package com.taobao.session;

import ch.qos.logback.classic.spi.CallerData;
import com.taobao.session.comm.ResponseStatus;
import com.taobao.session.comm.SessionConfigKeyConstants;
import com.taobao.session.comm.SessionRequest;
import com.taobao.session.comm.TaobaoSessionConfig;
import com.taobao.session.config.SessionManagerContext;
import com.taobao.session.config.SessionManagerContextFactory;
import com.taobao.session.except.TairReadFailureException;
import com.taobao.session.interceptor.TaobaoSessionJumpIntercept;
import com.taobao.session.logger.Logger;
import com.taobao.session.metadata.CookieMetaData;
import com.taobao.session.metadata.MetaData;
import com.taobao.session.metadata.util.MetaDataUtils;
import com.taobao.session.mng.Constant;
import com.taobao.session.mng.logger.SessionLogger;
import com.taobao.session.mng.monitor.TbpassMonitor;
import com.taobao.session.store.CookieStore;
import com.taobao.session.trace.TraceConstants;
import com.taobao.session.util.SessionExceptionStatus;
import com.taobao.session.util.SessionUtils;
import java.io.IOException;
import java.net.URLEncoder;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
import javax.servlet.FilterConfig;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.StringUtils;

/* loaded from: input_file:lib/tbsession-3.1.4.7.jar:com/taobao/session/AbstractTaobaoSessionFilter.class */
public abstract class AbstractTaobaoSessionFilter {
    private static final Logger logger = SessionLogger.getSessionIdLogger();
    private static final String TARGET = "/jump?target=";
    private static final String HTTPPROTOL = "http://jump";
    private static final String NEW_HTTPPROTOL = "https://";
    private TaobaoSessionJumpIntercept jumpIntercept;
    private FilterConfig filterConfig = null;

    /* JADX INFO: Access modifiers changed from: protected */
    public void markStatus(TaobaoSessionServletRequest taobaoSessionServletRequest, TaobaoSessionServletResponse taobaoSessionServletResponse) {
        try {
            TaobaoSession taobaoSession = (TaobaoSession) taobaoSessionServletRequest.getSession();
            if (taobaoSession == null) {
                return;
            }
            taobaoSessionServletResponse.setHeader("S", (taobaoSession.isDaily() || getTaobaoSessionConfig().isSessionDebug()) ? String.valueOf(taobaoSession.getStatus().getStatus()) + "," + taobaoSessionServletResponse.getSession().getStatus().getErrorMessage() : String.valueOf(taobaoSession.getStatus().getStatus()));
        } catch (Throwable th) {
            logger.error("markstatus error", th);
        }
    }

    protected boolean isNeedSync(SessionRequest sessionRequest, TaobaoSession taobaoSession) {
        String str;
        String str2;
        String requestURL = sessionRequest.getRequestURL();
        if ((null != requestURL && (requestURL.contains("localhost") || requestURL.contains("127.0.0.1"))) || taobaoSession.isThirdSession()) {
            return false;
        }
        if (this.jumpIntercept != null && !this.jumpIntercept.needPass(taobaoSession.getRequest(), taobaoSession.getResponse())) {
            return false;
        }
        String requestURI = sessionRequest.getRequestURI();
        if (!StringUtils.isEmpty(requestURI) && !getTaobaoSessionConfig().getFilterPages().isEmpty()) {
            Iterator<String> it = getTaobaoSessionConfig().getFilterPages().iterator();
            while (it.hasNext()) {
                if (requestURI.contains(it.next())) {
                    TbpassMonitor.log(getTaobaoSessionConfig(), "tbpass", TraceConstants.MODEL_FILTER);
                    return false;
                }
            }
        }
        Map<String, String> cookies = ((CookieStore) taobaoSession.getStoreMap().get(StoreType.cookie.storeName())).getCookies();
        String queryString = sessionRequest.getQueryString();
        if (!StringUtils.isBlank(queryString) && queryString.contains("tbpm=")) {
            int indexOf = queryString.indexOf("tbpm=");
            if (indexOf + 5 >= queryString.length()) {
                TbpassMonitor.getTbpassLogger().error("tbpass tbpm error： ip=" + sessionRequest.getRemoteAddr() + " sessionID=" + taobaoSession.getId() + " trackid=" + taobaoSession.getAttribute(SessionKeyConstants.ATTRIBUTE_TRACK_ID) + " request=" + sessionRequest.getRequestURL() + CallerData.NA + sessionRequest.getQueryString() + " referer=" + sessionRequest.getHeader("Referer") + " explore=" + sessionRequest.getHeader("User-Agent"));
                return false;
            }
            try {
                if (Integer.valueOf(queryString.substring(indexOf + 5, indexOf + 6)).intValue() >= 3) {
                    TbpassMonitor.log(getTaobaoSessionConfig(), "tbpass", "fail-3");
                    TbpassMonitor.getTbpassLogger().error("tbpass fail-3-times： ip=" + sessionRequest.getRemoteAddr() + " sessionID=" + taobaoSession.getId() + " trackid=" + taobaoSession.getAttribute(SessionKeyConstants.ATTRIBUTE_TRACK_ID) + " request=" + sessionRequest.getRequestURL() + CallerData.NA + sessionRequest.getQueryString() + " referer=" + sessionRequest.getHeader("Referer") + " explore=" + sessionRequest.getHeader("User-Agent"));
                    return false;
                }
            } catch (Exception e) {
                TbpassMonitor.getTbpassLogger().error("tbpass tbpm error： ip=" + sessionRequest.getRemoteAddr() + " sessionID=" + taobaoSession.getId() + " trackid=" + taobaoSession.getAttribute(SessionKeyConstants.ATTRIBUTE_TRACK_ID) + " request=" + sessionRequest.getRequestURL() + CallerData.NA + sessionRequest.getQueryString() + " referer=" + sessionRequest.getHeader("Referer") + " explore=" + sessionRequest.getHeader("User-Agent"), e);
                taobaoSession.getStatus().setStatus(SessionExceptionStatus.Status.STATUS_SYS_ERR).setErrorMessage("tbpm was tamper");
                return false;
            }
        }
        CookieMetaData cookieMetaData = SessionManagerContextFactory.getManagerContext(taobaoSession.getConfig()).getMetaDataManager().getMultiMetaData().getCookieMetaData();
        String str3 = cookies.get(cookieMetaData.getFrontSessionIdName());
        String str4 = cookies.get(cookieMetaData.getFrontTrackIdName());
        String str5 = cookies.get(cookieMetaData.getFrontCsrfTokenName());
        if (StringUtils.isBlank(str3) || "null".equalsIgnoreCase(str3) || StringUtils.isBlank(str4) || "null".equalsIgnoreCase(str4) || StringUtils.isBlank(str5) || "null".equalsIgnoreCase(str5)) {
            return true;
        }
        for (MetaData metaData : MetaDataUtils.getLoginMetaData(taobaoSession)) {
            if (metaData.getNeedTbpassKeys() != null) {
                for (Map.Entry<String, String> entry : metaData.getNeedTbpassKeys().entrySet()) {
                    if (!StringUtils.isNotBlank(cookies.get(entry.getKey()))) {
                        if (taobaoSession.isDisaster()) {
                            str = getLoginWhenDisaster(taobaoSession, entry.getValue());
                            str2 = getLoginWhenDisaster(taobaoSession, SessionKeyConstants.ATTRIBUTE_SESSION_DISCARD);
                        } else {
                            str = (String) taobaoSession.getAttribute(entry.getValue());
                            str2 = (String) taobaoSession.getAttribute(SessionKeyConstants.ATTRIBUTE_SESSION_DISCARD);
                        }
                        if ("true".equals(str2)) {
                            return true;
                        }
                        if (StringUtils.isNotBlank(str)) {
                            if (!"post".equalsIgnoreCase(sessionRequest.getMethod())) {
                                return true;
                            }
                            TbpassMonitor.log(getTaobaoSessionConfig(), "tbpassPostAfterLogin", "true");
                            return true;
                        }
                    }
                }
            }
        }
        TbpassMonitor.log(getTaobaoSessionConfig(), "tbpassLogin", "false");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String jumpPass(SessionRequest sessionRequest, TaobaoSession taobaoSession) throws IOException {
        StringBuilder sb;
        if (taobaoSession.isClientModel() || SessionUtils.isThirdSession(taobaoSession)) {
            return null;
        }
        if (getTaobaoSessionConfig().getTbpassIgnoreHead() != null && sessionRequest.getHeader(getTaobaoSessionConfig().getTbpassIgnoreHead()) != null) {
            return null;
        }
        if (SessionUtils.isAjaxRequest(sessionRequest) && !getTaobaoSessionConfig().isCrossDomainAllow()) {
            return null;
        }
        Set<String> excludeTbpassDomains = getExcludeTbpassDomains(sessionRequest);
        if (excludeTbpassDomains != null && excludeTbpassDomains.size() > 0) {
            String requestURL = sessionRequest.getRequestURL();
            String requestURI = sessionRequest.getRequestURI();
            if (requestURI != null) {
                requestURL = requestURL.substring(0, requestURL.lastIndexOf(requestURI));
            }
            Iterator<String> it = excludeTbpassDomains.iterator();
            while (it.hasNext()) {
                if (requestURL.contains(it.next())) {
                    return null;
                }
            }
        }
        Set<String> tbpassDomains = getTbpassDomains(sessionRequest);
        if (tbpassDomains != null && tbpassDomains.size() > 0) {
            String requestURL2 = sessionRequest.getRequestURL();
            String requestURI2 = sessionRequest.getRequestURI();
            if (requestURI2 != null) {
                requestURL2 = requestURL2.substring(0, requestURL2.lastIndexOf(requestURI2));
            }
            boolean z = false;
            Iterator<String> it2 = tbpassDomains.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                if (requestURL2.contains(it2.next())) {
                    z = true;
                    break;
                }
            }
            if (!z) {
                return null;
            }
        }
        StringBuilder sb2 = null;
        String queryString = sessionRequest.getQueryString();
        try {
            if (isNeedSync(sessionRequest, taobaoSession)) {
                TbpassMonitor.log(getTaobaoSessionConfig(), "tbpass", "true");
                if ("post".equalsIgnoreCase(sessionRequest.getMethod())) {
                    TbpassMonitor.log(getTaobaoSessionConfig(), "tbpassPost", "true");
                    TbpassMonitor.getTbpassLogger().warn("tbpass post:  ip=" + sessionRequest.getRemoteAddr() + " sessionID=" + taobaoSession.getId() + " trackid=" + taobaoSession.getAttribute(SessionKeyConstants.ATTRIBUTE_TRACK_ID) + " request=" + sessionRequest.getRequestURL().toString() + " referer=" + sessionRequest.getHeader("Referer") + " explore=" + sessionRequest.getHeader("User-Agent"));
                }
                StringBuilder sb3 = new StringBuilder(sessionRequest.getRequestURL());
                if ((sessionRequest.isSecure() || "https".equalsIgnoreCase(sessionRequest.getHeader("X-Client-Scheme")) || SessionUtils.isSSL(sessionRequest)) && StringUtils.indexOf(sb3.toString(), "http") == 0) {
                    sb3 = new StringBuilder("https:" + StringUtils.substringAfter(sb3.toString(), Constant.SEGMENT_4));
                }
                if (StringUtils.isBlank(queryString) || !queryString.contains("tbpm=")) {
                    sb3.append("?tbpm=1");
                    if (!StringUtils.isBlank(queryString)) {
                        sb3.append("&").append(queryString);
                    }
                } else {
                    int indexOf = queryString.indexOf("tbpm=");
                    sb3.append(CallerData.NA + (queryString.substring(0, indexOf + 5) + (Integer.valueOf(queryString.substring(indexOf + 5, indexOf + 6)).intValue() + 1) + queryString.substring(indexOf + 6)));
                }
                if ("true".equals(taobaoSession.getConfig().getDefaultConfig().getProperty(SessionConfigKeyConstants.USE_NEW_JUMP))) {
                    sb = new StringBuilder(NEW_HTTPPROTOL);
                    sb.append(taobaoSession.getConfig().getDefaultConfig().getProperty(SessionConfigKeyConstants.NEW_JUMP_ADDR));
                    sb.append(TARGET);
                } else {
                    sb = new StringBuilder(HTTPPROTOL);
                    sb.append(taobaoSession.getConfig().getDefaultConfig().getProperty("domain"));
                    sb.append(TARGET);
                }
                sb.append(URLEncoder.encode(sb3.toString(), "UTF-8"));
                return sb.toString();
            }
            TbpassMonitor.log(getTaobaoSessionConfig(), "tbpass", "false");
            if ("post".equalsIgnoreCase(sessionRequest.getMethod())) {
                TbpassMonitor.log(getTaobaoSessionConfig(), "tbpassPost", "false");
            }
            StringBuilder sb4 = new StringBuilder(sessionRequest.getRequestURL());
            if ((sessionRequest.isSecure() || "https".equalsIgnoreCase(sessionRequest.getHeader("X-Client-Scheme")) || SessionUtils.isSSL(sessionRequest)) && StringUtils.indexOf(sb4.toString(), "http") == 0) {
                sb4 = new StringBuilder("https:" + StringUtils.substringAfter(sb4.toString(), Constant.SEGMENT_4));
            }
            if (StringUtils.isBlank(queryString) || !queryString.contains("tbpm=")) {
                return null;
            }
            int indexOf2 = queryString.indexOf("tbpm=");
            if (indexOf2 + 5 < queryString.length()) {
                try {
                    if (Integer.valueOf(queryString.substring(indexOf2 + 5, indexOf2 + 6)).intValue() >= 3 || !getTaobaoSessionConfig().isTbpmDeleteSwitch()) {
                        return null;
                    }
                    int indexOf3 = queryString.indexOf("&", indexOf2);
                    if (indexOf3 == -1) {
                        queryString = queryString.substring(0, indexOf2 > 0 ? indexOf2 - 1 : indexOf2);
                    } else if (indexOf3 < queryString.length()) {
                        queryString = queryString.substring(0, indexOf2) + queryString.substring(indexOf3 + 1);
                    }
                } catch (Exception e) {
                    int indexOf4 = queryString.indexOf("&", indexOf2);
                    if (indexOf4 == -1) {
                        queryString = queryString.substring(0, indexOf2 > 0 ? indexOf2 - 1 : indexOf2);
                    } else if (indexOf4 < queryString.length()) {
                        queryString = queryString.substring(0, indexOf2) + queryString.substring(indexOf4 + 1);
                    }
                    taobaoSession.getStatus().setStatus(SessionExceptionStatus.Status.STATUS_SYS_ERR).setErrorMessage("jump tbpass error");
                }
            } else {
                queryString = queryString.substring(0, indexOf2);
            }
            if (StringUtils.isNotBlank(queryString)) {
                sb4.append(CallerData.NA);
            }
            sb4.append(queryString);
            return sb4.toString();
        } catch (Exception e2) {
            logger.error(e2 + " url:" + sessionRequest.getRequestURL().toString() + " target:" + sb2.toString(), e2);
            taobaoSession.getStatus().setStatus(SessionExceptionStatus.Status.STATUS_SYS_ERR).setErrorMessage("jump tbpass error");
            return null;
        }
    }

    private String getLoginWhenDisaster(TaobaoSession taobaoSession, String str) {
        ConfigEntry configEntry = taobaoSession.getConfig().getConfigEntry(str, taobaoSession.getClientVersion());
        Properties clientVersionProperties = taobaoSession.getClientVersionProperties();
        if (clientVersionProperties == null) {
            clientVersionProperties = new Properties();
        }
        try {
            return (String) taobaoSession.getStoreMap().get(StoreType.tair.storeName()).getAttribute(configEntry, clientVersionProperties);
        } catch (TairReadFailureException e) {
            taobaoSession.getStatus().setStatus(SessionExceptionStatus.Status.STATUS_SYS_ERR).setErrorMessage("disaster error");
            logger.error("disaster read login failure: " + e.getMessage());
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void init(FilterConfig filterConfig) throws Exception {
        this.filterConfig = filterConfig;
        String initParameter = filterConfig.getInitParameter(SessionConfigKeyConstants.FILTER_JUMP_INTERCEPT_CLASS);
        if (StringUtils.isNotBlank(initParameter) && this.jumpIntercept == null) {
            this.jumpIntercept = (TaobaoSessionJumpIntercept) Class.forName(initParameter).newInstance();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TaobaoSession createTaobaoSession(TaobaoSessionServletRequest taobaoSessionServletRequest, TaobaoSessionServletResponse taobaoSessionServletResponse) {
        try {
            TaobaoSession createSession = createSession(getSessionStoreFactory().createStoreMap(taobaoSessionServletRequest), taobaoSessionServletRequest, taobaoSessionServletResponse, this.filterConfig, getSessionConfig(), getTaobaoSessionConfig().isHighVistApp());
            createSession.init();
            createSession.setAlllowForbiddenCookie(getTaobaoSessionConfig().isAlllowForbiddenCookie());
            if (createSession.isThirdSession()) {
                createSession.setMaxTairExpiredInterval(getTaobaoSessionConfig().getSdkTairExpiredTime());
                createSession.setMaxTairVisitorInterval(getTaobaoSessionConfig().getSdkTairVisitorExpiredTime());
            } else {
                createSession.setMaxTairExpiredInterval(getTaobaoSessionConfig().getTairExpiredTime());
                createSession.setMaxTairVisitorInterval(getTaobaoSessionConfig().getTairVisitorExpiredTime());
            }
            createSession.setDaily(SessionUtils.isDaily(getSessionConfig().getDefaultConfig().getProperty("isDaily")));
            createSession.setForbiddenReadPrimaryCookie(getTaobaoSessionConfig().isForbiddenPrimaryCookie());
            return createSession;
        } catch (Exception e) {
            logger.error("TaobaoSessionFilter-createTaobaoSession failure: " + e.getMessage());
            return new TaobaoSession();
        }
    }

    protected abstract SessionStoreFactory getSessionStoreFactory();

    protected abstract SessionConfig getSessionConfig();

    protected abstract Set<String> getTbpassDomains(SessionRequest sessionRequest);

    protected abstract Set<String> getExcludeTbpassDomains(SessionRequest sessionRequest);

    /* JADX INFO: Access modifiers changed from: protected */
    public TaobaoSessionConfig getTaobaoSessionConfig() {
        SessionManagerContext managerContext = SessionManagerContextFactory.getManagerContext(getSessionConfig());
        if (managerContext == null) {
            throw new RuntimeException("session not init!");
        }
        return managerContext.getTaobaoSessionConfig();
    }

    protected TaobaoSession createSession(Map<String, SessionStore> map, TaobaoSessionServletRequest taobaoSessionServletRequest, TaobaoSessionServletResponse taobaoSessionServletResponse, FilterConfig filterConfig, SessionConfig sessionConfig, boolean z) {
        ServletContext servletContext = null;
        if (filterConfig != null) {
            try {
                servletContext = filterConfig.getServletContext();
            } catch (Exception e) {
                logger.error("TaobaoSessionFilter-createTaobaoSession failure: " + e.getMessage());
                return new TaobaoSession();
            }
        }
        return new TaobaoSession(taobaoSessionServletRequest, taobaoSessionServletResponse, servletContext, sessionConfig, map, z);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void response(TaobaoSessionServletResponse taobaoSessionServletResponse, ResponseStatus responseStatus, String str, String str2) throws IOException {
        if (StringUtils.isNotBlank(str)) {
            taobaoSessionServletResponse.setContentType(str);
        }
        if (responseStatus == ResponseStatus.S_302) {
            taobaoSessionServletResponse.sendRedirect(str2);
        } else if (responseStatus == ResponseStatus.S_403) {
            taobaoSessionServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, str2);
        } else if (responseStatus == ResponseStatus.S_JSON) {
            taobaoSessionServletResponse.getWriter().write(str2);
        }
    }

    public FilterConfig getFilterConfig() {
        return this.filterConfig;
    }

    public void setFilterConfig(FilterConfig filterConfig) {
        this.filterConfig = filterConfig;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Set<String> autoAddCurrentDomain(Set<String> set, SessionRequest sessionRequest) {
        if (needAutoTbpass()) {
            String serverName = sessionRequest.getServerName();
            if (StringUtils.isNotBlank(serverName)) {
                String[] split = serverName.split("\\.");
                if (split.length > 2 && !StringUtils.isNumeric(split[split.length - 1])) {
                    StringBuilder sb = new StringBuilder();
                    sb.append(split[split.length - 2]).append(".").append(split[split.length - 1]);
                    if (set == null) {
                        set = new HashSet();
                    }
                    if (!set.contains(sb.toString())) {
                        set.add(sb.toString());
                    }
                }
            }
        }
        return set;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean needAutoTbpass() {
        return getTaobaoSessionConfig().isAutoTbpass();
    }
}
