package com.xdja.eoa.business.filter;

import com.alibaba.fastjson.JSONObject;
import com.xdja.eoa.account.bean.EmployeeAccount;
import com.xdja.eoa.account.service.EmployeeAccountService;
import com.xdja.eoa.approve.control.base.JumpCenterControl;
import com.xdja.eoa.business.bean.AccountTokenValue;
import com.xdja.eoa.businessFunc.bean.BusinessFunctions;
import com.xdja.eoa.businessFunc.service.IBusinessFunctionsService;
import com.xdja.eoa.cert.bean.EmployeeCert;
import com.xdja.eoa.cert.service.IEmployeeCertService;
import com.xdja.eoa.conf.ConfigLoadSystem;
import com.xdja.eoa.constants.RedisConstants;
import com.xdja.eoa.exception.DeviceBindException;
import com.xdja.eoa.exception.ErrorMessage;
import com.xdja.eoa.exception.HttpError;
import com.xdja.eoa.mvc.ResponseUtils;
import com.xdja.eoa.util.JsonUtil;
import com.xdja.eoa.util.RedisUtil;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.StopWatch;
import org.springframework.util.StringUtils;

@Component("token")
/* loaded from: input_file:WEB-INF/classes/com/xdja/eoa/business/filter/TokenFilter.class */
public class TokenFilter implements Filter {
    protected Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    private EmployeeAccountService employeeServiceAccountService;

    @Autowired
    private IBusinessFunctionsService businessFunctionsService;

    @Autowired
    private IEmployeeCertService employeeCertService;

    @Autowired
    private RedisUtil redisUtil;
    private static final List<String> UNVALIDATE_TOKEN_INTERFACE = new ArrayList();
    private static final String TOKEN_VALIDATE_EXCLUDE = "bind/device";
    private static final String API_FLAG = "api/";

    @Override // javax.servlet.Filter
    public void init(FilterConfig filterConfig) throws ServletException {
        if (this.redisUtil == null) {
            this.logger.error("系统启动异常Redis加载异常请检查配置项");
            System.exit(0);
        }
        int i = 1;
        boolean z = true;
        while (true) {
            if (this.redisUtil.alive()) {
                z = false;
                break;
            } else {
                i++;
                if (i > 3) {
                    break;
                }
            }
        }
        if (z) {
            this.logger.error("redis连接失败、请检查redis服务器配置");
            System.exit(0);
        }
    }

    @Override // javax.servlet.Filter
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        int i;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        StopWatch stopWatch = new StopWatch(getClass() + "跳转接口耗时检查");
        stopWatch.start("执行doFilter");
        if (this.logger.isDebugEnabled()) {
            Enumeration headerNames = httpServletRequest.getHeaderNames();
            if (headerNames != null && headerNames.hasMoreElements()) {
                while (headerNames.hasMoreElements()) {
                    String str = (String) headerNames.nextElement();
                    this.logger.debug("header:{}={}", str, httpServletRequest.getHeader(str));
                }
            }
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            if (parameterNames != null && parameterNames.hasMoreElements()) {
                while (parameterNames.hasMoreElements()) {
                    String str2 = (String) parameterNames.nextElement();
                    this.logger.debug("parameterName:{}={}", str2, httpServletRequest.getParameter(str2));
                }
            }
        }
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getContextPath().length() + 1);
        if (this.logger.isDebugEnabled()) {
            this.logger.debug("请求Url:{}", substring);
        }
        if (substring.startsWith(API_FLAG)) {
            String substring2 = substring.substring(4);
            try {
                i = Integer.parseInt(substring2.substring(1, substring2.indexOf("/")));
            } catch (Exception e) {
                i = 1;
            }
            if (i < 10) {
                String substring3 = httpServletRequest.getRequestURI().substring(httpServletRequest.getRequestURI().lastIndexOf(47) + 1);
                if (this.logger.isDebugEnabled()) {
                    this.logger.debug(substring3);
                }
                if (!UNVALIDATE_TOKEN_INTERFACE.contains(substring3)) {
                    String header = httpServletRequest.getHeader("token");
                    if (StringUtils.isEmpty(header)) {
                        header = httpServletRequest.getParameter("token");
                    }
                    if (StringUtils.isEmpty(header)) {
                        httpServletResponse.setStatus(500);
                        ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, HttpError.TOKEN_IS_NULL.getName(), "token参数为空")));
                        return;
                    }
                    if (this.logger.isDebugEnabled()) {
                        this.logger.debug("token :{}", header);
                    }
                    String str3 = this.redisUtil.STRINGS.get(RedisConstants.getAccountEOACacheTokenKey(header));
                    if (StringUtils.isEmpty(str3)) {
                        this.logger.warn("token信息已经失效了");
                        httpServletResponse.setStatus(500);
                        ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, HttpError.UNAUTHORIZED.getName(), "token信息已经失效了")));
                        return;
                    }
                    AccountTokenValue accountTokenValue = (AccountTokenValue) JSONObject.parseObject(str3, AccountTokenValue.class);
                    if (accountTokenValue == null) {
                        this.logger.warn("token信息反序列化失败");
                        httpServletResponse.setStatus(500);
                        ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, HttpError.SERVER_INTERNAL_EXCEPTION.getName(), "token信息反序列化失败")));
                        return;
                    }
                    EmployeeAccount employeeAccount = this.employeeServiceAccountService.getEmployeeAccount(accountTokenValue.getId());
                    if (employeeAccount == null) {
                        if (this.employeeServiceAccountService.getOldEmployeeAccount(accountTokenValue.getLoginCode()) == null) {
                            ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, HttpError.FILTER_ACCOUNT_NOT_EXIST.getName(), "账号不存在")));
                        } else {
                            ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, HttpError.FILTER_ACCOUNT_LOGOUT.getName(), "账号已注销")));
                        }
                    }
                    if (employeeAccount.getDeleteFlag().intValue() == 1) {
                        ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, HttpError.FILTER_ACCOUNT_LOGOUT.getName(), "账号已注销")));
                    }
                    if (!StringUtils.isEmpty(httpServletRequest.getParameter("checkToken")) && "false".equals(httpServletRequest.getParameter("checkToken"))) {
                        this.logger.info("直接跳过check token。。。。。。");
                    } else {
                        if (!httpServletRequest.getHeader("deviceId").equals(accountTokenValue.getDeviceId()) || !httpServletRequest.getHeader("deviceType").equals(accountTokenValue.getDeviceType())) {
                            this.logger.warn("token伪造deviceId、deviceType、token不匹配");
                            httpServletResponse.setStatus(500);
                            ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, HttpError.TOKEN_FORGE.getName(), "token伪造deviceId、deviceType、token不匹配")));
                            return;
                        }
                        if (this.logger.isDebugEnabled()) {
                            this.logger.debug("检验芯片开关是否开启。。。。。。");
                        }
                        BusinessFunctions businessFunc = this.businessFunctionsService.getBusinessFunc(1, accountTokenValue.getCompanyId());
                        if (businessFunc != null && businessFunc.getStatus().intValue() == 1) {
                            if (this.logger.isDebugEnabled()) {
                                this.logger.debug("芯片验证开启");
                            }
                            String header2 = httpServletRequest.getHeader("chipId");
                            if (StringUtils.isEmpty(header2)) {
                                if (this.logger.isDebugEnabled()) {
                                    this.logger.debug("卡号或者SN为空,chipId:{}", header2);
                                }
                                if (!substring.endsWith(JumpCenterControl.JUMCENER_APP_ULR)) {
                                    httpServletResponse.setStatus(500);
                                    httpServletResponse.setStatus(401);
                                    ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, DeviceBindException.CHIPID_OR_SN_IS_NULL, "卡号或者SN为空")));
                                    return;
                                } else {
                                    String str4 = ConfigLoadSystem.getStringValue("EOA_HOST", "") + ConfigLoadSystem.getStringValue("EOA_JUMP_CENTER_HTML", "app/result.html") + "?result=0&errorCode=" + DeviceBindException.CHIPID_OR_SN_IS_NULL;
                                    if (this.logger.isDebugEnabled()) {
                                        this.logger.debug("即将跳转到如下地址:{}", str4);
                                    }
                                    httpServletResponse.sendRedirect(str4);
                                    return;
                                }
                            }
                            if (this.logger.isDebugEnabled()) {
                                this.logger.debug("根据账户id:{}查询账户已绑定芯片信息......", accountTokenValue.getId());
                            }
                            if (!substring.endsWith(TOKEN_VALIDATE_EXCLUDE)) {
                                List<EmployeeCert> employeeCert = this.employeeCertService.getEmployeeCert(accountTokenValue.getId().longValue(), null);
                                if (employeeCert != null && employeeCert.size() > 0) {
                                    if (this.logger.isDebugEnabled()) {
                                        this.logger.debug("账户id:{}已绑定设备数目为:{}", accountTokenValue.getId(), Integer.valueOf(employeeCert.size()));
                                    }
                                    HashSet hashSet = new HashSet(employeeCert.size());
                                    for (EmployeeCert employeeCert2 : employeeCert) {
                                        if (employeeCert2 != null && !StringUtils.isEmpty(employeeCert2.getChipId())) {
                                            hashSet.add(employeeCert2.getChipId().toLowerCase());
                                        }
                                    }
                                    if (!hashSet.contains(header2.toLowerCase())) {
                                        if (!substring.endsWith(JumpCenterControl.JUMCENER_APP_ULR)) {
                                            httpServletResponse.setStatus(500);
                                            httpServletResponse.setStatus(401);
                                            ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, DeviceBindException.ACCOUNT_DEVICE_NO_BIND, "账户和设备未绑定")));
                                            return;
                                        } else {
                                            String str5 = ConfigLoadSystem.getStringValue("EOA_HOST", "") + ConfigLoadSystem.getStringValue("EOA_JUMP_CENTER_HTML", "app/result.html") + "?result=0&errorCode=" + DeviceBindException.ACCOUNT_DEVICE_NO_BIND;
                                            if (this.logger.isDebugEnabled()) {
                                                this.logger.debug("即将跳转到如下地址:{}", str5);
                                            }
                                            httpServletResponse.sendRedirect(str5);
                                            return;
                                        }
                                    }
                                } else if (!substring.endsWith(TOKEN_VALIDATE_EXCLUDE)) {
                                    if (this.logger.isDebugEnabled()) {
                                        this.logger.debug("账户未绑定任何一个设备,提醒账户绑定设备......");
                                    }
                                    if (!substring.endsWith(JumpCenterControl.JUMCENER_APP_ULR)) {
                                        httpServletResponse.setStatus(500);
                                        httpServletResponse.setStatus(401);
                                        ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, DeviceBindException.ACCOUNT_DEVICE_NO_BIND, "账户和设备未绑定")));
                                        return;
                                    } else {
                                        String str6 = ConfigLoadSystem.getStringValue("EOA_HOST", "") + ConfigLoadSystem.getStringValue("EOA_JUMP_CENTER_HTML", "app/result.html") + "?result=0&errorCode=" + DeviceBindException.ACCOUNT_DEVICE_NO_BIND;
                                        if (this.logger.isDebugEnabled()) {
                                            this.logger.debug("即将跳转到如下地址:{}", str6);
                                        }
                                        httpServletResponse.sendRedirect(str6);
                                        return;
                                    }
                                }
                            } else if (this.employeeCertService.queryAccountBindDeviceCount(accountTokenValue.getId().longValue(), Integer.valueOf(Integer.parseInt(accountTokenValue.getDeviceType()))) > 1) {
                                if (substring.endsWith(JumpCenterControl.JUMCENER_APP_ULR)) {
                                    String str7 = ConfigLoadSystem.getStringValue("EOA_HOST", "") + ConfigLoadSystem.getStringValue("EOA_JUMP_CENTER_HTML", "app/result.html") + "?result=0&errorCode=" + DeviceBindException.ACCOUNT_NEED__BIND_BY_ADMIN;
                                    if (this.logger.isDebugEnabled()) {
                                        this.logger.debug("即将跳转到如下地址:{}", str7);
                                    }
                                    httpServletResponse.sendRedirect(str7);
                                } else {
                                    httpServletResponse.setStatus(500);
                                    httpServletResponse.setStatus(401);
                                    ResponseUtils.writeUtf8JSON(httpServletResponse, JsonUtil.toJsonString(new ErrorMessage(500, null, null, DeviceBindException.ACCOUNT_NEED__BIND_BY_ADMIN, "账户已经绑定过设备")));
                                }
                            }
                        } else if (this.logger.isDebugEnabled()) {
                            this.logger.debug("芯片验证未开启");
                        }
                    }
                    httpServletRequest.setAttribute("token", accountTokenValue);
                }
            } else if (this.logger.isDebugEnabled()) {
                this.logger.debug("pc端前端H5调用");
            }
        }
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        stopWatch.stop();
        if (this.logger.isDebugEnabled()) {
            this.logger.debug(stopWatch.prettyPrint());
        }
    }

    @Override // javax.servlet.Filter
    public void destroy() {
        if (this.redisUtil != null) {
            this.redisUtil = null;
        }
    }

    static {
        UNVALIDATE_TOKEN_INTERFACE.add("login");
    }
}
