package com.goldgov.baseframe.util;

import java.io.IOException;
import java.net.URLEncoder;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:com/goldgov/baseframe/util/PortalUrlFilter.class */
public class PortalUrlFilter implements Filter {
    private String noAccessPagePath;
    private String[] allBarringUrl;
    private String casLogin;
    private String casServiceUrl;
    private String casServerName;
    private String casRenew;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.noAccessPagePath = filterConfig.getInitParameter("noAccessPagePath");
        this.allBarringUrl = filterConfig.getInitParameter("barringUrl").split(",");
        this.casLogin = filterConfig.getInitParameter("loginUrl");
        this.casServiceUrl = filterConfig.getInitParameter("serviceUrl");
        this.casServerName = filterConfig.getInitParameter("serverName");
        this.casRenew = filterConfig.getInitParameter("renew");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        boolean z = true;
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        HttpSession session = httpServletRequest.getSession();
        List list = (List) session.getAttribute("userLimitResourceList");
        String requestURI = httpServletRequest.getRequestURI();
        String queryString = httpServletRequest.getQueryString();
        String str = requestURI;
        if (queryString != null && !"".equals(queryString.trim())) {
            str = str + "?" + queryString;
        }
        if (!hasFiltrate(httpServletRequest)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (session.getAttribute("user") == null && session.getAttribute("userInfo") == null) {
            httpServletResponse.sendRedirect(this.casLogin + "?service=" + getService(httpServletRequest) + ((this.casRenew == null || this.casRenew.equals("")) ? "" : "&renew=" + this.casRenew));
            return;
        }
        if (list != null && list.size() > 0 && checkRequestUrlIsLimit(str, list)) {
            z = false;
        }
        if (z) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else {
            httpServletResponse.sendRedirect(this.noAccessPagePath);
        }
    }

    private boolean checkRequestUrlIsLimit(String str, List list) {
        for (int i = 0; i < list.size(); i++) {
            if (str.indexOf((String) list.get(i)) != -1) {
                return true;
            }
        }
        return false;
    }

    public boolean hasFiltrate(HttpServletRequest httpServletRequest) {
        String resourceType = getResourceType(httpServletRequest);
        for (int i = 0; i < this.allBarringUrl.length; i++) {
            if (resourceType.equals(this.allBarringUrl[i])) {
                return false;
            }
        }
        return true;
    }

    protected String getResourceType(HttpServletRequest httpServletRequest) {
        return StringUtils.replace(httpServletRequest.getRequestURI(), httpServletRequest.getContextPath(), "");
    }

    private String getService(HttpServletRequest httpServletRequest) throws ServletException {
        if (this.casServerName == null && this.casServiceUrl == null) {
            throw new ServletException("need one of the following configuration parameters: edu.yale.its.tp.cas.client.filter.serviceUrl or edu.yale.its.tp.cas.client.filter.serverName");
        }
        return this.casServiceUrl != null ? URLEncoder.encode(this.casServiceUrl) : CasUtil.getService(httpServletRequest, this.casServerName);
    }

    public void destroy() {
    }
}
