package org.hy.microservice.common;

import java.io.IOException;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.annotation.WebInitParam;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.hy.common.Date;
import org.hy.common.Help;
import org.hy.common.Return;
import org.hy.common.StringHelp;
import org.hy.common.TimeGroupTotal;
import org.hy.common.xml.XJSON;
import org.hy.common.xml.XJava;
import org.hy.common.xml.event.XRequestListener;
import org.hy.common.xml.log.Logger;
import org.hy.common.xml.plugins.AppInterfaces;
import org.hy.common.xml.plugins.AppMessage;
import org.hy.common.xml.plugins.XSQLFilter;
import org.hy.microservice.common.ipSafe.IIPSafeConfigService;
import org.hy.microservice.common.ipSafe.IPSafeConfig;
import org.hy.microservice.common.operationLog.IOperationLogService;
import org.hy.microservice.common.operationLog.OperationLog;

@WebFilter(filterName = "logFilter", urlPatterns = {"/*"}, initParams = {@WebInitParam(name = "exclusions", value = "*.js,*.gif,*.jpg,*.png,*.css,*.ico,*.swf"), @WebInitParam(name = "cachesize", value = "1000"), @WebInitParam(name = "timeout", value = "60")})
/* loaded from: input_file:org/hy/microservice/common/LogFilter.class */
public class LogFilter extends XSQLFilter implements XRequestListener {
    private static final Logger $Logger = new Logger(LogFilter.class);
    private static final Map<String, TimeGroupTotal> $APITotalMinute = new HashMap();
    private static final Map<String, TimeGroupTotal> $APITotalMinute10 = new HashMap();
    private IIPSafeConfigService ipSafeConfigService = (IIPSafeConfigService) XJava.getObject("IPSafeConfigService");
    private IOperationLogService operationLogService = (IOperationLogService) XJava.getObject("OperationLogService");
    private long apiUseMaxCountMinute = Long.valueOf(XJava.getParam("MS_Common_ApiUseMaxCountMinute").getValue()).longValue();
    private long apiUseMaxCountMinute10 = Long.valueOf(XJava.getParam("MS_Common_ApiUseMaxCountMinute10").getValue()).longValue();
    private String systemCode = XJava.getParam("MS_Common_ServiceName").getValue();

    public LogFilter() {
        AppInterfaces.setListener(this);
    }

    private synchronized boolean allowUseAPIMinute(String str) {
        TimeGroupTotal timeGroupTotal = $APITotalMinute.get(str);
        Date nowTime = Date.getNowTime();
        if (timeGroupTotal == null) {
            timeGroupTotal = new TimeGroupTotal(1);
            timeGroupTotal.setMaxSize(60);
            $APITotalMinute.put(str, timeGroupTotal);
        } else {
            Long l = timeGroupTotal.get(nowTime);
            if (l != null && l.longValue() > this.apiUseMaxCountMinute) {
                return false;
            }
        }
        timeGroupTotal.put(nowTime);
        return true;
    }

    private synchronized boolean allowUseAPIMinute10(String str) {
        TimeGroupTotal timeGroupTotal = $APITotalMinute10.get(str);
        Date nowTime = Date.getNowTime();
        if (timeGroupTotal == null) {
            timeGroupTotal = new TimeGroupTotal(15);
            timeGroupTotal.setMaxSize(8);
            $APITotalMinute10.put(str, timeGroupTotal);
        } else {
            Long l = timeGroupTotal.get(nowTime);
            if (l != null && l.longValue() > this.apiUseMaxCountMinute10) {
                return false;
            }
        }
        timeGroupTotal.put(nowTime);
        return true;
    }

    private boolean haveWhiteList() {
        return !Help.isNull((Map) this.ipSafeConfigService.queryAll().get(IPSafeConfig.$Type_WhiteList));
    }

    private boolean isbackWhiteList(String str, OperationLog operationLog) {
        Map map = (Map) this.ipSafeConfigService.queryAll().get(str);
        if (Help.isNull(map)) {
            return false;
        }
        ArrayList<String> arrayList = new ArrayList();
        String[] split = operationLog.getUserIP().split("\\.");
        arrayList.add(operationLog.getUserIP());
        if (split.length >= 4) {
            arrayList.add(split[0] + "." + split[1] + "." + split[2] + ".");
            arrayList.add(split[0] + "." + split[1] + ".");
            arrayList.add(split[0] + ".");
        }
        for (String str2 : arrayList) {
            if (((IPSafeConfig) map.get(str2 + "@" + operationLog.getModuleCode() + "@" + operationLog.getUrl())) != null) {
                this.ipSafeConfigService.putIPSafeHit(operationLog.getIpSafeKey(), str);
                return true;
            }
            if (((IPSafeConfig) map.get(str2 + "@" + operationLog.getModuleCode())) != null) {
                this.ipSafeConfigService.putIPSafeHit(operationLog.getIpSafeKey(), str);
                return true;
            }
            if (((IPSafeConfig) map.get(str2)) != null) {
                this.ipSafeConfigService.putIPSafeHit(operationLog.getIpSafeKey(), str);
                return true;
            }
        }
        return false;
    }

    private OperationLog backWhiteCheck(OperationLog operationLog) {
        String iPSafeHit = this.ipSafeConfigService.getIPSafeHit(operationLog.getIpSafeKey());
        if (IPSafeConfig.$Type_BackList.equals(iPSafeHit) || isbackWhiteList(IPSafeConfig.$Type_BackList, operationLog)) {
            operationLog.setAttackType(IPSafeConfig.$Type_BackList);
            operationLog.setUrlResponse("{\"code\": \"-891\", \"message\": \"blacklist\"}");
            operationLog.setResultCode("-891");
            operationLog.setResponseTime(Long.valueOf(Date.getNowTime().getTime()));
            operationLog.setTimeLen(Long.valueOf(operationLog.getResponseTime().longValue() - operationLog.getRequestTime().longValue()));
        } else if (haveWhiteList()) {
            if (IPSafeConfig.$Type_WhiteList.equals(iPSafeHit) || isbackWhiteList(IPSafeConfig.$Type_WhiteList, operationLog)) {
                operationLog.setAttackType(IPSafeConfig.$Type_WhiteList);
            } else {
                operationLog.setAttackType("Not on the whitelist");
                operationLog.setUrlResponse("{\"code\": \"-892\", \"message\": \"Not on the whitelist\"}");
                operationLog.setResultCode("-892");
                operationLog.setResponseTime(Long.valueOf(Date.getNowTime().getTime()));
                operationLog.setTimeLen(Long.valueOf(operationLog.getResponseTime().longValue() - operationLog.getRequestTime().longValue()));
            }
        }
        return operationLog;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        String servletPath = ((HttpServletRequest) servletRequest).getServletPath();
        String[] split = servletPath.split("/");
        if (StringHelp.isContains(servletPath, new String[]{"analyse", "."}) || split.length < 3) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        if (ProjectStartBase.$RequestMappingMethods.getRow(split[1], servletPath) == null) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        LogHttpServletRequestWrapper logHttpServletRequestWrapper = new LogHttpServletRequestWrapper((HttpServletRequest) servletRequest);
        OperationLog operationLog = new OperationLog();
        try {
            if (Help.isNull(logHttpServletRequestWrapper.getBodyString())) {
                operationLog.setUserID("");
            } else {
                BaseViewMode baseViewMode = (BaseViewMode) new XJSON().toJava(logHttpServletRequestWrapper.getBodyString(), BaseViewMode.class);
                operationLog.setUserID(Help.NVL(baseViewMode.getCreateUserID(), baseViewMode.getUserID()));
            }
            operationLog.setCreateTime(new Date());
            operationLog.setId(StringHelp.getUUID());
            operationLog.setUrl(servletPath);
            operationLog.setUrlRequest(logHttpServletRequestWrapper.getQueryString());
            operationLog.setUrlRequestBody(logHttpServletRequestWrapper.getBodyString());
            operationLog.setUserIP(getIpAddress(logHttpServletRequestWrapper));
            operationLog.setSystemCode(this.systemCode);
            operationLog.setModuleCode(split[1]);
            backWhiteCheck(operationLog);
        } catch (Exception e) {
            $Logger.error(e);
        }
        ServletOutputStream servletOutputStream = null;
        LogHttpServletResponseWrapper logHttpServletResponseWrapper = new LogHttpServletResponseWrapper((HttpServletResponse) servletResponse);
        if (!Help.isNull(operationLog.getUrlResponse())) {
            servletResponse.setCharacterEncoding("UTF-8");
            servletResponse.setContentType("application/json");
            servletResponse.getOutputStream().write(operationLog.getUrlResponse().getBytes());
            this.operationLogService.insert(operationLog);
            return;
        }
        if (!allowUseAPIMinute(operationLog.getUrl())) {
            operationLog.setUrlResponse("访问量达到上限");
            operationLog.setAttackType("ApiUseMaxCountMinute");
            servletResponse.setCharacterEncoding("UTF-8");
            servletResponse.setContentType("application/json");
            servletResponse.getOutputStream().write(operationLog.getUrlResponse().getBytes());
            this.operationLogService.insert(operationLog);
            return;
        }
        if (!allowUseAPIMinute10(operationLog.getUrl())) {
            operationLog.setUrlResponse("访问量达到10分钟上限");
            operationLog.setAttackType("ApiUseMaxCountMinute10");
            servletResponse.setCharacterEncoding("UTF-8");
            servletResponse.setContentType("application/json");
            servletResponse.getOutputStream().write(operationLog.getUrlResponse().getBytes());
            this.operationLogService.insert(operationLog);
            return;
        }
        this.operationLogService.insert(operationLog);
        super.doFilter(logHttpServletRequestWrapper, logHttpServletResponseWrapper, filterChain);
        try {
            try {
                byte[] responseData = logHttpServletResponseWrapper.getResponseData();
                operationLog.setUrlResponse(new String(responseData, "UTF-8"));
                operationLog.setResponseTime(Long.valueOf(Date.getNowTime().getTime()));
                operationLog.setTimeLen(Long.valueOf(operationLog.getResponseTime().longValue() - operationLog.getRequestTime().longValue()));
                if (!Help.isNull(operationLog.getUrlResponse())) {
                    try {
                        operationLog.setResultCode(((BaseResponse) new XJSON().toJava(operationLog.getUrlResponse(), BaseResponse.class)).getCode());
                    } catch (Exception e2) {
                        operationLog.setResultCode("200");
                    }
                    if (operationLog.getUrlResponse().length() >= 4000) {
                        operationLog.setUrlResponse(operationLog.getUrlResponse().substring(0, 3999));
                    }
                }
                this.operationLogService.update(operationLog);
                servletOutputStream = servletResponse.getOutputStream();
                servletOutputStream.write(responseData);
                if (servletOutputStream != null) {
                    servletOutputStream.flush();
                    servletOutputStream.close();
                }
            } catch (Exception e3) {
                $Logger.error(e3);
                if (servletOutputStream != null) {
                    servletOutputStream.flush();
                    servletOutputStream.close();
                }
            }
        } catch (Throwable th) {
            if (servletOutputStream != null) {
                servletOutputStream.flush();
                servletOutputStream.close();
            }
            throw th;
        }
    }

    public Return<Object> before(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AppMessage<?> appMessage, String str) {
        Return r0 = new Return(true);
        OperationLog operationLog = new OperationLog();
        String NVL = Help.NVL(httpServletRequest.getParameter("userID"), httpServletRequest.getParameter("createUserID"));
        operationLog.setCreateTime(new Date());
        operationLog.setId(StringHelp.getUUID());
        operationLog.setUrl("/app/" + appMessage.getSid());
        operationLog.setUrlRequest(httpServletRequest.getQueryString());
        operationLog.setUrlRequestBody(str);
        operationLog.setUserIP(getIpAddress(httpServletRequest));
        operationLog.setSystemCode(this.systemCode);
        operationLog.setModuleCode("/app");
        operationLog.setUserID(Help.NVL(NVL, Help.NVL(appMessage.getSession())));
        backWhiteCheck(operationLog);
        if (!Help.isNull(operationLog.getUrlResponse())) {
            r0.set(false).setParamStr(operationLog.getUrlResponse());
        } else if (!allowUseAPIMinute(operationLog.getUrl())) {
            operationLog.setUrlResponse("访问量达到上限");
            operationLog.setAttackType("ApiUseMaxCountMinute");
            r0.set(false).setParamStr(operationLog.getUrlResponse());
        } else if (!allowUseAPIMinute10(operationLog.getUrl())) {
            operationLog.setUrlResponse("访问量达到10分钟上限");
            operationLog.setAttackType("ApiUseMaxCountMinute10");
            r0.set(false).setParamStr(operationLog.getUrlResponse());
        }
        this.operationLogService.insert(operationLog);
        return r0.setParamObj(operationLog);
    }

    public void succeed(AppMessage<?> appMessage, AppMessage<?> appMessage2, Object obj) {
        OperationLog operationLog = (OperationLog) obj;
        if (appMessage2 != null) {
            try {
                operationLog.setUrlResponse(appMessage2.toString());
            } catch (Exception e) {
                operationLog.setUrlResponse(e.toString());
                $Logger.warn(e);
            }
        } else {
            operationLog.setUrlResponse("");
        }
        operationLog.setResponseTime(Long.valueOf(Date.getNowTime().getTime()));
        operationLog.setTimeLen(Long.valueOf(operationLog.getResponseTime().longValue() - operationLog.getRequestTime().longValue()));
        operationLog.setResultCode("200");
        this.operationLogService.update(operationLog);
    }

    public void fail(AppMessage<?> appMessage, Exception exc, Object obj) {
        OperationLog operationLog = (OperationLog) obj;
        if (exc != null) {
            operationLog.setUrlResponse(exc.toString());
        } else {
            operationLog.setUrlResponse("");
        }
        operationLog.setResponseTime(Long.valueOf(Date.getNowTime().getTime()));
        operationLog.setTimeLen(Long.valueOf(operationLog.getResponseTime().longValue() - operationLog.getRequestTime().longValue()));
        operationLog.setResultCode(appMessage.getRc());
        this.operationLogService.update(operationLog);
    }

    private String getIpAddress(HttpServletRequest httpServletRequest) {
        String header = httpServletRequest.getHeader("x-forwarded-for");
        if (header == null || header.length() == 0 || "unknow".equalsIgnoreCase(header)) {
            header = httpServletRequest.getHeader("Proxy-Client-IP");
        }
        if (header == null || header.length() == 0 || "unknown".equalsIgnoreCase(header)) {
            header = httpServletRequest.getHeader("WL-Proxy-Client-IP");
        }
        if (header == null || header.length() == 0 || "unknown".equalsIgnoreCase(header)) {
            header = httpServletRequest.getRemoteAddr();
            if (header.equals("127.0.0.1")) {
                InetAddress inetAddress = null;
                try {
                    inetAddress = InetAddress.getLocalHost();
                } catch (Exception e) {
                    e.printStackTrace();
                }
                header = inetAddress.getHostAddress();
            }
        }
        if (header != null && header.length() > 15 && header.indexOf(",") > 0) {
            header = header.substring(0, header.indexOf(","));
        }
        return header;
    }
}
