package com.dianping.cat.report.page;

import com.alibaba.fastjson.JSONObject;
import com.dianping.cat.Cat;
import com.dianping.cat.consumer.util.StringUtils;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.URL;
import java.net.URLConnection;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.MediaType;
import org.apache.hadoop.metrics2.sink.ganglia.AbstractGangliaSink;
import org.apache.http.protocol.HTTP;
import org.apache.log4j.Priority;
import org.joda.time.DateTimeConstants;

/* loaded from: input_file:WEB-INF/classes/com/dianping/cat/report/page/SsoFilter.class */
public class SsoFilter implements Filter {
    private String m_sso_auth = "http://sso.duiba.com.cn/sso/auth/authLogin?sso_ticket=";

    public void init(FilterConfig filterConfig) throws ServletException {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        httpServletRequest.setCharacterEncoding("utf-8");
        String ssoTicket = getSsoTicket("sso_ticket", httpServletRequest, httpServletResponse);
        if (StringUtils.isNotEmpty(ssoTicket) && ssoAuth(httpServletRequest, httpServletResponse, ssoTicket)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            Cat.logEvent("SSOFilter", "not login");
            noPermission(httpServletResponse);
        }
    }

    private void noPermission(HttpServletResponse httpServletResponse) throws IOException {
        PrintWriter writer = httpServletResponse.getWriter();
        httpServletResponse.setContentType("application/json; charset=utf-8");
        httpServletResponse.setCharacterEncoding("UTF-8");
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("success", (Object) false);
        jSONObject.put("message", (Object) "not login,please login sso first");
        writer.print(jSONObject.toJSONString());
        writer.flush();
        writer.close();
    }

    private String getSsoTicket(String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        Cookie[] cookies = httpServletRequest.getCookies();
        String str2 = null;
        if (cookies != null) {
            int length = cookies.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                Cookie cookie = cookies[i];
                if (cookie.getName().equalsIgnoreCase(str)) {
                    str2 = cookie.getValue();
                    break;
                }
                i++;
            }
        }
        if (StringUtils.isNotEmpty(httpServletRequest.getQueryString())) {
            String[] split = httpServletRequest.getQueryString().split("&");
            int length2 = split.length;
            int i2 = 0;
            while (true) {
                if (i2 >= length2) {
                    break;
                }
                String[] split2 = split[i2].split(AbstractGangliaSink.EQUAL);
                if ("tick".equalsIgnoreCase(split2[0])) {
                    str2 = split2.length > 1 ? split2[1] : null;
                    Cookie cookie2 = new Cookie("sso_ticket", str2);
                    cookie2.setMaxAge(DateTimeConstants.SECONDS_PER_DAY);
                    cookie2.setPath("/");
                    httpServletResponse.addCookie(cookie2);
                } else {
                    i2++;
                }
            }
        }
        return str2;
    }

    private boolean ssoAuth(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        Object attribute = httpServletRequest.getSession().getAttribute("sso_ticket");
        if (attribute != null && str.equalsIgnoreCase(attribute.toString())) {
            return true;
        }
        String str2 = "";
        BufferedReader bufferedReader = null;
        try {
            try {
                URLConnection openConnection = new URL(this.m_sso_auth + str + "&environment=" + (httpServletRequest.getRequestURL().toString().contains("console.dui88.com") ? "prod" : "dev")).openConnection();
                openConnection.setRequestProperty("accept", MediaType.WILDCARD);
                openConnection.setRequestProperty("connection", HTTP.CONN_KEEP_ALIVE);
                openConnection.setRequestProperty("user-agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36");
                openConnection.setConnectTimeout(Priority.FATAL_INT);
                openConnection.setReadTimeout(Priority.FATAL_INT);
                openConnection.connect();
                bufferedReader = new BufferedReader(new InputStreamReader(openConnection.getInputStream()));
                while (true) {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    str2 = str2 + readLine;
                }
                JSONObject parseObject = JSONObject.parseObject(str2);
                boolean booleanValue = parseObject.getBoolean("success") == null ? false : parseObject.getBoolean("success").booleanValue();
                if (booleanValue) {
                    httpServletRequest.getSession().setAttribute("sso_ticket", str);
                    httpServletRequest.getSession().setMaxInactiveInterval(DateTimeConstants.SECONDS_PER_HOUR);
                    Cat.logEvent("SSOFilter", "login success");
                }
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (Exception e) {
                    }
                }
                return booleanValue;
            } catch (Throwable th) {
                if (bufferedReader != null) {
                    try {
                        bufferedReader.close();
                    } catch (Exception e2) {
                        throw th;
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            Cat.logError(e3);
            Cat.logError(e3);
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (Exception e4) {
                    return false;
                }
            }
            return false;
        }
    }

    public void destroy() {
    }
}
