package com.kingdee.bos.qing.common.framework.web;

import com.kingdee.bos.qing.common.context.QingContext;
import com.kingdee.bos.qing.common.exception.AbstractQingException;
import com.kingdee.bos.qing.common.exception.IntegratedRuntimeException;
import com.kingdee.bos.qing.common.framework.manage.ClientManager;
import com.kingdee.bos.qing.common.framework.model.client.AbstractClientMessage;
import com.kingdee.bos.qing.common.framework.model.client.ClientRemoteCallMessage;
import com.kingdee.bos.qing.common.framework.web.polling.ServerMessageSender4Polling;
import com.kingdee.bos.qing.common.network.blacklist.IpBlackList;
import com.kingdee.bos.qing.common.session.IQingSession;
import com.kingdee.bos.qing.common.session.QingSessionUtil;
import com.kingdee.bos.qing.filesystem.manager.model.AbstractQingFileType;
import com.kingdee.bos.qing.filesystem.manager.model.FileTypeUtil;
import com.kingdee.bos.qing.filesystem.manager.model.QingTempFileType;
import com.kingdee.bos.qing.resource.exception.UploadFileException;
import com.kingdee.bos.qing.util.CloseUtil;
import com.kingdee.bos.qing.util.HttpUtil;
import com.kingdee.bos.qing.util.IOUtil;
import com.kingdee.bos.qing.util.JsonUtil;
import com.kingdee.bos.qing.util.LogUtil;
import com.kingdee.bos.qing.util.StringUtils;
import com.kingdee.bos.qing.util.URLUtil;
import com.kingdee.bos.qing.util.ZipUtil;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.fileupload.FileItem;
import org.apache.commons.fileupload.FileUploadException;
import org.apache.commons.fileupload.disk.DiskFileItemFactory;
import org.apache.commons.fileupload.servlet.ServletFileUpload;

/* loaded from: input_file:com/kingdee/bos/qing/common/framework/web/AbstractQingAction.class */
public abstract class AbstractQingAction {
    public static final String LASTREQUESTCOOKIES = "lastRequestCookies";
    private static final Pattern HTTP_HEADER_FILENAME_PATTERN = Pattern.compile("[\\w-_.%]*");
    private static final Pattern QING_FILENAME_PATTERN = Pattern.compile("^[0-9a-zA-Z_\\-]{1,}$");
    private static final String ERROR_CODE = "errorCode";
    private static final String ERROR_MESSAGE = "errorMessage";
    private static final String CLIENT_ID = "clientID";
    private static final String APP_ID = "appID";
    private static final String PAGE_ID = "pageId";
    private static final String SAFETY_CODE = "safetyCode";
    private static final String CONTENT_TYPE = "Content-Type";
    private static final String USER_AGENT = "User-Agent";
    private static final String UTF_8 = "UTF-8";
    private static final String FILE_NAME = "fileName";

    /* loaded from: input_file:com/kingdee/bos/qing/common/framework/web/AbstractQingAction$ISafetyURL.class */
    public interface ISafetyURL {
        void appendParamToUrl(String str, String str2);

        void sendRedirect(HttpServletResponse httpServletResponse) throws IOException;
    }

    /* loaded from: input_file:com/kingdee/bos/qing/common/framework/web/AbstractQingAction$SafetyURL.class */
    public static class SafetyURL implements ISafetyURL {
        public static final String SAFETYCODEKEY = "safetyCode";
        private QingContext qingContext;
        private String appID;
        private String title;
        private String targetURL;
        private String safetyURL;
        private Map<String, String> urlParamMap = new HashMap();

        public SafetyURL(QingContext qingContext, String str, String str2, String str3, String str4) {
            this.appID = str;
            this.title = str2;
            this.targetURL = str4;
            this.safetyURL = str3;
            this.qingContext = qingContext;
        }

        @Override // com.kingdee.bos.qing.common.framework.web.AbstractQingAction.ISafetyURL
        public void appendParamToUrl(String str, String str2) {
            this.urlParamMap.put(str, str2);
        }

        @Override // com.kingdee.bos.qing.common.framework.web.AbstractQingAction.ISafetyURL
        public void sendRedirect(HttpServletResponse httpServletResponse) throws IOException {
            try {
                for (Map.Entry<String, String> entry : this.urlParamMap.entrySet()) {
                    this.safetyURL = URLUtil.appendParamToUrl(this.safetyURL, entry.getKey(), entry.getValue());
                }
                String urlParam = URLUtil.getUrlParam(this.safetyURL, AbstractQingAction.PAGE_ID);
                if (StringUtils.isNotBlank(urlParam)) {
                    urlParam = URLDecoder.decode(urlParam, AbstractQingAction.UTF_8);
                }
                String uuid = UUID.randomUUID().toString();
                String uuid2 = UUID.randomUUID().toString();
                ClientManager.initClientAlive(this.qingContext, this.appID, uuid2, this.title, uuid, this.safetyURL, this.targetURL, urlParam);
                this.safetyURL = URLUtil.appendParamToUrl(this.safetyURL, "safetyCode", uuid);
                this.safetyURL = URLUtil.appendParamToUrl(this.safetyURL, AbstractQingAction.CLIENT_ID, uuid2);
                httpServletResponse.sendRedirect(this.safetyURL);
            } catch (Exception e) {
                LogUtil.error(e.getMessage(), e);
            }
        }
    }

    protected final void handlerExceptionWithErrorURL(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, Throwable th) {
        LogUtil.error(th.getMessage(), th);
        try {
            ISafetyURL createSafetyURL = createSafetyURL(httpServletRequest, "错误界面", str);
            if (!(th instanceof AbstractQingException)) {
                th = new IntegratedRuntimeException(th);
            }
            createSafetyURL.appendParamToUrl(ERROR_CODE, StringUtils.EMPTY + ((AbstractQingException) th).getErrorCode());
            createSafetyURL.appendParamToUrl(ERROR_MESSAGE, th.getMessage());
            createSafetyURL.sendRedirect(httpServletResponse);
        } catch (IOException e) {
            LogUtil.error(e.getMessage(), e);
        }
    }

    protected final void handlerException(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) {
        LogUtil.error(th.getMessage(), th);
        try {
            ISafetyURL createSafetyURL = createSafetyURL(httpServletRequest, "错误界面", getQingErrorUrl());
            if (!(th instanceof AbstractQingException)) {
                th = new IntegratedRuntimeException(th);
            }
            createSafetyURL.appendParamToUrl(ERROR_CODE, StringUtils.EMPTY + ((AbstractQingException) th).getErrorCode());
            createSafetyURL.appendParamToUrl(ERROR_MESSAGE, th.getMessage());
            createSafetyURL.sendRedirect(httpServletResponse);
        } catch (IOException e) {
            LogUtil.error(e.getMessage(), e);
        }
    }

    protected final void handlerError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) {
        try {
            ISafetyURL createSafetyURL = createSafetyURL(httpServletRequest, "错误界面", getQingErrorUrl());
            createSafetyURL.appendParamToUrl(ERROR_CODE, StringUtils.EMPTY + str);
            createSafetyURL.sendRedirect(httpServletResponse);
        } catch (IOException e) {
            LogUtil.error(e.getMessage(), e);
        }
    }

    protected final void handlerError(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str, String str2) {
        try {
            ISafetyURL createSafetyURL = createSafetyURL(httpServletRequest, "错误界面", getQingErrorUrl());
            createSafetyURL.appendParamToUrl(ERROR_CODE, str);
            createSafetyURL.appendParamToUrl(ERROR_MESSAGE, str2);
            createSafetyURL.sendRedirect(httpServletResponse);
        } catch (IOException e) {
            LogUtil.error(e.getMessage(), e);
        }
    }

    protected final void handlerExceptionForClosable(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Throwable th) {
        LogUtil.error(th.getMessage(), th);
        try {
            ISafetyURL createSafetyURL = createSafetyURL(httpServletRequest, "错误界面", getQingClosableErrorUrl());
            if (!(th instanceof AbstractQingException)) {
                th = new IntegratedRuntimeException(th);
            }
            createSafetyURL.appendParamToUrl(ERROR_CODE, StringUtils.EMPTY + ((AbstractQingException) th).getErrorCode());
            createSafetyURL.appendParamToUrl(ERROR_MESSAGE, th.getMessage());
            createSafetyURL.sendRedirect(httpServletResponse);
        } catch (IOException e) {
            LogUtil.error(e.getMessage(), e);
        }
    }

    protected abstract String getQingErrorUrl();

    protected abstract String getQingClosableErrorUrl();

    protected abstract ISafetyURL createSafetyURL(HttpServletRequest httpServletRequest, String str, String str2);

    protected abstract IQingSession getQingSession(HttpServletRequest httpServletRequest);

    protected abstract void dispatcherToUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, String str) throws IOException;

    protected void protectedSafetyUrl(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, QingContext qingContext) throws IOException {
        String parameter = httpServletRequest.getParameter("safetyCode");
        String queryString = httpServletRequest.getQueryString();
        String parameter2 = httpServletRequest.getParameter(CLIENT_ID);
        String parameter3 = httpServletRequest.getParameter(APP_ID);
        try {
            String targetURL = ClientManager.getTargetURL(qingContext, parameter2, parameter, queryString);
            if (targetURL == null) {
                handlerError(httpServletRequest, httpServletResponse, "illegalURLRequest");
            } else if (ClientManager.isNewOpenClient(parameter2)) {
                dispatcherToUrl(httpServletRequest, httpServletResponse, targetURL);
            } else {
                new SafetyURL(qingContext, parameter3, ClientManager.getAttribute(parameter2, ClientManager.CLIENT_ATTRIBUTE_KEY_TITLE), ClientManager.getAttribute(parameter2, ClientManager.CLIENT_ATTRIBUTE_KEY_SAFETYURL), targetURL).sendRedirect(httpServletResponse);
            }
        } catch (Exception e) {
            LogUtil.error(e.getMessage(), e);
            handlerError(httpServletRequest, httpServletResponse, "illegalURLRequest");
        }
    }

    protected static void protectedDoPolling(HttpServletRequest httpServletRequest, IQingSession iQingSession, QingContext qingContext, HttpServletResponse httpServletResponse) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Closeable closeable = null;
        try {
            closeable = httpServletRequest.getInputStream();
            IOUtil.copy(httpServletRequest.getInputStream(), byteArrayOutputStream);
            String byteArrayOutputStream2 = byteArrayOutputStream.toString();
            CloseUtil.close(byteArrayOutputStream, closeable);
            List list = (List) JsonUtil.decodeFromString(byteArrayOutputStream2, List.class);
            ArrayList arrayList = new ArrayList();
            String str = null;
            if (list != null && !list.isEmpty()) {
                Iterator it = list.iterator();
                while (it.hasNext()) {
                    AbstractClientMessage edcode = AbstractClientMessage.edcode((String) it.next());
                    if (edcode != null) {
                        arrayList.add(edcode);
                    }
                    if (edcode instanceof ClientRemoteCallMessage) {
                        if (str == null) {
                            Cookie[] cookies = httpServletRequest.getCookies();
                            str = StringUtils.EMPTY;
                            if (cookies != null) {
                                StringBuilder sb = new StringBuilder();
                                for (Cookie cookie : cookies) {
                                    sb.append(cookie.getName());
                                    sb.append("=");
                                    sb.append(cookie.getValue());
                                    sb.append(";");
                                }
                                if (sb.length() > 0) {
                                    str = sb.toString();
                                }
                            }
                        }
                        ((ClientRemoteCallMessage) edcode).getParams().put(LASTREQUESTCOOKIES, str);
                    }
                }
            }
            if (arrayList.isEmpty()) {
                return;
            }
            QingSessionUtil.setQingSessionImpl(iQingSession);
            ServerMessageSender4Polling serverMessageSender4Polling = new ServerMessageSender4Polling();
            ClientMessageHandler.handle(qingContext, serverMessageSender4Polling, arrayList);
            writeSuccessJsonResponse(serverMessageSender4Polling.packMessages(), httpServletResponse, true);
        } catch (Throwable th) {
            CloseUtil.close(byteArrayOutputStream, closeable);
            throw th;
        }
    }

    protected static void protectedLoadImg(QingContext qingContext, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String str2;
        try {
            str2 = URLEncoder.encode(httpServletRequest.getParameter(FILE_NAME), UTF_8);
        } catch (UnsupportedEncodingException e) {
            LogUtil.error(e.getMessage(), e);
            str2 = System.currentTimeMillis() + StringUtils.EMPTY;
        }
        AbstractQingFileType instanceBySubFolder = FileTypeUtil.getInstanceBySubFolder(httpServletRequest.getParameter("fileType"));
        httpServletResponse.setHeader("Content-Disposition", "attachment; filename=" + str2);
        httpServletResponse.setHeader(CONTENT_TYPE, "application/octet-stream");
        loadFile(qingContext, str, httpServletResponse, str2, instanceBySubFolder);
    }

    protected static void loadFile(QingContext qingContext, String str, HttpServletResponse httpServletResponse, String str2, AbstractQingFileType abstractQingFileType) throws IOException {
        if (!QING_FILENAME_PATTERN.matcher(str2).matches()) {
            throw new IOException("incorrect fileName!");
        }
        HashMap hashMap = new HashMap();
        hashMap.put(FILE_NAME, str2);
        hashMap.put("typeIndex", abstractQingFileType.getTypeIndex() + StringUtils.EMPTY);
        long j = 0;
        while (true) {
            hashMap.put("offset", Long.toString(j));
            try {
                byte[] fileData = ServerFileAccesser.getFileData(qingContext, str, hashMap);
                if (fileData == null || fileData[0] == 1) {
                    return;
                }
                j += fileData.length - 1;
                httpServletResponse.getOutputStream().write(fileData, 1, fileData.length - 1);
                httpServletResponse.getOutputStream().flush();
            } catch (AbstractQingException e) {
                LogUtil.error(e.getMessage(), e);
                return;
            }
        }
    }

    protected static void protectedUpload(QingContext qingContext, String str, FileItem fileItem, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        if (IpBlackList.getInstance().isInFileBlackList(HttpUtil.getRemoteClientIp(httpServletRequest))) {
            writeErrorJsonResponse(UploadFileException.noAccessUploadFileException("No access to upload file"), httpServletResponse);
            return;
        }
        InputStream inputStream = null;
        try {
            inputStream = fileItem.getInputStream();
            String uuid = UUID.randomUUID().toString();
            int available = inputStream.available();
            byte[] bArr = null;
            int i = 0;
            int i2 = available;
            while (true) {
                if (i2 > available || i2 <= 0) {
                    break;
                }
                try {
                    byte[] bArr2 = new byte[i2 > 1048576 ? 1048576 : i2];
                    if (inputStream.read(bArr2) > 0) {
                        i++;
                        bArr = ServerFileAccesser.uploadPiece(qingContext, str, uuid, bArr2, i);
                        if (bArr != null) {
                            available = -1;
                            break;
                        }
                    }
                    i2 -= 1048576;
                } catch (AbstractQingException e) {
                    writeErrorJsonResponse(e, httpServletResponse);
                }
            }
            if (available > 0) {
                bArr = ServerFileAccesser.combineUpload(qingContext, str, uuid, i);
            }
            writeSuccessJsonResponseZip(bArr, httpServletResponse);
            CloseUtil.close(inputStream);
            fileItem.delete();
        } catch (Throwable th) {
            CloseUtil.close(inputStream);
            fileItem.delete();
            throw th;
        }
    }

    protected static void protectedDownload(QingContext qingContext, String str, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        String str2;
        String parameter = httpServletRequest.getParameter(FILE_NAME);
        String parameter2 = httpServletRequest.getParameter("exportUuid");
        String parameter3 = httpServletRequest.getParameter("isExport");
        try {
            str2 = URLEncoder.encode(parameter, UTF_8);
        } catch (UnsupportedEncodingException e) {
            LogUtil.error(e.getMessage(), e);
            str2 = System.currentTimeMillis() + StringUtils.EMPTY;
        }
        boolean z = true;
        if (parameter3 != null && !parameter3.isEmpty()) {
            z = Boolean.parseBoolean(parameter3);
        }
        String parameter4 = httpServletRequest.getParameter(APP_ID);
        if (parameter4 == null || parameter4.trim().length() == 0) {
            parameter4 = str;
        }
        if (!HTTP_HEADER_FILENAME_PATTERN.matcher(str2).matches()) {
            throw new IOException("incorrect fileName!");
        }
        try {
            String lowerCase = httpServletRequest.getHeader(USER_AGENT).toLowerCase();
            if (!lowerCase.contains("chrome") && lowerCase.contains("safari")) {
                str2 = new String(URLDecoder.decode(str2, UTF_8).getBytes(), "iso8859-1");
            }
        } catch (Exception e2) {
            LogUtil.error(e2.getMessage(), e2);
            str2 = System.currentTimeMillis() + StringUtils.EMPTY;
        }
        httpServletResponse.setHeader("Content-Disposition", z ? "attachment; filename= " + str2 + ";filename*=utf-8'zh_cn'" + str2 : "inline; filename= " + str2 + ";filename*=utf-8'zh_cn'" + str2);
        httpServletResponse.setHeader(CONTENT_TYPE, z ? "application/octet-stream" : "application/pdf");
        loadFile(qingContext, parameter4, httpServletResponse, parameter2, QingTempFileType.EXPORT);
        try {
            ServerFileAccesser.deleteFile(qingContext, parameter4, parameter2, QingTempFileType.EXPORT.getTypeIndex());
        } catch (AbstractQingException e3) {
            LogUtil.error("delete file failed!", e3);
        }
    }

    protected static List<FileItem> getFileItem(HttpServletRequest httpServletRequest) throws IOException, FileUploadException {
        String realPath = httpServletRequest.getRealPath("/WEB-INF/temp");
        DiskFileItemFactory diskFileItemFactory = new DiskFileItemFactory();
        diskFileItemFactory.setSizeThreshold(4000000);
        File file = new File(realPath);
        if (file.exists() && !file.isDirectory()) {
            file.delete();
        }
        if (!file.exists() || file.isDirectory()) {
            file.mkdirs();
        }
        diskFileItemFactory.setRepository(file);
        return new ServletFileUpload(diskFileItemFactory).parseRequest(httpServletRequest);
    }

    private static void writeSuccessJsonResponseZip(byte[] bArr, HttpServletResponse httpServletResponse) throws IOException {
        writeSuccessJsonResponse(bArr, httpServletResponse, true);
    }

    protected static void writeSuccessJsonResponse(byte[] bArr, HttpServletResponse httpServletResponse, boolean z) throws IOException {
        if (z) {
            httpServletResponse.addHeader("Content-Encoding", "gzip");
        }
        httpServletResponse.setHeader(CONTENT_TYPE, "application/json;charset=UTF-8");
        if (bArr != null) {
            if (z) {
                bArr = ZipUtil.gzip(bArr);
            }
            httpServletResponse.getOutputStream().write(bArr);
        }
        httpServletResponse.getOutputStream().flush();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v16, types: [com.kingdee.bos.qing.common.exception.AbstractQingException] */
    protected static void writeErrorJsonResponse(Throwable th, HttpServletResponse httpServletResponse) throws IOException {
        httpServletResponse.setHeader(CONTENT_TYPE, "application/json;charset=UTF-8");
        IntegratedRuntimeException integratedRuntimeException = th instanceof AbstractQingException ? (AbstractQingException) th : new IntegratedRuntimeException(th.getMessage(), th);
        LogUtil.error(integratedRuntimeException.getMessage(), integratedRuntimeException);
        HashMap hashMap = new HashMap();
        hashMap.put(ERROR_CODE, Integer.valueOf(integratedRuntimeException.getErrorCode()));
        hashMap.put(ERROR_MESSAGE, integratedRuntimeException.getMessage());
        httpServletResponse.getOutputStream().print(JsonUtil.encodeToString(hashMap));
        httpServletResponse.getOutputStream().flush();
    }
}
