package cn.com.yusys.yusp.commons.service.authority.web.filter;

import cn.com.yusys.yusp.commons.service.authority.ServiceAuthority;
import cn.com.yusys.yusp.commons.service.authority.constant.ServiceAuthConstants;
import cn.com.yusys.yusp.commons.util.StringUtils;
import cn.com.yusys.yusp.commons.util.encrypt.AESUtils;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.util.UrlPathHelper;

/* loaded from: input_file:cn/com/yusys/yusp/commons/service/authority/web/filter/ServiceAuthorityFilter.class */
public class ServiceAuthorityFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(ServiceAuthorityFilter.class);
    private UrlPathHelper pathHelper = new UrlPathHelper();
    private AntPathMatcher matcher = new AntPathMatcher();
    private ServiceAuthority serviceAuthority;
    private String serviceName;

    public ServiceAuthorityFilter(String str, ServiceAuthority serviceAuthority) {
        this.serviceName = str;
        this.serviceAuthority = serviceAuthority;
    }

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String header = httpServletRequest.getHeader("appName");
        boolean z = false;
        if (StringUtils.nonBlank(header)) {
            String decrypt = AESUtils.decrypt(header, "YUSP");
            if (!decrypt.equalsIgnoreCase(this.serviceName)) {
                Map<String, Object> authRulesByServiceName = this.serviceAuthority.getAuthRulesByServiceName(this.serviceName.toUpperCase());
                String lookupPathForRequest = this.pathHelper.getLookupPathForRequest(httpServletRequest);
                if (authRulesByServiceName != null) {
                    log.info("The request service name is: [{}], and the request route is: [{}]", decrypt, lookupPathForRequest);
                    z = !checkServiceAuth(decrypt, lookupPathForRequest, authRulesByServiceName);
                } else {
                    log.info("Inter Service Authentication >> there is no authentication rule in the cache, which is forced to be defined as unauthorized! The caller service name is [{}], and the request route is [{}]", decrypt, lookupPathForRequest);
                    z = true;
                }
            }
        }
        if (z) {
            httpServletResponse.sendError(403, "service forbidden from yusp service filter");
        } else {
            filterChain.doFilter(servletRequest, servletResponse);
        }
    }

    public void destroy() {
    }

    private boolean checkServiceAuth(String str, String str2, Map<String, Object> map) {
        List list;
        List list2;
        boolean z = false;
        if (map != null) {
            String valueOf = String.valueOf(map.get("authType"));
            if (ServiceAuthConstants.AUTH_TYPE_UNABLED.equals(valueOf)) {
                z = true;
            } else if (ServiceAuthConstants.AUTH_TYPE_BLACK.equals(valueOf)) {
                List list3 = (List) map.get("serviceAuthRules");
                if (list3 == null || list3.isEmpty()) {
                    z = true;
                } else {
                    for (int i = 0; i < list3.size(); i++) {
                        String valueOf2 = String.valueOf(((Map) list3.get(i)).get("status"));
                        String valueOf3 = String.valueOf(((Map) list3.get(i)).get("ruleName"));
                        if (ServiceAuthConstants.DATA_STATUS_ABLED.equals(valueOf2) && (list2 = (List) ((Map) list3.get(i)).get("tags")) != null && !list2.isEmpty()) {
                            int size = list2.size();
                            for (int i2 = 0; i2 < list2.size(); i2++) {
                                Map map2 = (Map) list2.get(i2);
                                String str3 = (String) map2.get("tagName");
                                String str4 = (String) map2.get("relationType");
                                String str5 = (String) map2.get("tagValue");
                                if ("01".equals(str3)) {
                                    if ("01".equals(str4)) {
                                        if (str.equalsIgnoreCase(str5)) {
                                            size--;
                                        }
                                    } else if ("02".equals(str4)) {
                                        if (!str.equalsIgnoreCase(str5)) {
                                            size--;
                                        }
                                    } else if (ServiceAuthConstants.RELATION_TYPE_INCLOUD.equals(str4)) {
                                        String[] split = str5.split(",");
                                        boolean z2 = false;
                                        int length = split.length;
                                        int i3 = 0;
                                        while (true) {
                                            if (i3 >= length) {
                                                break;
                                            }
                                            if (str.equalsIgnoreCase(split[i3])) {
                                                z2 = true;
                                                break;
                                            }
                                            i3++;
                                        }
                                        if (z2) {
                                            size--;
                                        }
                                    } else if (ServiceAuthConstants.RELATION_TYPE_NOT_INCLOUD.equals(str4)) {
                                        String[] split2 = str5.split(",");
                                        boolean z3 = true;
                                        int length2 = split2.length;
                                        int i4 = 0;
                                        while (true) {
                                            if (i4 >= length2) {
                                                break;
                                            }
                                            if (str.equalsIgnoreCase(split2[i4])) {
                                                z3 = false;
                                                break;
                                            }
                                            i4++;
                                        }
                                        if (z3) {
                                            size--;
                                        }
                                    } else if (ServiceAuthConstants.RELATION_TYPE_REG.equals(str4) && this.matcher.match(str5, str)) {
                                        size--;
                                    }
                                } else if ("01".equals(str4)) {
                                    if (str2.equalsIgnoreCase(str5)) {
                                        size--;
                                    }
                                } else if ("02".equals(str4)) {
                                    if (!str2.equalsIgnoreCase(str5)) {
                                        size--;
                                    }
                                } else if (ServiceAuthConstants.RELATION_TYPE_INCLOUD.equals(str4)) {
                                    String[] split3 = str5.split(",");
                                    boolean z4 = false;
                                    int length3 = split3.length;
                                    int i5 = 0;
                                    while (true) {
                                        if (i5 >= length3) {
                                            break;
                                        }
                                        if (str2.equalsIgnoreCase(split3[i5])) {
                                            z4 = true;
                                            break;
                                        }
                                        i5++;
                                    }
                                    if (z4) {
                                        size--;
                                    }
                                } else if (ServiceAuthConstants.RELATION_TYPE_NOT_INCLOUD.equals(str4)) {
                                    String[] split4 = str5.split(",");
                                    boolean z5 = true;
                                    int length4 = split4.length;
                                    int i6 = 0;
                                    while (true) {
                                        if (i6 >= length4) {
                                            break;
                                        }
                                        if (str2.equalsIgnoreCase(split4[i6])) {
                                            z5 = false;
                                            break;
                                        }
                                        i6++;
                                    }
                                    if (z5) {
                                        size--;
                                    }
                                } else if (ServiceAuthConstants.RELATION_TYPE_REG.equals(str4) && this.matcher.match(str5, str2)) {
                                    size--;
                                }
                            }
                            if (size == 0) {
                                log.info("Inter Service Authentication >> in the hit blacklist, the authentication rule named [{}] failed the verification", valueOf3);
                                return false;
                            }
                        }
                    }
                    z = true;
                }
            } else if (ServiceAuthConstants.AUTH_TYPE_WHITE.equals(valueOf)) {
                List list4 = (List) map.get("serviceAuthRules");
                if (list4 == null || list4.isEmpty()) {
                    z = false;
                } else {
                    for (int i7 = 0; i7 < list4.size(); i7++) {
                        String valueOf4 = String.valueOf(((Map) list4.get(i7)).get("status"));
                        String valueOf5 = String.valueOf(((Map) list4.get(i7)).get("ruleName"));
                        if (ServiceAuthConstants.DATA_STATUS_ABLED.equals(valueOf4) && (list = (List) ((Map) list4.get(i7)).get("tags")) != null && !list.isEmpty()) {
                            int size2 = list.size();
                            for (int i8 = 0; i8 < list.size(); i8++) {
                                Map map3 = (Map) list.get(i8);
                                String str6 = (String) map3.get("tagName");
                                String str7 = (String) map3.get("relationType");
                                String str8 = (String) map3.get("tagValue");
                                if ("01".equals(str6)) {
                                    if ("01".equals(str7)) {
                                        if (str.equalsIgnoreCase(str8)) {
                                            size2--;
                                        }
                                    } else if ("02".equals(str7)) {
                                        if (!str.equalsIgnoreCase(str8)) {
                                            size2--;
                                        }
                                    } else if (ServiceAuthConstants.RELATION_TYPE_INCLOUD.equals(str7)) {
                                        String[] split5 = str8.split(",");
                                        boolean z6 = false;
                                        int length5 = split5.length;
                                        int i9 = 0;
                                        while (true) {
                                            if (i9 >= length5) {
                                                break;
                                            }
                                            if (str.equalsIgnoreCase(split5[i9])) {
                                                z6 = true;
                                                break;
                                            }
                                            i9++;
                                        }
                                        if (z6) {
                                            size2--;
                                        }
                                    } else if (ServiceAuthConstants.RELATION_TYPE_NOT_INCLOUD.equals(str7)) {
                                        String[] split6 = str8.split(",");
                                        boolean z7 = true;
                                        int length6 = split6.length;
                                        int i10 = 0;
                                        while (true) {
                                            if (i10 >= length6) {
                                                break;
                                            }
                                            if (str.equalsIgnoreCase(split6[i10])) {
                                                z7 = false;
                                                break;
                                            }
                                            i10++;
                                        }
                                        if (z7) {
                                            size2--;
                                        }
                                    } else if (ServiceAuthConstants.RELATION_TYPE_REG.equals(str7) && this.matcher.match(str8, str)) {
                                        size2--;
                                    }
                                } else if ("01".equals(str7)) {
                                    if (str2.equalsIgnoreCase(str8)) {
                                        size2--;
                                    }
                                } else if ("02".equals(str7)) {
                                    if (!str2.equalsIgnoreCase(str8)) {
                                        size2--;
                                    }
                                } else if (ServiceAuthConstants.RELATION_TYPE_INCLOUD.equals(str7)) {
                                    String[] split7 = str8.split(",");
                                    boolean z8 = false;
                                    int length7 = split7.length;
                                    int i11 = 0;
                                    while (true) {
                                        if (i11 >= length7) {
                                            break;
                                        }
                                        if (str2.equalsIgnoreCase(split7[i11])) {
                                            z8 = true;
                                            break;
                                        }
                                        i11++;
                                    }
                                    if (z8) {
                                        size2--;
                                    }
                                } else if (ServiceAuthConstants.RELATION_TYPE_NOT_INCLOUD.equals(str7)) {
                                    String[] split8 = str8.split(",");
                                    boolean z9 = true;
                                    int length8 = split8.length;
                                    int i12 = 0;
                                    while (true) {
                                        if (i12 >= length8) {
                                            break;
                                        }
                                        if (str2.equalsIgnoreCase(split8[i12])) {
                                            z9 = false;
                                            break;
                                        }
                                        i12++;
                                    }
                                    if (z9) {
                                        size2--;
                                    }
                                } else if (ServiceAuthConstants.RELATION_TYPE_REG.equals(str7) && this.matcher.match(str8, str2)) {
                                    size2--;
                                }
                            }
                            if (size2 == 0) {
                                log.info("Inter Service Authentication >> in the hit white list, the authentication rule named [{}] passed the verification", valueOf5);
                                return true;
                            }
                        }
                    }
                    z = false;
                }
            }
        }
        return z;
    }
}
