package com.bokesoft.scm.yigo.frontend.servlet;

import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONObject;
import com.bokesoft.scm.yigo.api.exception.YigoCommonException;
import com.bokesoft.scm.yigo.api.response.ServiceProcessResponse;
import com.bokesoft.scm.yigo.exchange.service.ServiceProcess;
import com.bokesoft.scm.yigo.frontend.interceptor.ServiceInterceptorProvider;
import com.bokesoft.scm.yigo.frontend.utils.FrontendUtils;
import com.bokesoft.scm.yigo.frontend.utils.ProcessXSSUtil;
import com.gitlab.summercattle.commons.exception.CommonException;
import com.gitlab.summercattle.commons.exception.CommonRuntimeException;
import com.gitlab.summercattle.commons.utils.auxiliary.CompressUtils;
import com.gitlab.summercattle.commons.utils.auxiliary.HttpUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.PrintWriter;
import java.net.URL;
import java.util.Enumeration;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/bokesoft/scm/yigo/frontend/servlet/ServiceServlet.class */
public class ServiceServlet extends HttpServlet {
    private static final long serialVersionUID = 1;
    private static final Logger logger = LoggerFactory.getLogger(ServiceServlet.class);
    private ServiceProcess serviceProcess;
    private ServiceInterceptorProvider serviceInterceptorProvider;

    public ServiceServlet(ServiceProcess serviceProcess, ServiceInterceptorProvider serviceInterceptorProvider) {
        this.serviceProcess = serviceProcess;
        this.serviceInterceptorProvider = serviceInterceptorProvider;
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doGet(httpServletRequest, httpServletResponse);
    }

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        try {
            httpServletRequest.setCharacterEncoding("UTF-8");
            httpServletResponse.setCharacterEncoding("UTF-8");
            JSONObject jSONObject = new JSONObject();
            preparedRequest(jSONObject, httpServletRequest, httpServletResponse);
            String locale = FrontendUtils.getLocale(httpServletRequest);
            if (StringUtils.isBlank(locale)) {
                locale = jSONObject.getString("locale");
            }
            String str = null;
            if (StringUtils.isNotBlank(locale)) {
                str = locale.substring(0, locale.indexOf(45));
            }
            if (StringUtils.isNotBlank(locale)) {
                jSONObject.put("locale", locale);
                jSONObject.put("language", str);
            }
            String clientID = FrontendUtils.getClientID(httpServletRequest);
            if (StringUtils.isBlank(clientID)) {
                clientID = jSONObject.getString("clientID");
            }
            if (StringUtils.isNotBlank(clientID)) {
                jSONObject.put("clientID", clientID);
            }
            String tenant = FrontendUtils.getTenant(httpServletRequest);
            if (StringUtils.isNotBlank(tenant)) {
                jSONObject.put("tenant", tenant);
            }
            String paramValue = FrontendUtils.getParamValue(httpServletRequest, "application");
            if (StringUtils.isNotBlank(paramValue)) {
                jSONObject.put("application", paramValue);
            }
            String string = jSONObject.getString("service");
            String string2 = jSONObject.getString("cmd");
            String string3 = jSONObject.getString("tmpclientid");
            logger.debug("service:" + string + (StringUtils.isNotBlank(string2) ? ",cmd:" + string2 : ""));
            boolean z = false;
            if (StringUtils.isBlank(clientID)) {
                if (!"SystemInfo".equals(string) && !"GetLoginDef".equals(string) && !"DownloadConfigFile".equals(string) && ((!"Authenticate".equals(string) || !"CreateTempClientID".equals(string2)) && !"InvokeUnsafeService".equals(string) && !"DEE".equals(string))) {
                    z = true;
                }
                if ((z && StringUtils.isNotBlank(string3) && ("GetPublicKey".equals(string) || (("Authenticate".equals(string) && "LoginWithoutCheck".equals(string2)) || (("DBQuery".equals(string) && "DBNamedQuery".equals(string2)) || (("Authenticate".equals(string) && "QueryValidateImage".equals(string2)) || (("Authenticate".equals(string) && "Login".equals(string2)) || (("SessionRights".equals(string) && "LoadFormRights".equals(string2)) || "LoadFormData".equals(string) || ("DBUpdate".equals(string) && "DBNamedUpdate".equals(string2))))))))) || "MobileService".equals(string)) {
                    z = false;
                }
            }
            if (z) {
                logger.warn("用户未登录,被禁止访问,service:" + string + (StringUtils.isNotEmpty(string2) ? ",cmd:" + string2 : ""));
                httpServletResponse.setStatus(403);
            } else {
                process(httpServletRequest, httpServletResponse, jSONObject);
            }
        } catch (Throwable th) {
            logger.error(th.getMessage(), th);
            int i = -1;
            int i2 = -1;
            if (th instanceof YigoCommonException) {
                YigoCommonException yigoCommonException = th;
                if (yigoCommonException.getCode() == 101) {
                    i2 = yigoCommonException.getExceptionCode();
                }
            }
            if (th instanceof CommonException) {
                i = ((CommonException) th).getCode();
                Throwable cause = th.getCause();
                if (cause != null && (cause instanceof IllegalStateException)) {
                    i = 103;
                }
            } else if (th instanceof CommonRuntimeException) {
                i = ((CommonRuntimeException) th).getCode();
                Throwable cause2 = th.getCause();
                if (cause2 != null && (cause2 instanceof IllegalStateException)) {
                    i = 103;
                }
            }
            JSONObject jSONObject2 = new JSONObject();
            jSONObject2.put("code", Integer.valueOf(i));
            jSONObject2.put("error_code", Integer.valueOf(i2));
            jSONObject2.put("error_info", ProcessXSSUtil.stripXss(th.getMessage()));
            JSONObject jSONObject3 = new JSONObject();
            jSONObject3.put("success", false);
            jSONObject3.put("error", jSONObject2);
            httpServletResponse.setStatus(500);
            httpServletResponse.setContentType("text/plain;charset=UTF-8");
            PrintWriter writer = httpServletResponse.getWriter();
            Throwable th2 = null;
            try {
                try {
                    writer.write(jSONObject3.toString());
                    writer.flush();
                    if (writer != null) {
                        if (0 == 0) {
                            writer.close();
                            return;
                        }
                        try {
                            writer.close();
                        } catch (Throwable th3) {
                            th2.addSuppressed(th3);
                        }
                    }
                } catch (Throwable th4) {
                    th2 = th4;
                    throw th4;
                }
            } catch (Throwable th5) {
                if (writer != null) {
                    if (th2 != null) {
                        try {
                            writer.close();
                        } catch (Throwable th6) {
                            th2.addSuppressed(th6);
                        }
                    } else {
                        writer.close();
                    }
                }
                throw th5;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void preparedRequest(JSONObject jSONObject, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        while (parameterNames.hasMoreElements()) {
            String str = (String) parameterNames.nextElement();
            if (!"yigoData".equals(str)) {
                jSONObject.put(str, httpServletRequest.getParameter(str));
            }
        }
        String parameter = httpServletRequest.getParameter("yigoData");
        if (StringUtils.isNotEmpty(parameter)) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decodeBase64(parameter));
            Throwable th = null;
            try {
                try {
                    JSONObject parseObject = JSON.parseObject(org.apache.commons.codec.binary.StringUtils.newString(CompressUtils.decompress("gz", byteArrayInputStream), "UTF-8"));
                    for (String str2 : parseObject.keySet()) {
                        Object obj = parseObject.get(str2);
                        jSONObject.put(str2, null != obj ? obj.toString() : "");
                    }
                    if (byteArrayInputStream != null) {
                        if (0 == 0) {
                            byteArrayInputStream.close();
                            return;
                        }
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } catch (Throwable th4) {
                if (byteArrayInputStream != null) {
                    if (th != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Throwable th5) {
                            th.addSuppressed(th5);
                        }
                    } else {
                        byteArrayInputStream.close();
                    }
                }
                throw th4;
            }
        }
    }

    protected void process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, JSONObject jSONObject) throws Throwable {
        String ipAddress = HttpUtils.getIpAddress(httpServletRequest);
        String header = httpServletRequest.getHeader("Origin");
        if (StringUtils.isBlank(header)) {
            header = httpServletRequest.getHeader("Referer");
        }
        if (StringUtils.isBlank(header)) {
            header = httpServletRequest.getRequestURL().toString();
        }
        URL url = new URL(header);
        String host = url.getHost();
        int port = url.getPort();
        if (port == -1) {
            port = url.getDefaultPort();
        }
        String string = jSONObject.getString("service");
        String string2 = jSONObject.getString("cmd");
        if (StringUtils.isNotBlank(string2)) {
            string = string + "/" + string2;
        }
        jSONObject.put("reqIP", ipAddress);
        jSONObject.put("host", host);
        jSONObject.put("port", Integer.valueOf(port));
        ServiceProcessResponse process = process(httpServletRequest, httpServletResponse, string, jSONObject);
        if (process != null) {
            processResponse(httpServletRequest, httpServletResponse, string, jSONObject, process);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void processResponse(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, JSONObject jSONObject, ServiceProcessResponse serviceProcessResponse) throws Throwable {
        httpServletResponse.setContentType(getResponseContentType());
        PrintWriter writer = httpServletResponse.getWriter();
        Throwable th = null;
        try {
            try {
                writer.write(serviceProcessResponse.getResponse());
                writer.flush();
                if (writer != null) {
                    if (0 == 0) {
                        writer.close();
                        return;
                    }
                    try {
                        writer.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (writer != null) {
                if (th != null) {
                    try {
                        writer.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    writer.close();
                }
            }
            throw th4;
        }
    }

    protected String getResponseContentType() {
        return "text/plain;charset=UTF-8";
    }

    private ServiceProcessResponse process(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, JSONObject jSONObject) throws CommonException {
        String string = jSONObject.getString("clientID");
        ServiceProcessResponse process = this.serviceInterceptorProvider.process(httpServletRequest, httpServletResponse, str, string, jSONObject);
        if (process == null) {
            process = this.serviceProcess.process(string, false, jSONObject.toString());
        }
        return process;
    }
}
