package com.ajaxjs.web.secuity;

import com.ajaxjs.config.ConfigService;
import com.ajaxjs.mvc.ModelAndView;
import com.ajaxjs.mvc.controller.MvcOutput;
import com.ajaxjs.mvc.controller.MvcRequest;
import com.ajaxjs.mvc.filter.FilterAction;
import com.ajaxjs.mvc.filter.FilterAfterArgs;
import com.ajaxjs.util.CommonUtil;
import java.lang.reflect.Method;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Pattern;

/* loaded from: input_file:com/ajaxjs/web/secuity/SecurityFilter.class */
public class SecurityFilter implements FilterAction {
    public List<String> whiteList;
    public List<String> blackList;

    public boolean isInWhiteList(String str) {
        return isInList(str, this.whiteList);
    }

    public boolean isInBlackList(String str) {
        boolean isInList = isInList(str, this.blackList);
        if (isInList) {
            return isInList;
        }
        throw new SecurityException(String.format("地址 %s 已列入黑名单！", str));
    }

    private static boolean isInList(String str, List<String> list) {
        if (CommonUtil.isNull(list)) {
            return false;
        }
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (Pattern.matches(it.next(), str)) {
                return true;
            }
        }
        return false;
    }

    @Override // com.ajaxjs.mvc.filter.FilterAction
    public boolean before(ModelAndView modelAndView, MvcRequest mvcRequest, MvcOutput mvcOutput, Method method, Object[] objArr) {
        refererCheck(mvcRequest);
        if (!"GET".equalsIgnoreCase(mvcRequest.getMethod())) {
            return true;
        }
        String requestURI = mvcRequest.getRequestURI();
        return isInWhiteList(requestURI) || !isInBlackList(requestURI);
    }

    private static void refererCheck(MvcRequest mvcRequest) {
        if (ConfigService.getValueAsBool("security.isRefererCheck")) {
            String header = mvcRequest.getHeader("referer");
            if (CommonUtil.isEmptyString(header)) {
                throw new SecurityException("请求没有 referer 字段不通过");
            }
            if (!header.startsWith(mvcRequest.getServerName())) {
                throw new SecurityException("Referer:" + header + " 来路检测不通过");
            }
        }
    }

    @Override // com.ajaxjs.mvc.filter.FilterAction
    public boolean after(FilterAfterArgs filterAfterArgs) {
        return true;
    }
}
