package com.enation.app.javashop.framework.context.request;

import com.aliyun.oss.internal.RequestParameters;
import com.enation.app.javashop.framework.JavashopConfig;
import com.enation.app.javashop.framework.logs.Logger;
import com.enation.app.javashop.framework.logs.LoggerFactory;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.Iterator;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.lang.Nullable;
import org.springframework.util.AntPathMatcher;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

/* loaded from: input_file:BOOT-INF/lib/micro-framework-7.2.1-SNAPSHOT.jar:com/enation/app/javashop/framework/context/request/JavashopRequestInterceptor.class */
public class JavashopRequestInterceptor extends HandlerInterceptorAdapter {

    @Autowired(required = false)
    private JavashopConfig javashopConfig;

    @Value("${spring.cloud.config.profile:dev}")
    private String profile;
    private AntPathMatcher matcher = new AntPathMatcher();
    private static Logger logger = LoggerFactory.getLogger((Class<?>) JavashopRequestInterceptor.class);

    @Value("${javashop.referer.checked:false}")
    private boolean checked;

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        if (!checkReferer(httpServletRequest, httpServletResponse)) {
            return false;
        }
        ThreadContextHolder.setHttpResponse(httpServletResponse);
        ThreadContextHolder.setHttpRequest(httpServletRequest);
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }

    private boolean checkReferer(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
        if (!this.checked) {
            return true;
        }
        String header = httpServletRequest.getHeader(RequestParameters.SUBRESOURCE_REFERER);
        String serverName = httpServletRequest.getServerName();
        String requestURI = httpServletRequest.getRequestURI();
        logger.debug("referer=" + header);
        logger.debug("uri=" + httpServletRequest.getRequestURI());
        boolean z = requestURI.startsWith("/client") || "/load-customwords".equals(requestURI) || "/swagger-ui.html".equals(requestURI) || requestURI.startsWith("/order/pay/weixin/qr") || requestURI.startsWith("/order/pay/weixin/status") || requestURI.startsWith("/payment/callback") || requestURI.startsWith("/payment/return") || requestURI.startsWith("/debugger") || requestURI.contains("/callback") || requestURI.startsWith("/passport/connect");
        if (header == null && z) {
            return true;
        }
        if (header == null) {
            httpServletResponse.setStatus(404);
            logger.debug("本次请求的referer为空");
            return false;
        }
        try {
            URL url = new URL(header);
            if (serverName.equals(url.getHost())) {
                return true;
            }
            if (this.javashopConfig.getReferer() != null) {
                Iterator<String> it = this.javashopConfig.getReferer().iterator();
                while (it.hasNext()) {
                    if (this.matcher.match(it.next(), url.getHost())) {
                        return true;
                    }
                }
            }
            logger.debug("当前referer没有加入到配置中：" + url.getHost());
            return false;
        } catch (MalformedURLException e) {
            httpServletResponse.setStatus(404);
            return false;
        }
    }

    @Override // org.springframework.web.servlet.handler.HandlerInterceptorAdapter, org.springframework.web.servlet.HandlerInterceptor
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj, @Nullable Exception exc) throws Exception {
        ThreadContextHolder.remove();
        super.afterCompletion(httpServletRequest, httpServletResponse, obj, exc);
    }
}
