package com.datacloudsec.scan.handler;

import com.datacloudsec.annotations.Auth;
import com.datacloudsec.annotations.Log;
import com.datacloudsec.exception.UEException;
import com.datacloudsec.response.IResponse;
import com.datacloudsec.response.JsonResponse;
import com.datacloudsec.response.StringResponse;
import com.datacloudsec.scan.common.Config;
import com.datacloudsec.scan.dao.LogMapper;
import com.datacloudsec.scan.entity.User;
import com.datacloudsec.scan.service.IConfig;
import com.datacloudsec.scan.service.IUser;
import com.datacloudsec.scan.service.impl.ConfigService;
import com.datacloudsec.scan.tasks.InitSystemTask;
import com.datacloudsec.utils.IPUtil;
import com.datacloudsec.utils.InstanceUtil;
import com.datacloudsec.utils.ObjectUtil;
import com.howie.hmvc.exception.ArguErrorException;
import com.howie.hmvc.handler.IInvokeHandler;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.Method;
import java.util.HashSet;
import java.util.List;
import java.util.Properties;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/datacloudsec/scan/handler/InvokeHandler.class */
public class InvokeHandler implements IInvokeHandler {
    private static final String VIEW_PATH = "";
    private IConfig configService = (IConfig) InstanceUtil.newServiceInstance(ConfigService.class);
    private static final String CSRF_REFERER = "referer";
    private static final Logger LOG = Logger.getLogger(InvokeHandler.class);
    private static final LogMapper logMapper = (LogMapper) InstanceUtil.newDaoInstance(LogMapper.class);
    private static final String LOGIN = "/login.html";
    private static final String[] NO_LOGIN = {"/error/*", LOGIN, "/login360.html", "/user/login.aj", "/sso.aj", "/nobrowser.html", "/license.html", "/imp-lic.aj", "/active-lic.aj", "/exp-reqx.html", "/system/test.aj", "/system/get-upload-progress.aj", "/system/code.html", "/system/get-out-img.html", "/system/start-upd.aj", "/system/set-access-addr.aj", "/task/get-dev-by-ip.aj", "/task/auto-upload.aj", "/retrievepwd.html", "/send-email.aj", "/set-pwd.html", "/enter-pwd.aj", "/quick-login-token.aj", "/quick-login.html", "/sso.html", "/auth.aj", "/task/insert-web-task.aj", "/task/del-web-task.aj", "/task/get-web-result.aj", "/task/get-web-detail.aj", "/task/start-scan-web-task.aj", "/task/stop-scan-web-task.aj", "/task/start-scan-web-dev.aj", "/task/stop-scan-web-dev.aj", "/report/create-web-report.aj", "/report/export-web-report.aj", "/report/get-web-report-list.aj", "/report/get-web-result.aj", "/report/get-dev-by-task-id.aj", "/report/del-web-report.aj", "/system/ntp-set.aj", "/task/insert-sys-task.aj", "/task/del-sys-task.aj", "/task/get-web-policies.aj", "/task/get-sys-policies.aj", "/task/get-sys-result.aj", "/task/get-sys-detail.aj", "/task/start-scan-sys-task.aj", "/task/stop-scan-sys-task.aj", "/task/start-scan-sys-dev.aj", "/task/get-multi-task-result.aj", "/task/stop-scan-sys-dev.aj", "/report/create-sys-report.aj", "/report/export-sys-report.aj", "/report/get-sys-report-list.aj", "/report/get-sys-result.aj", "/report/del-sys-report.aj", "/user/upd-pwd.aj", "/task/insert-db-task.aj", "/task/del-db-task.aj", "/task/get-db-policies.aj", "/task/get-db-result.aj", "/task/get-db-detail.aj", "/task/start-scan-db-task.aj", "/task/start-scan-db-dev.aj", "/report/create-db-report.aj", "/report/export-db-report.aj", "/report/get-db-report-list.aj", "/report/get-db-result.aj", "/report/del-db-report.aj", "/result/statistic.aj", "/xingtang/login.aj", "/system/get-log-info.aj", "/system/log-set.aj", "/dlpscan/auto-upload.aj", "/devicegroup/dev-group-search.aj", "/devicegroup/del-devgroup.aj", "/devicegroup/insert-devgroup.aj", "/devicegroup/update-devgroup.aj", "/devicegroup/delete-devgroup.aj", "/device/search-region.aj", "/device/search-device.aj", "/device/delete-device.aj", "/device/del-for-name.aj", "/device/upload-device.aj", "/device/download-dev-temp.html", "/task/upload-scantool.aj", "/device/auto-recode.aj", "/penetest/imp-penetest.aj", "/system/systemsets.aj", "/system/email-test.aj", "/task/insert-bline-task.aj", "/task/del-bline-task.aj", "/task/get-bline-policies.aj", "/task/get-bline-result.aj", "/task/get-bline-detail.aj", "/task/start-scan-bline-task.aj", "/task/start-scan-bline-dev.aj", "/report/create-bline-report.aj", "/report/export-bline-report.aj", "/report/get-bline-report-list.aj", "/report/get-bline-result.aj", "/report/del-bline-report.aj", "/task/get-sp-bline-result.aj", "/task/get-pwd-conf.aj", "/task/insert-pwd-task.aj", "/task/del-pwd-task.aj", "/task/get-pwd-dic.aj", "/task/get-pwd-dic-group.aj", "/task/get-pwd-result.aj", "/task/get-pwd-detail.aj", "/task/start-scan-pwd-task.aj", "/task/start-scan-pwd-dev.aj", "/task/get-sp-pwd-result.aj", "/report/create-pwd-report.aj", "/report/export-pwd-report.aj", "/report/get-pwd-report-list.aj", "/report/get-pwd-result.aj", "/report/del-pwd-report.aj", "/report/create-report-by-taskid.aj", "/report/export-report.aj", "/report/get-report-list.aj", "/report/del-report.aj", "/task/get-bugs-by-devid.aj", "/task/get-db-temp.aj", "/task/stop-scan-pwd-task.aj", "/task/stop-scan-pwd-dev.aj", "/task/get-sysconfig.aj", "/device/insert-device-find.aj", "/device/start-device-find.aj", "/device/stop-device-find.aj", "/device/detail-devicefind.aj", "/device/devicefind-search.aj", "/device/del-device-find.aj", "/gxa/tool.html", "/qianxin-lic.html", "/system/get-netcard.aj", "/system/set-route.aj", "/system/set-netcard.aj", "/system/set-rule.aj", "/system/del-netcard.aj", "/system/snmp-trap.aj", "/system/get-sys-info.aj", "/index-nologin.html", "/qianxin/*", "/general/*", "/engine-sync-task/*"};
    private static final String[] NO_LIC = {"/license.html", "/imp-lic.aj", "/exp-reqx.html", "/system/upload-file.aj", "/system/get-upload-progress.aj", "/auth.aj", "/active-lic.aj"};
    private static final Set<String> LOOP_URI = new HashSet<String>() { // from class: com.datacloudsec.scan.handler.InvokeHandler.1
        private static final long serialVersionUID = 1;

        {
            add("/get-alerm-msg.aj");
        }
    };
    private static final Properties ERROR_PROPERTIE = new Properties() { // from class: com.datacloudsec.scan.handler.InvokeHandler.2
        private static final long serialVersionUID = 1;

        {
            InputStream inputStream = null;
            try {
                try {
                    inputStream = getClass().getResourceAsStream("/error_zh_CN.properties");
                    load(new InputStreamReader(inputStream, "UTF-8"));
                    IOUtils.closeQuietly(inputStream);
                } catch (Exception e) {
                    InvokeHandler.LOG.error("读取资源文件出错", e);
                    IOUtils.closeQuietly(inputStream);
                }
            } catch (Throwable th) {
                IOUtils.closeQuietly(inputStream);
                throw th;
            }
        }
    };

    public boolean beforeInvoke(Method method, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
        LOG.debug("准备访问时间：" + System.currentTimeMillis());
        HttpSession session = httpServletRequest.getSession();
        ServletContext servletContext = session.getServletContext();
        String ipAddress = IPUtil.getIpAddress(httpServletRequest);
        String valueByName = this.configService.getValueByName("trustedhost");
        if (StringUtils.isNotBlank(valueByName) && !IPUtil.ipVaild(ipAddress, valueByName)) {
            throw new UEException("您的IP已被管理员限制访问，如有疑问请联系管理员！");
        }
        Integer num = (Integer) InitSystemTask.servletContext.getAttribute("dogcode");
        if (num != null && num.intValue() != 0) {
            throw new UEException(num.intValue() == 1 ? "获取加密狗出错" : "未检查到加密狗");
        }
        String requestURI = httpServletRequest.getRequestURI();
        String lowerCase = requestURI.toLowerCase();
        Long valueOf = Long.valueOf(System.currentTimeMillis());
        if (!LOOP_URI.contains(requestURI)) {
            session.setAttribute("lastAccessTime", valueOf);
        }
        Long l = (Long) session.getAttribute("lastAccessTime");
        if (l != null && l.longValue() + (session.getMaxInactiveInterval() * 1000) <= valueOf.longValue()) {
            session.removeAttribute(IUser.USER_INFO);
            session.removeAttribute(IUser.USER_PERMS);
            session.removeAttribute(IUser.USER_ACTIONS);
        }
        String validateLic = validateLic(httpServletRequest);
        if (validateLic != null) {
            if (lowerCase.endsWith(".aj")) {
                JsonResponse jsonResponse = new JsonResponse(false);
                jsonResponse.putObj("msg", validateLic);
                jsonResponse.putObj("code", "100001");
                jsonResponse.shipToResponse(httpServletRequest, httpServletResponse);
                return false;
            }
            if (lowerCase.endsWith(".ar")) {
                new StringResponse("<div style=\"padding:30px 10px;\">许可错误：" + validateLic + "！</div>").shipToResponse(httpServletRequest, httpServletResponse);
                return false;
            }
            httpServletRequest.setAttribute("err", validateLic);
            servletContext.getRequestDispatcher("/license.jsp").forward(httpServletRequest, httpServletResponse);
            return false;
        }
        int checkLogin = checkLogin(httpServletRequest);
        if (checkLogin == 2) {
            if (lowerCase.endsWith(".aj")) {
                JsonResponse jsonResponse2 = new JsonResponse(false);
                jsonResponse2.putObj("sessionout", true);
                jsonResponse2.shipToResponse(httpServletRequest, httpServletResponse);
                return false;
            }
            if (lowerCase.endsWith(".ar")) {
                new StringResponse("<div style=\"padding:30px 10px;\">您长时间未进行任何操作，会话已过期，请<a href=\"javascript:top.location.reload(true);\">重新登录</a>！</div>").shipToResponse(httpServletRequest, httpServletResponse);
                return false;
            }
            httpServletResponse.sendRedirect(String.valueOf(httpServletRequest.getSession().getServletContext().getContextPath()) + LOGIN);
            return false;
        }
        if (lowerCase.endsWith(".jsp")) {
            httpServletResponse.sendError(404);
            return false;
        }
        if (lowerCase.endsWith(".jhtml")) {
            String replace = requestURI.replace(httpServletRequest.getServletContext().getContextPath(), VIEW_PATH);
            httpServletRequest.getServletContext().getRequestDispatcher(replace.substring(0, replace.length() - 6) + ".jsp").forward(httpServletRequest, httpServletResponse);
            return false;
        }
        if (lowerCase.endsWith(".aj") && checkLogin != 1) {
            String header = httpServletRequest.getHeader(CSRF_REFERER);
            int characterPosition = getCharacterPosition(header, "/", 3);
            if (characterPosition != -1) {
                header = header.substring(0, characterPosition);
            }
            if (StringUtils.isBlank(header) || !ObjectUtil.getString(session.getAttribute(CSRF_REFERER), VIEW_PATH).equalsIgnoreCase(header)) {
                httpServletResponse.sendError(404);
                return false;
            }
        }
        if (method == null) {
            return true;
        }
        List list = (List) httpServletRequest.getSession().getAttribute(IUser.USER_ACTIONS);
        Auth auth = (Auth) method.getAnnotation(Auth.class);
        if (auth == null || list == null || list.contains(auth.value())) {
            return true;
        }
        throw new UEException("您无权限访问！");
    }

    public void afterInvoke(Method method, Throwable th, Object obj, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        LOG.debug("准备结束访问时间：" + System.currentTimeMillis());
        boolean z = true;
        String str = null;
        try {
            if (th != null) {
                z = false;
                str = parseExp(th);
                handlerExp(str, th, httpServletRequest, httpServletResponse);
            } else if (obj != null) {
                if (obj instanceof String) {
                    String obj2 = obj.toString();
                    if (!obj2.startsWith("/")) {
                        obj2 = "/" + obj2;
                    }
                    if (!obj2.contains(".")) {
                        obj2 = String.valueOf(obj2) + ".jsp";
                    }
                    httpServletRequest.getRequestDispatcher(obj2).forward(httpServletRequest, httpServletResponse);
                } else if (obj instanceof Boolean) {
                    z = ((Boolean) obj).booleanValue();
                    new JsonResponse(z).shipToResponse(httpServletRequest, httpServletResponse);
                } else if (obj instanceof IResponse) {
                    IResponse iResponse = (IResponse) obj;
                    iResponse.shipToResponse(httpServletRequest, httpServletResponse);
                    z = iResponse.isSuccess();
                }
            }
            if (method != null) {
                addAccessLog(str, (Log) method.getAnnotation(Log.class), httpServletRequest, z);
            }
            LOG.debug("正式结束访问时间：" + System.currentTimeMillis());
        } catch (Throwable th2) {
            if (method != null) {
                addAccessLog(null, (Log) method.getAnnotation(Log.class), httpServletRequest, true);
            }
            LOG.debug("正式结束访问时间：" + System.currentTimeMillis());
            throw th2;
        }
    }

    private String validateLic(HttpServletRequest httpServletRequest) {
        int valudate;
        if (validUri(NO_LIC, httpServletRequest) || (valudate = InitSystemTask.licenseApp.valudate()) == 0) {
            return null;
        }
        String str = "许可授权不正确，请联系技术人员";
        if (valudate == 2) {
            str = "许可文件未找到";
        } else if (valudate == 3) {
            str = "许可文件格式错误";
        } else if (valudate == 6) {
            str = "许可授权时间错误";
        } else if (valudate == 7) {
            str = "许可产品码错误";
        } else if (valudate == 8) {
            str = "许可使用次数已用完";
        } else if (valudate == 10) {
            str = Config.getInstance().getInt("product-type", 0) == 0 ? null : "许可非授权给当前机器";
        } else if (valudate == 11) {
            str = "许可未激活";
        }
        LOG.error("许可验证未通过，code = " + valudate);
        return str;
    }

    private String parseExp(Throwable th) {
        String property;
        if (th instanceof ArguErrorException) {
            property = "参数错误";
            ArguErrorException arguErrorException = (ArguErrorException) th;
            LOG.debug("参数错误,名称[" + arguErrorException.getName() + "]，验证名[" + arguErrorException.getValidateName() + "]");
        } else if (th instanceof UEException) {
            property = th.getMessage();
            Throwable cause = th.getCause();
            if (cause != null) {
                LOG.error(VIEW_PATH, cause);
            }
        } else {
            property = ERROR_PROPERTIE.getProperty(th.getClass().getSimpleName());
            LOG.error(VIEW_PATH, th);
        }
        return property;
    }

    private void handlerExp(String str, Throwable th, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Throwable {
        if (httpServletRequest.getRequestURI().endsWith(".aj")) {
            JsonResponse jsonResponse = new JsonResponse(false);
            if (str != null) {
                jsonResponse.putObj("msg", str);
            }
            jsonResponse.shipToResponse(httpServletRequest, httpServletResponse);
            return;
        }
        if (httpServletRequest.getRequestURI().endsWith(".ar")) {
            new StringResponse(str != null ? str : "程序执行失败").shipToResponse(httpServletRequest, httpServletResponse);
        } else {
            httpServletRequest.setAttribute("msg", str);
            throw th;
        }
    }

    private boolean validUri(String[] strArr, HttpServletRequest httpServletRequest) {
        String substring = httpServletRequest.getRequestURI().substring(httpServletRequest.getSession().getServletContext().getContextPath().length());
        if (substring.endsWith("/")) {
            substring = String.valueOf(substring) + "index.html";
        }
        for (String str : strArr) {
            if (str.charAt(0) == '*') {
                if (substring.endsWith(str.substring(1))) {
                    return true;
                }
            } else if (str.charAt(str.length() - 1) == '*') {
                if (substring.startsWith(str.substring(0, str.length() - 1))) {
                    return true;
                }
            } else if (substring.equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    private int checkLogin(HttpServletRequest httpServletRequest) {
        int i = 0;
        if (httpServletRequest.getSession().getAttribute(IUser.USER_INFO) == null) {
            i = validUri(NO_LOGIN, httpServletRequest) ? noLogin(httpServletRequest) : 2;
        } else if (validUri(NO_LOGIN, httpServletRequest)) {
            i = noLogin(httpServletRequest);
        }
        return i;
    }

    private int noLogin(HttpServletRequest httpServletRequest) {
        String stringBuffer = httpServletRequest.getRequestURL().toString();
        String string = ObjectUtil.getString(httpServletRequest.getSession().getAttribute(CSRF_REFERER), VIEW_PATH);
        int characterPosition = getCharacterPosition(stringBuffer, "/", 3);
        if (characterPosition != -1) {
            stringBuffer = stringBuffer.substring(0, characterPosition);
        }
        if (!StringUtils.isNotBlank(stringBuffer) || !StringUtils.isBlank(string)) {
            return 1;
        }
        httpServletRequest.getSession().setAttribute(CSRF_REFERER, stringBuffer);
        return 1;
    }

    private int getCharacterPosition(String str, String str2, int i) {
        try {
            Matcher matcher = Pattern.compile(str2).matcher(str);
            int i2 = 0;
            while (matcher.find()) {
                i2++;
                if (i2 == i) {
                    break;
                }
            }
            return matcher.start();
        } catch (Exception e) {
            return -1;
        }
    }

    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:46:0x01e3 -> B:26:0x01ee). Please report as a decompilation issue!!! */
    private void addAccessLog(String str, Log log, HttpServletRequest httpServletRequest, boolean z) {
        int i;
        if (log == null) {
            return;
        }
        StringBuffer stringBuffer = new StringBuffer();
        String desct = log.desct();
        if (StringUtils.isNotEmpty(desct)) {
            Matcher matcher = Pattern.compile("\\{[^\\{\\}]+\\}").matcher(desct);
            int i2 = 0;
            while (true) {
                i = i2;
                if (!matcher.find()) {
                    break;
                }
                int start = matcher.start();
                int end = matcher.end();
                if (i < start) {
                    stringBuffer.append(desct.substring(i, start));
                }
                String group = matcher.group();
                stringBuffer.append(httpServletRequest.getParameter(group.substring(1, group.length() - 1)));
                i2 = end;
            }
            stringBuffer.append(desct.substring(i));
        } else if (log.entry().length > 0) {
            for (String str2 : log.entry()) {
                String[] split = str2.split(",");
                String[] split2 = split[0].split("=");
                String defaultString = StringUtils.defaultString(httpServletRequest.getParameter(split2[0]), VIEW_PATH);
                if (!StringUtils.isBlank(defaultString)) {
                    if (split.length == 2) {
                        String[] split3 = split[1].split(";");
                        int length = split3.length;
                        int i3 = 0;
                        while (true) {
                            if (i3 >= length) {
                                break;
                            }
                            String[] split4 = split3[i3].split("=");
                            if (split4[0].equalsIgnoreCase(defaultString)) {
                                defaultString = split4[1];
                                break;
                            }
                            i3++;
                        }
                    }
                    stringBuffer.append(',');
                    stringBuffer.append(split2[1]);
                    stringBuffer.append('=');
                    stringBuffer.append(defaultString);
                }
            }
            if (stringBuffer.length() > 0) {
                stringBuffer.deleteCharAt(0);
            }
        }
        if (str != null) {
            if (stringBuffer.length() > 0) {
                stringBuffer.append((char) 65292);
            }
            stringBuffer.append("错误信息：" + str);
        }
        String str3 = null;
        HttpSession session = httpServletRequest.getSession();
        try {
            User user = (User) session.getAttribute(IUser.USER_INFO);
            if (user == null) {
                str3 = (String) session.getAttribute("username");
                session.invalidate();
            } else {
                str3 = user.getName();
            }
        } catch (Exception e) {
            LOG.error("多半是因为session失效，不算啥子问题！", e);
        }
        try {
            if (logMapper.searchCount(null, null, null, null, null, null) > ObjectUtil.getInt(this.configService.getValueByName("logMax"), 50000)) {
                logMapper.delMinLog();
            }
            logMapper.insert(str3 == null ? "未登录" : str3, log.value(), ObjectUtil.getString(httpServletRequest.getRemoteAddr(), VIEW_PATH, 50), Integer.valueOf(z ? 1 : 2), stringBuffer.toString());
        } catch (Exception e2) {
            LOG.error("记录操作日志失败", e2);
        }
    }
}
