package top.ibase4j.core.interceptor;

import com.alibaba.fastjson.JSON;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import top.ibase4j.core.Constants;
import top.ibase4j.core.support.http.HttpCode;
import top.ibase4j.core.support.http.SessionUser;
import top.ibase4j.core.util.CacheUtil;
import top.ibase4j.core.util.FileUtil;
import top.ibase4j.core.util.WebUtil;

/* loaded from: input_file:top/ibase4j/core/interceptor/MaliciousRequestInterceptor.class */
public class MaliciousRequestInterceptor extends BaseInterceptor {
    private boolean allRequest = false;
    private boolean containsParamter = true;
    private int minRequestIntervalTime = 100;
    private int maxMaliciousTimes = 0;
    private List<String> whiteUrls = FileUtil.readFile(MaliciousRequestInterceptor.class.getResource("/").getFile() + "white/mrqWhite.txt");
    private int size;

    public MaliciousRequestInterceptor() {
        this.size = 0;
        this.size = null == this.whiteUrls ? 0 : this.whiteUrls.size();
    }

    @Override // top.ibase4j.core.interceptor.BaseInterceptor
    public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object obj) throws Exception {
        String servletPath = httpServletRequest.getServletPath();
        if (servletPath.endsWith("/unauthorized") || servletPath.endsWith("/forbidden") || WebUtil.isWhiteRequest(servletPath, this.size, this.whiteUrls) || servletPath.contains("/read") || servletPath.contains("/get") || servletPath.contains("/query")) {
            return super.preHandle(httpServletRequest, httpServletResponse, obj);
        }
        if (this.containsParamter) {
            servletPath = servletPath + JSON.toJSONString(WebUtil.getParameterMap(httpServletRequest));
        }
        SessionUser currentUser = WebUtil.getCurrentUser(httpServletRequest);
        String obj2 = currentUser != null ? currentUser.toString() : WebUtil.getHost(httpServletRequest) + httpServletRequest.getHeader(Constants.USER_AGENT);
        String str = (String) CacheUtil.getCache().getFire(Constants.PREREQUEST + obj2);
        Long l = (Long) CacheUtil.getCache().getFire(Constants.PREREQUEST_TIME + obj2);
        int i = this.minRequestIntervalTime;
        if (l != null && str != null) {
            boolean z = System.currentTimeMillis() - l.longValue() < ((long) this.minRequestIntervalTime);
            if ((servletPath.equals(str) || this.allRequest) && z) {
                Integer num = (Integer) CacheUtil.getCache().getFire(Constants.MALICIOUS_REQUEST_TIMES + obj2);
                Integer valueOf = num == null ? 1 : Integer.valueOf(num.intValue() + 1);
                CacheUtil.getCache().set(Constants.MALICIOUS_REQUEST_TIMES + obj2, valueOf, i);
                if (valueOf.intValue() > this.maxMaliciousTimes) {
                    CacheUtil.getCache().set(Constants.MALICIOUS_REQUEST_TIMES + obj2, 0, i);
                    logger.warn("To intercept a malicious request : {}", servletPath);
                    return WebUtil.write(httpServletResponse, HttpCode.MULTI_STATUS.value(), HttpCode.MULTI_STATUS.msg());
                }
            } else {
                CacheUtil.getCache().set(Constants.MALICIOUS_REQUEST_TIMES + obj2, 0, i);
            }
        }
        CacheUtil.getCache().set(Constants.PREREQUEST + obj2, servletPath, i);
        CacheUtil.getCache().set(Constants.PREREQUEST_TIME + obj2, Long.valueOf(System.currentTimeMillis()), i);
        return super.preHandle(httpServletRequest, httpServletResponse, obj);
    }

    public MaliciousRequestInterceptor setAllRequest(boolean z) {
        this.allRequest = z;
        return this;
    }

    public MaliciousRequestInterceptor setContainsParamter(boolean z) {
        this.containsParamter = z;
        return this;
    }

    public MaliciousRequestInterceptor setMinRequestIntervalTime(int i) {
        this.minRequestIntervalTime = i;
        return this;
    }

    public MaliciousRequestInterceptor setMaxMaliciousTimes(int i) {
        this.maxMaliciousTimes = i;
        return this;
    }
}
