package com.alibaba.druid.support.http;

import com.alibaba.druid.support.http.util.IPAddress;
import com.alibaba.druid.support.http.util.IPRange;
import com.alibaba.druid.support.logging.Log;
import com.alibaba.druid.support.logging.LogFactory;
import com.alibaba.druid.util.StringUtils;
import com.alibaba.druid.util.Utils;
import com.ites.helper.common.constant.HelperConstant;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.aspectj.weaver.model.AsmRelationshipUtils;
import org.springframework.boot.autoconfigure.thymeleaf.ThymeleafProperties;

/* loaded from: input_file:BOOT-INF/lib/druid-1.1.5.jar:com/alibaba/druid/support/http/ResourceServlet.class */
public abstract class ResourceServlet extends HttpServlet {
    private static final Log LOG = LogFactory.getLog(ResourceServlet.class);
    public static final String SESSION_USER_KEY = "druid-user";
    public static final String PARAM_NAME_USERNAME = "loginUsername";
    public static final String PARAM_NAME_PASSWORD = "loginPassword";
    public static final String PARAM_NAME_ALLOW = "allow";
    public static final String PARAM_NAME_DENY = "deny";
    public static final String PARAM_REMOTE_ADDR = "remoteAddress";
    protected final String resourcePath;
    protected String username = null;
    protected String password = null;
    protected List<IPRange> allowList = new ArrayList();
    protected List<IPRange> denyList = new ArrayList();
    protected String remoteAddressHeader = null;

    public ResourceServlet(String str) {
        this.resourcePath = str;
    }

    @Override // javax.servlet.GenericServlet
    public void init() throws ServletException {
        initAuthEnv();
    }

    private void initAuthEnv() {
        String initParameter = getInitParameter(PARAM_NAME_USERNAME);
        if (!StringUtils.isEmpty(initParameter)) {
            this.username = initParameter;
        }
        String initParameter2 = getInitParameter(PARAM_NAME_PASSWORD);
        if (!StringUtils.isEmpty(initParameter2)) {
            this.password = initParameter2;
        }
        String initParameter3 = getInitParameter(PARAM_REMOTE_ADDR);
        if (!StringUtils.isEmpty(initParameter3)) {
            this.remoteAddressHeader = initParameter3;
        }
        try {
            String initParameter4 = getInitParameter(PARAM_NAME_ALLOW);
            if (initParameter4 != null && initParameter4.trim().length() != 0) {
                for (String str : initParameter4.trim().split(",")) {
                    if (str != null && str.length() != 0) {
                        this.allowList.add(new IPRange(str));
                    }
                }
            }
        } catch (Exception e) {
            LOG.error("initParameter config error, allow : " + getInitParameter(PARAM_NAME_ALLOW), e);
        }
        try {
            String initParameter5 = getInitParameter(PARAM_NAME_DENY);
            if (initParameter5 != null && initParameter5.trim().length() != 0) {
                for (String str2 : initParameter5.trim().split(",")) {
                    if (str2 != null && str2.length() != 0) {
                        this.denyList.add(new IPRange(str2));
                    }
                }
            }
        } catch (Exception e2) {
            LOG.error("initParameter config error, deny : " + getInitParameter(PARAM_NAME_DENY), e2);
        }
    }

    public boolean isPermittedRequest(String str) {
        if ((str == null || str.indexOf(58) == -1) ? false : true) {
            return "0:0:0:0:0:0:0:1".equals(str) || (this.denyList.size() == 0 && this.allowList.size() == 0);
        }
        IPAddress iPAddress = new IPAddress(str);
        Iterator<IPRange> it = this.denyList.iterator();
        while (it.hasNext()) {
            if (it.next().isIPAddressInRange(iPAddress)) {
                return false;
            }
        }
        if (this.allowList.size() <= 0) {
            return true;
        }
        Iterator<IPRange> it2 = this.allowList.iterator();
        while (it2.hasNext()) {
            if (it2.next().isIPAddressInRange(iPAddress)) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getFilePath(String str) {
        return this.resourcePath + str;
    }

    protected void returnResourceFile(String str, String str2, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String filePath = getFilePath(str);
        if (filePath.endsWith(ThymeleafProperties.DEFAULT_SUFFIX)) {
            httpServletResponse.setContentType("text/html; charset=utf-8");
        }
        if (str.endsWith(".jpg")) {
            byte[] readByteArrayFromResource = Utils.readByteArrayFromResource(filePath);
            if (readByteArrayFromResource != null) {
                httpServletResponse.getOutputStream().write(readByteArrayFromResource);
                return;
            }
            return;
        }
        String readFromResource = Utils.readFromResource(filePath);
        if (readFromResource == null) {
            httpServletResponse.sendRedirect(str2 + "/index.html");
            return;
        }
        if (str.endsWith(".css")) {
            httpServletResponse.setContentType("text/css;charset=utf-8");
        } else if (str.endsWith(".js")) {
            httpServletResponse.setContentType("text/javascript;charset=utf-8");
        }
        httpServletResponse.getWriter().write(readFromResource);
    }

    @Override // javax.servlet.http.HttpServlet
    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String contextPath = httpServletRequest.getContextPath();
        String servletPath = httpServletRequest.getServletPath();
        String requestURI = httpServletRequest.getRequestURI();
        httpServletResponse.setCharacterEncoding("utf-8");
        if (contextPath == null) {
            contextPath = "";
        }
        String str = contextPath + servletPath;
        String substring = requestURI.substring(contextPath.length() + servletPath.length());
        if (!isPermittedRequest(httpServletRequest)) {
            returnResourceFile("/nopermit.html", str, httpServletResponse);
            return;
        }
        if ("/submitLogin".equals(substring)) {
            String parameter = httpServletRequest.getParameter(PARAM_NAME_USERNAME);
            String parameter2 = httpServletRequest.getParameter(PARAM_NAME_PASSWORD);
            if (!this.username.equals(parameter) || !this.password.equals(parameter2)) {
                httpServletResponse.getWriter().print(AsmRelationshipUtils.DECLARE_ERROR);
                return;
            } else {
                httpServletRequest.getSession().setAttribute(SESSION_USER_KEY, this.username);
                httpServletResponse.getWriter().print(HelperConstant.SUCCESS);
                return;
            }
        }
        if (isRequireAuth() && !ContainsUser(httpServletRequest) && !checkLoginParam(httpServletRequest) && !"/login.html".equals(substring) && !substring.startsWith("/css") && !substring.startsWith("/js") && !substring.startsWith("/img")) {
            if (contextPath.equals("") || contextPath.equals("/")) {
                httpServletResponse.sendRedirect("/druid/login.html");
                return;
            } else if ("".equals(substring)) {
                httpServletResponse.sendRedirect("druid/login.html");
                return;
            } else {
                httpServletResponse.sendRedirect("login.html");
                return;
            }
        }
        if ("".equals(substring)) {
            if (contextPath.equals("") || contextPath.equals("/")) {
                httpServletResponse.sendRedirect("/druid/index.html");
                return;
            } else {
                httpServletResponse.sendRedirect("druid/index.html");
                return;
            }
        }
        if ("/".equals(substring)) {
            httpServletResponse.sendRedirect("index.html");
            return;
        }
        if (!substring.contains(".json")) {
            returnResourceFile(substring, str, httpServletResponse);
            return;
        }
        String str2 = substring;
        if (httpServletRequest.getQueryString() != null && httpServletRequest.getQueryString().length() > 0) {
            str2 = str2 + "?" + httpServletRequest.getQueryString();
        }
        httpServletResponse.getWriter().print(process(str2));
    }

    public boolean ContainsUser(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        return (session == null || session.getAttribute(SESSION_USER_KEY) == null) ? false : true;
    }

    public boolean checkLoginParam(HttpServletRequest httpServletRequest) {
        return null != this.username && null != this.password && this.username.equals(httpServletRequest.getParameter(PARAM_NAME_USERNAME)) && this.password.equals(httpServletRequest.getParameter(PARAM_NAME_PASSWORD));
    }

    public boolean isRequireAuth() {
        return this.username != null;
    }

    public boolean isPermittedRequest(HttpServletRequest httpServletRequest) {
        return isPermittedRequest(getRemoteAddress(httpServletRequest));
    }

    protected String getRemoteAddress(HttpServletRequest httpServletRequest) {
        String str = null;
        if (this.remoteAddressHeader != null) {
            str = httpServletRequest.getHeader(this.remoteAddressHeader);
        }
        if (str == null) {
            str = httpServletRequest.getRemoteAddr();
        }
        return str;
    }

    protected abstract String process(String str);
}
