOf + 6, lastIndexOf2));
            String substring2 = parameter.substring(lastIndexOf2 + 8);
            String[] csv2Array = StringUtil.csv2Array(substring2);
            if (this.ignoreURL != null && this.ignoreURL.length() > 0 && substring.indexOf(this.ignoreURL) == 0) {
                substring = substring.substring(this.ignoreURL.length());
            }
            if ("true".equals(this.ignoreRelative)) {
                substring = substring.replaceAll("\\.\\./", "");
            }
            if (this.isDebug) {
                System.out.println("   [ignoreURL]=" + this.ignoreURL);
                System.out.println("   [ignoreRelative]=" + this.ignoreRelative);
                System.out.println("   [url]      =" + substring);
                System.out.println("   [vtime]    =" + parseLong);
                System.out.println("   [userid]   =" + substring2);
            }
            if (this.isDecode) {
                if (this.isDebug) {
                    System.out.println("[BeforeURIDecode]=" + str);
                }
                str = StringUtil.urlDecode(str);
                substring = StringUtil.urlDecode(substring);
            }
            String substring3 = str.substring(0, str.lastIndexOf(HybsSystem.URL_CHECK_KEY) - 1);
            String remoteUser = ((HttpServletRequest) servletRequest).getRemoteUser();
            if (USERID_HEADER != null && USERID_HEADER.length() > 0 && (remoteUser == null || remoteUser.length() == 0)) {
                remoteUser = ((HttpServletRequest) servletRequest).getHeader(USERID_HEADER);
            }
            if (this.isDebug) {
                System.out.println("   [reqURL] =" + substring3);
                System.out.println("   [ctime]  =" + System.currentTimeMillis());
                System.out.println("   [reqUser]=" + remoteUser);
                System.out.println(" endWith=" + substring3.endsWith(substring));
                System.out.println(" times=" + (System.currentTimeMillis() - parseLong));
                System.out.println(" [userArr.length]=" + csv2Array.length);
            }
            if (substring3.endsWith(substring) && System.currentTimeMillis() - parseLong < 0 && csv2Array != null && csv2Array.length > 0) {
                for (int i = 0; i < csv2Array.length; i++) {
                    if (this.isDebug) {
                        System.out.println(" [userArr] =" + csv2Array[i]);
                    }
                    if ("*".equals(csv2Array[i]) || remoteUser.equals(csv2Array[i])) {
                        z = true;
                        if (this.isDebug) {
                            System.out.println("  check OK");
                        }
                    }
                }
            }
        } catch (RuntimeException e) {
            if (this.isDebug) {
                System.out.println("チェックエラー。  checkKey=" + parameter + " " + e.getMessage());
                System.err.println(ThrowUtil.ogStackTrace(e));
            }
            z = false;
        }
        return z;
    }

    public String toString() {
        return new StringBuilder(200).append("UrlCheckFilter").append("filename=[").append(this.filename).append("],").append("isDecode=[").append(this.isDecode).append(']').toString();
    }
}
