package kd.bos.web.actions;

import java.io.BufferedOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import kd.bos.actiondispatcher.ActionUtil;
import kd.bos.context.RequestContext;
import kd.bos.dataentity.resource.ResManager;
import kd.bos.dataentity.serialization.SerializationUtils;
import kd.bos.dataentity.utils.StringUtils;
import kd.bos.exception.KDException;
import kd.bos.ksql.TransUtil;
import kd.bos.ksql.exception.SqlTranslateException;
import kd.bos.logging.Log;
import kd.bos.logging.LogFactory;
import kd.bos.mservice.svc.expt.IExportService;
import kd.bos.service.ServiceFactory;
import kd.bos.session.SessionManager;
import kd.bos.web.DispatchServiceHelper;
import org.apache.commons.codec.digest.DigestUtils;

/* loaded from: input_file:kd/bos/web/actions/FormAction.class */
public class FormAction {
    private static final String PAGE_ID = "pageId";
    private static final String FORM_SERVICE = "FormService";
    private static final String FORM_ID = "formId";
    private static final String BOS_WEBACTIONS = "bos-webactions";
    private static final String PARAMS = "params";
    private static final String UTF_8 = "UTF-8";
    private static final String QUERY_SERVICE = "QueryService";
    private static final String RELEASE_EXPORT_DATA = "releaseExportData";
    private static final String HAS_NEXT_PAGE = "hasNextPage";
    private static final String APP_ID = "appId";
    private static final String BR_STR = "<br><br>";
    private static Log log = LogFactory.getLog(FormAction.class);
    private static final String KD_CSRF_TOKEN = "kd-csrf-token";

    public void getConfigByPageId(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String str = (String) DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "getConfigByPageId", httpServletRequest.getParameter(PAGE_ID));
        putConfigCSRFToken(httpServletResponse);
        ActionUtil.writeResponseJson(httpServletResponse, str);
    }

    public void getConfigByParameter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String str = (String) DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "getConfigByParameter", httpServletRequest.getParameter("parameter"));
        if (StringUtils.isBlank(str)) {
            HashMap hashMap = new HashMap();
            if ("mobile".equals(RequestContext.get().getClient())) {
                hashMap.put(FORM_ID, "error_404_mob");
                hashMap.put("caption", ResManager.loadKDString("找不到页面", "FormAction_7", BOS_WEBACTIONS, new Object[0]));
            } else {
                hashMap.put(FORM_ID, "error_404");
            }
            str = (String) DispatchServiceHelper.invokeBOSServiceByAppId("bos", FORM_SERVICE, "getConfig", hashMap);
        }
        putConfigCSRFToken(httpServletResponse);
        ActionUtil.writeResponseJson(httpServletResponse, str);
    }

    public void getConfig(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        Map map = (Map) SerializationUtils.fromJsonString(httpServletRequest.getParameter(PARAMS), Map.class);
        String str = (String) map.get(FORM_ID);
        if ("list".equals((String) map.get("type"))) {
            str = (String) map.get("billFormId");
        }
        String str2 = "bos";
        try {
            str2 = (String) DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "getAppId", str);
        } catch (KDException e) {
            if ("mobile".equals(RequestContext.get().getClient())) {
                map.put(FORM_ID, "error_404_mob");
                map.put("caption", "找不到页面");
            } else {
                map.put(FORM_ID, "error_404");
            }
        }
        putConfigCSRFToken(httpServletResponse);
        ActionUtil.writeResponseJson(httpServletResponse, (String) DispatchServiceHelper.invokeBOSServiceByAppId(str2, FORM_SERVICE, "getConfig", map));
    }

    private static void putConfigCSRFToken(HttpServletResponse httpServletResponse) {
        String cSRFTokenValue = SessionManager.getCSRFTokenValue(RequestContext.get().getGlobalSessionId());
        if (kd.bos.util.StringUtils.isNotEmpty(cSRFTokenValue)) {
            httpServletResponse.addHeader(KD_CSRF_TOKEN, cSRFTokenValue);
        }
    }

    public void releaseRootPage(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("rootpage");
        boolean z = false;
        if ("true".equalsIgnoreCase(httpServletRequest.getParameter("bypageid"))) {
            z = true;
        }
        log.info("releaseRootPage, userId: {}, rootPageId: {}, byPage: {}", new Object[]{Long.valueOf(RequestContext.get().getCurrUserId()), parameter, Boolean.valueOf(z)});
        DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "releaseRootPage", parameter, Boolean.valueOf(z));
        ActionUtil.writeResponseJson(httpServletResponse, "sucess");
    }

    public void getMetadata(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("fid");
        String str = "bos";
        try {
            str = (String) DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "getAppId", parameter);
        } catch (KDException e) {
            parameter = "mobile".equals(RequestContext.get().getClient()) ? "error_404_mob" : "error_404";
        }
        String str2 = (String) DispatchServiceHelper.invokeBOSServiceByAppId(str, "MetadataService", "loadClientFormMeta", parameter);
        putConfigCSRFToken(httpServletResponse);
        ActionUtil.writeResponseJson(httpServletResponse, str2);
    }

    public void pushAICommand(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("command");
        String parameter2 = httpServletRequest.getParameter("userId");
        String parameter3 = httpServletRequest.getParameter("aitoken");
        if (!StringUtils.isNotBlank(parameter)) {
            ActionUtil.writeResponseJson(httpServletResponse, "command=null");
        } else {
            DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "pushAICommand", parameter3, parameter2, parameter);
            ActionUtil.writeResponseJson(httpServletResponse, "sucess");
        }
    }

    public void export(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        ((IExportService) ServiceFactory.getService(IExportService.class)).doExportAction(httpServletRequest, httpServletResponse);
    }

    public void timerElapsed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletRequest.setCharacterEncoding(UTF_8);
        String parameter = httpServletRequest.getParameter(APP_ID);
        String str = "[]";
        try {
            str = (String) DispatchServiceHelper.invokeBOSServiceByAppId(parameter == null ? "" : parameter, FORM_SERVICE, "batchInvokeAction", httpServletRequest.getParameter(PAGE_ID), httpServletRequest.getParameter(PARAMS));
        } catch (Exception e) {
            log.error(e.getMessage());
        }
        ActionUtil.writeResponseJson(httpServletResponse, str);
    }

    public void batchInvokeAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletRequest.setCharacterEncoding(UTF_8);
        String header = httpServletRequest.getHeader("Origin");
        String header2 = httpServletRequest.getHeader("Referer");
        if (StringUtils.isNotBlank(header2) && StringUtils.isNotBlank(header) && !header2.startsWith(header)) {
            ActionUtil.writeResponseJson(httpServletResponse, String.format("Resources not found. Origin:%s, Referer:%s", header, header2));
            return;
        }
        String parameter = httpServletRequest.getParameter(APP_ID);
        if (StringUtils.isBlank(parameter)) {
            parameter = "bos";
        }
        String parameter2 = httpServletRequest.getParameter(PAGE_ID);
        String parameter3 = httpServletRequest.getParameter(PARAMS);
        boolean z = false;
        String property = System.getProperty("is_need_check_csrf");
        String cSRFTokenValue = SessionManager.getCSRFTokenValue(RequestContext.get().getGlobalSessionId());
        if (property != null && "true".equalsIgnoreCase(property.trim())) {
            z = true;
            if (StringUtils.isBlank(cSRFTokenValue)) {
                z = false;
            }
        }
        if (z && !checkCsrf(httpServletRequest)) {
            ActionUtil.writeResponseJson(httpServletResponse, wrapToJson(ResManager.loadKDString("无效请求", "FormAction_7", BOS_WEBACTIONS, new Object[0])));
            return;
        }
        HashMap hashMap = new HashMap();
        hashMap.put("web", Boolean.TRUE);
        hashMap.put("pagesign", httpServletRequest.getHeader("pagesign"));
        String str = "[]";
        try {
            str = (String) DispatchServiceHelper.invokeBOSServiceByAppId(parameter, FORM_SERVICE, "batchInvokeAction", parameter2, parameter3, hashMap);
        } catch (Exception e) {
            if (parameter3 == null || !parameter3.startsWith("[{\"key\":\"\",\"methodName\":\"timerElapsed\"")) {
                throw e;
            }
        }
        ActionUtil.writeResponseJson(httpServletResponse, str);
    }

    private boolean checkCsrf(HttpServletRequest httpServletRequest) {
        boolean z = true;
        String header = httpServletRequest.getHeader("client-start-time");
        if (StringUtils.isEmpty(header)) {
            log.info("csrf check error. clientStartTime is null");
            return false;
        }
        String header2 = httpServletRequest.getHeader(KD_CSRF_TOKEN);
        if (StringUtils.isBlank(header2)) {
            log.info("csrf check error. kd-csrf-token is null. ");
            return false;
        }
        String header3 = httpServletRequest.getHeader("signature");
        if (StringUtils.isEmpty(header3)) {
            log.info("csrf check error. signature is null. ");
            return false;
        }
        if (header3.length() < 64) {
            log.info(String.format("csrf check error. signature length exceed %d.", 64));
            return false;
        }
        String parameter = httpServletRequest.getParameter(PARAMS);
        if (parameter == null) {
            parameter = "";
            log.info("csrf check . dataParams is null.");
        }
        int length = parameter.length() > 300 ? 300 : parameter.length();
        String substring = header3.substring(64);
        StringBuffer append = new StringBuffer(header).append(header2).append(substring).append((CharSequence) parameter, 0, length);
        if (!header3.equals(DigestUtils.sha256Hex(append.toString()) + substring)) {
            log.info("csrf check error. signature notMatch");
            if (log.isDebugEnabled()) {
                log.debug("csrf check error. bf : " + ((Object) append) + " signature : " + header3);
            }
            z = false;
        }
        return z;
    }

    private String wrapToJson(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("msg", str);
        return SerializationUtils.toJsonString(hashMap);
    }

    public void getQingColumns(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter(PAGE_ID);
        String parameter2 = httpServletRequest.getParameter("key");
        String parameter3 = httpServletRequest.getParameter(APP_ID);
        ActionUtil.writeResponseJson(httpServletResponse, (String) DispatchServiceHelper.invokeBOSServiceByAppId(parameter3 == null ? "bos" : parameter3, FORM_SERVICE, "getQingColumns", parameter, parameter2));
    }

    public void getQingData(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter(PAGE_ID);
        String parameter2 = httpServletRequest.getParameter("key");
        String parameter3 = httpServletRequest.getParameter(APP_ID);
        ActionUtil.writeResponseJson(httpServletResponse, (String) DispatchServiceHelper.invokeBOSServiceByAppId(parameter3 == null ? "bos" : parameter3, FORM_SERVICE, "getQingData", parameter, parameter2, Integer.valueOf(Integer.parseInt(httpServletRequest.getParameter("startRow"))), Integer.valueOf(Integer.parseInt(httpServletRequest.getParameter("limit")))));
    }

    public void hello(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        httpServletRequest.getParameter(FORM_ID);
        httpServletRequest.getParameter("data");
    }

    public void ksqlTranslate(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(new BufferedOutputStream(httpServletResponse.getOutputStream()), "utf-8");
            Throwable th = null;
            try {
                try {
                    httpServletResponse.setContentType("text/json;charset=utf-8");
                    String parameter = httpServletRequest.getParameter("ksql");
                    int parseInt = Integer.parseInt(httpServletRequest.getParameter("orc"));
                    int parseInt2 = Integer.parseInt(httpServletRequest.getParameter("pos"));
                    int parseInt3 = Integer.parseInt(httpServletRequest.getParameter("mys"));
                    if (parseInt != -1) {
                        outputStreamWriter.write("To Oracle:<br>&nbsp&nbsp" + TransUtil.translate(parameter, parseInt) + BR_STR);
                    }
                    if (parseInt2 != -1) {
                        outputStreamWriter.write("To PostgresSQL:<br>&nbsp&nbsp" + TransUtil.translate(parameter, parseInt2) + BR_STR);
                    }
                    if (parseInt3 != -1) {
                        outputStreamWriter.write("To MySQL:<br>&nbsp&nbsp" + TransUtil.translate(parameter, parseInt) + BR_STR);
                    }
                    outputStreamWriter.flush();
                    if (outputStreamWriter != null) {
                        if (0 != 0) {
                            try {
                                outputStreamWriter.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            outputStreamWriter.close();
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (SqlTranslateException e) {
            ActionUtil.writeResponseJson(httpServletResponse, "Sorry,Translate Error!");
        }
    }

    public void getThemeCSS(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        try {
            String parameter = httpServletRequest.getParameter("themeNum");
            if (StringUtils.isEmpty(parameter)) {
                ActionUtil.writeResponseJson(httpServletResponse, ResManager.loadKDString("参数解析异常： 不存在参数 themeNum", "FormAction_4", BOS_WEBACTIONS, new Object[0]));
            } else {
                ActionUtil.writeResponseJson(httpServletResponse, (String) DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "getThemeCSS", parameter));
            }
        } catch (Exception e) {
            ActionUtil.writeResponseJson(httpServletResponse, ResManager.loadKDString("获取界面主题样式内容异常。", "FormAction_5", BOS_WEBACTIONS, new Object[0]));
        }
    }

    public void getCustomCtlVersion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String parameter = httpServletRequest.getParameter("schemaId");
        if (StringUtils.isNotBlank(parameter)) {
            ActionUtil.writeResponseJson(httpServletResponse, (String) DispatchServiceHelper.invokeBOSService(FORM_SERVICE, "getCustomCtlVersion", parameter));
        } else {
            ActionUtil.writeResponseJson(httpServletResponse, ResManager.loadKDString("schemaId: 方案id不能为空.", "FormAction_6", BOS_WEBACTIONS, new Object[0]));
        }
    }
}
