package org.opengion.hayabusa.filter;

import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.opengion.fukurou.security.URLHashMap;
import org.opengion.fukurou.util.FileUtil;
import org.opengion.fukurou.util.StringUtil;
import org.opengion.hayabusa.common.HybsSystem;

/* loaded from: input_file:WEB-INF/lib/hayabusa7.3.1.2.jar:org/opengion/hayabusa/filter/URLHashFilter.class */
public final class URLHashFilter implements Filter {
    private static final String REQ_KEY = "h_r";
    private static final int ACCS_LVL = HybsSystem.sysInt("URL_ACCESS_SECURITY_LEVEL");
    private String initPage = "/jsp/index.jsp";
    private String filename = "jsp/custom/refuseAccess.html";
    private boolean isDebug;

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        httpServletRequest.setCharacterEncoding("UTF-8");
        if (!isValidAccess(httpServletRequest)) {
            servletResponse.setContentType("text/html; charset=UTF-8");
            PrintWriter writer = servletResponse.getWriter();
            writer.println(refuseMsg());
            writer.flush();
            return;
        }
        String parameter = httpServletRequest.getParameter("h_r");
        if (parameter == null || !(servletResponse instanceof HttpServletResponse)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        String value = URLHashMap.getValue(parameter);
        if (value == null) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(this.initPage));
            return;
        }
        String requestURI = httpServletRequest.getRequestURI();
        String contextPath = httpServletRequest.getContextPath();
        if (requestURI.startsWith(contextPath)) {
            servletRequest.getRequestDispatcher(requestURI.substring(contextPath.length()) + "?" + value).forward(servletRequest, servletResponse);
        } else {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(requestURI + "?" + value));
        }
    }

    public void init(FilterConfig filterConfig) {
        this.initPage = StringUtil.nval(filterConfig.getInitParameter("initPage"), this.initPage);
        this.isDebug = StringUtil.nval(filterConfig.getInitParameter("debug"), this.isDebug);
        this.filename = HybsSystem.getRealPath() + StringUtil.nval(filterConfig.getInitParameter("filename"), this.filename);
    }

    public void destroy() {
    }

    private String refuseMsg() {
        return FileUtil.getValue(this.filename, "UTF-8");
    }

    private boolean isValidAccess(HttpServletRequest httpServletRequest) {
        if (ACCS_LVL == 0) {
            return true;
        }
        String header = httpServletRequest.getHeader("Referer");
        String requestURI = httpServletRequest.getRequestURI();
        String queryString = httpServletRequest.getQueryString();
        String parameter = httpServletRequest.getParameter("h_r");
        if (this.isDebug) {
            System.out.println("URLHashFilter#httpReferer = " + header);
            System.out.println("URLHashFilter#requestURI  = " + requestURI);
        }
        boolean z = queryString == null || parameter != null;
        if (ACCS_LVL == 1 || ACCS_LVL == 2) {
            return z || header != null;
        }
        if (ACCS_LVL != 3) {
            return false;
        }
        String contextPath = httpServletRequest.getContextPath();
        return z || requestURI.equalsIgnoreCase(this.initPage) || requestURI.startsWith(contextPath + "/jsp/menu/") || requestURI.startsWith(contextPath + "/jsp/custom/") || requestURI.startsWith(contextPath + "/jsp/common/");
    }

    public String toString() {
        return new StringBuilder(200).append(getClass().getCanonicalName()).append(" : ").append("initPage = [").append(this.initPage).append("] , ").append("isDebug  = [").append(this.isDebug).append("]").toString();
    }
}
