package com.alibaba.druid.support.http;

import com.alibaba.druid.support.http.util.IPAddress;
import com.alibaba.druid.support.http.util.IPRange;
import com.alibaba.druid.support.logging.Log;
import com.alibaba.druid.support.logging.LogFactory;
import com.alibaba.druid.util.Utils;
import io.seata.common.Constants;
import io.seata.common.util.NetUtil;
import io.seata.common.util.StringUtils;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/* loaded from: input_file:lib/sqlparser/druid.jar:com/alibaba/druid/support/http/ResourceServlet.class */
public abstract class ResourceServlet extends HttpServlet {
    private static final Log LOG = LogFactory.getLog(ResourceServlet.class);
    public static final String SESSION_USER_KEY = "druid-user";
    public static final String PARAM_NAME_USERNAME = "loginUsername";
    public static final String PARAM_NAME_PASSWORD = "loginPassword";
    public static final String PARAM_NAME_ALLOW = "allow";
    public static final String PARAM_NAME_DENY = "deny";
    public static final String PARAM_REMOTE_ADDR = "remoteAddress";
    protected final ResourceHandler handler;

    /* loaded from: input_file:lib/sqlparser/druid.jar:com/alibaba/druid/support/http/ResourceServlet$ProcessCallback.class */
    public interface ProcessCallback {
        String process(String str);
    }

    /* loaded from: input_file:lib/sqlparser/druid.jar:com/alibaba/druid/support/http/ResourceServlet$ResourceHandler.class */
    public static class ResourceHandler {
        protected String resourcePath;
        protected String username = null;
        protected String password = null;
        protected List<IPRange> allowList = new ArrayList();
        protected List<IPRange> denyList = new ArrayList();
        protected String remoteAddressHeader = null;

        public ResourceHandler(String str) {
            this.resourcePath = str;
        }

        protected void returnResourceFile(String str, String str2, HttpServletResponse httpServletResponse) throws ServletException, IOException {
            String filePath = getFilePath(str);
            if (filePath.endsWith(".html")) {
                httpServletResponse.setContentType("text/html; charset=utf-8");
            }
            if (str.endsWith(".jpg")) {
                byte[] readByteArrayFromResource = Utils.readByteArrayFromResource(filePath);
                if (readByteArrayFromResource != null) {
                    httpServletResponse.getOutputStream().write(readByteArrayFromResource);
                    return;
                }
                return;
            }
            String readFromResource = Utils.readFromResource(filePath);
            if (readFromResource == null) {
                return;
            }
            if (str.endsWith(".css")) {
                httpServletResponse.setContentType("text/css;charset=utf-8");
            } else if (str.endsWith(".js")) {
                httpServletResponse.setContentType("text/javascript;charset=utf-8");
            }
            httpServletResponse.getWriter().write(readFromResource);
        }

        protected String getFilePath(String str) {
            return this.resourcePath + str;
        }

        public boolean checkLoginParam(HttpServletRequest httpServletRequest) {
            return null != this.username && null != this.password && this.username.equals(httpServletRequest.getParameter(ResourceServlet.PARAM_NAME_USERNAME)) && this.password.equals(httpServletRequest.getParameter(ResourceServlet.PARAM_NAME_PASSWORD));
        }

        protected String getRemoteAddress(HttpServletRequest httpServletRequest) {
            String str = null;
            if (this.remoteAddressHeader != null) {
                str = httpServletRequest.getHeader(this.remoteAddressHeader);
            }
            if (str == null) {
                str = httpServletRequest.getRemoteAddr();
            }
            return str;
        }

        public boolean containsUser(HttpServletRequest httpServletRequest) {
            HttpSession session = httpServletRequest.getSession(false);
            return (session == null || session.getAttribute(ResourceServlet.SESSION_USER_KEY) == null) ? false : true;
        }

        public boolean isRequireAuth() {
            return this.username != null;
        }

        public boolean isPermittedRequest(HttpServletRequest httpServletRequest) {
            return isPermittedRequest(getRemoteAddress(httpServletRequest));
        }

        public boolean isPermittedRequest(String str) {
            if ((str == null || str.indexOf(58) == -1) ? false : true) {
                return NetUtil.LOCALHOST_IPV6.equals(str) || (this.denyList.size() == 0 && this.allowList.size() == 0);
            }
            IPAddress iPAddress = new IPAddress(str);
            Iterator<IPRange> it = this.denyList.iterator();
            while (it.hasNext()) {
                if (it.next().isIPAddressInRange(iPAddress)) {
                    return false;
                }
            }
            if (this.allowList.size() <= 0) {
                return true;
            }
            Iterator<IPRange> it2 = this.allowList.iterator();
            while (it2.hasNext()) {
                if (it2.next().isIPAddressInRange(iPAddress)) {
                    return true;
                }
            }
            return false;
        }

        public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, ProcessCallback processCallback) throws ServletException, IOException {
            String contextPath = httpServletRequest.getContextPath();
            String requestURI = httpServletRequest.getRequestURI();
            httpServletResponse.setCharacterEncoding("utf-8");
            if (contextPath == null) {
                contextPath = StringUtils.EMPTY;
            }
            String str2 = contextPath + str;
            String substring = requestURI.substring(contextPath.length() + str.length());
            if (!isPermittedRequest(httpServletRequest)) {
                returnResourceFile("/nopermit.html", str2, httpServletResponse);
                return;
            }
            if ("/submitLogin".equals(substring)) {
                String parameter = httpServletRequest.getParameter(ResourceServlet.PARAM_NAME_USERNAME);
                String parameter2 = httpServletRequest.getParameter(ResourceServlet.PARAM_NAME_PASSWORD);
                if (!this.username.equals(parameter) || !this.password.equals(parameter2)) {
                    httpServletResponse.getWriter().print("error");
                    return;
                } else {
                    httpServletRequest.getSession().setAttribute(ResourceServlet.SESSION_USER_KEY, this.username);
                    httpServletResponse.getWriter().print("success");
                    return;
                }
            }
            if (isRequireAuth() && !containsUser(httpServletRequest) && !checkLoginParam(httpServletRequest) && !"/login.html".equals(substring) && !substring.startsWith("/css") && !substring.startsWith("/js") && !substring.startsWith("/img")) {
                if (contextPath.equals(StringUtils.EMPTY) || contextPath.equals(Constants.ENDPOINT_BEGIN_CHAR)) {
                    httpServletResponse.sendRedirect("/druid/login.html");
                    return;
                } else if (StringUtils.EMPTY.equals(substring)) {
                    httpServletResponse.sendRedirect("druid/login.html");
                    return;
                } else {
                    httpServletResponse.sendRedirect("login.html");
                    return;
                }
            }
            if (StringUtils.EMPTY.equals(substring) || Constants.ENDPOINT_BEGIN_CHAR.equals(substring)) {
                returnResourceFile("/index.html", str2, httpServletResponse);
                return;
            }
            if (!substring.contains(".json")) {
                returnResourceFile(substring, str2, httpServletResponse);
                return;
            }
            String str3 = substring;
            if (httpServletRequest.getQueryString() != null && httpServletRequest.getQueryString().length() > 0) {
                str3 = str3 + "?" + httpServletRequest.getQueryString();
            }
            httpServletResponse.getWriter().print(processCallback.process(str3));
        }
    }

    public ResourceServlet(String str) {
        this.handler = new ResourceHandler(str);
    }

    public void init() throws ServletException {
        initAuthEnv();
    }

    private void initAuthEnv() {
        String initParameter = getInitParameter(PARAM_NAME_USERNAME);
        if (!com.alibaba.druid.util.StringUtils.isEmpty(initParameter)) {
            this.handler.username = initParameter;
        }
        String initParameter2 = getInitParameter(PARAM_NAME_PASSWORD);
        if (!com.alibaba.druid.util.StringUtils.isEmpty(initParameter2)) {
            this.handler.password = initParameter2;
        }
        String initParameter3 = getInitParameter(PARAM_REMOTE_ADDR);
        if (!com.alibaba.druid.util.StringUtils.isEmpty(initParameter3)) {
            this.handler.remoteAddressHeader = initParameter3;
        }
        try {
            String initParameter4 = getInitParameter(PARAM_NAME_ALLOW);
            if (initParameter4 != null && initParameter4.trim().length() != 0) {
                for (String str : initParameter4.trim().split(",")) {
                    if (str != null && str.length() != 0) {
                        this.handler.allowList.add(new IPRange(str));
                    }
                }
            }
        } catch (Exception e) {
            LOG.error("initParameter config error, allow : " + getInitParameter(PARAM_NAME_ALLOW), e);
        }
        try {
            String initParameter5 = getInitParameter(PARAM_NAME_DENY);
            if (initParameter5 != null && initParameter5.trim().length() != 0) {
                for (String str2 : initParameter5.trim().split(",")) {
                    if (str2 != null && str2.length() != 0) {
                        this.handler.denyList.add(new IPRange(str2));
                    }
                }
            }
        } catch (Exception e2) {
            LOG.error("initParameter config error, deny : " + getInitParameter(PARAM_NAME_DENY), e2);
        }
    }

    public boolean isPermittedRequest(String str) {
        return this.handler.isPermittedRequest(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getFilePath(String str) {
        return this.handler.resourcePath + str;
    }

    protected void returnResourceFile(String str, String str2, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        this.handler.returnResourceFile(str, str2, httpServletResponse);
    }

    public void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        this.handler.service(httpServletRequest, httpServletResponse, httpServletRequest.getServletPath(), new ProcessCallback() { // from class: com.alibaba.druid.support.http.ResourceServlet.1
            @Override // com.alibaba.druid.support.http.ResourceServlet.ProcessCallback
            public String process(String str) {
                return ResourceServlet.this.process(str);
            }
        });
    }

    public boolean ContainsUser(HttpServletRequest httpServletRequest) {
        return this.handler.containsUser(httpServletRequest);
    }

    public boolean checkLoginParam(HttpServletRequest httpServletRequest) {
        return this.handler.checkLoginParam(httpServletRequest);
    }

    public boolean isRequireAuth() {
        return this.handler.isRequireAuth();
    }

    public boolean isPermittedRequest(HttpServletRequest httpServletRequest) {
        return this.handler.isPermittedRequest(httpServletRequest);
    }

    protected String getRemoteAddress(HttpServletRequest httpServletRequest) {
        return this.handler.getRemoteAddress(httpServletRequest);
    }

    protected abstract String process(String str);
}
