package org.anyline.util;

import java.util.Set;
import java.util.TreeSet;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:org/anyline/util/TokenUtil.class */
public class TokenUtil {
    public static String createToken(HttpServletRequest httpServletRequest) {
        String str = null;
        String str2 = null;
        String str3 = (String) httpServletRequest.getAttribute("struts.request_uri");
        if (null != str3) {
            str2 = createTokenKey(str3);
        } else {
            String requestURI = httpServletRequest.getRequestURI();
            if (null != requestURI) {
                str2 = createTokenKey(requestURI);
            }
        }
        if (null != str2) {
            String randomNumberString = BasicUtil.getRandomNumberString(20);
            str = "<input type=\"hidden\" name=\"" + str2 + "\" value=\"" + randomNumberString + "\"></input>";
            httpServletRequest.getSession().setAttribute(str2, randomNumberString);
        }
        return str;
    }

    public static boolean checkToken(HttpServletRequest httpServletRequest) {
        boolean z = false;
        String str = null;
        String str2 = null;
        boolean z2 = false;
        if (null != httpServletRequest.getAttribute("IS_CHECK_TOKEN") || WebUtil.isAjaxRequest(httpServletRequest)) {
            return true;
        }
        String createTokenKey = createTokenKey(WebUtil.fetchReferUri(httpServletRequest));
        if (null != createTokenKey) {
            str = httpServletRequest.getParameter(createTokenKey);
            str2 = (String) httpServletRequest.getSession().getAttribute(createTokenKey);
            httpServletRequest.getSession().removeAttribute(createTokenKey);
        }
        if (null != str2 && null != str) {
            z2 = true;
            setTokenRequiredUri(httpServletRequest, createTokenKey(httpServletRequest.getRequestURI()));
        }
        if (!z2) {
            z2 = checkRequired(httpServletRequest);
        }
        if (z2) {
            if (null != str2 && str2.equals(str)) {
                z = true;
            }
        } else if (null == str2 || null == str || str2.equals(str)) {
            z = true;
        }
        httpServletRequest.setAttribute("IS_CHECK_TOKEN", true);
        return z;
    }

    public static String createTokenKey(String str) {
        return "T" + MD5Util.crypto2(str);
    }

    public static boolean checkRequired(HttpServletRequest httpServletRequest) {
        boolean z = false;
        String createTokenKey = createTokenKey(httpServletRequest.getRequestURI());
        TreeSet treeSet = (TreeSet) httpServletRequest.getSession().getServletContext().getAttribute("SERVLET_ATTR_REQUIRED_TOKEN_URI");
        if (null != treeSet && null != createTokenKey) {
            z = treeSet.contains(createTokenKey);
        }
        if (z) {
            return z;
        }
        String createTokenKey2 = createTokenKey(WebUtil.fetchReferUri(httpServletRequest));
        TreeSet treeSet2 = (TreeSet) httpServletRequest.getSession().getServletContext().getAttribute("SERVLET_ATTR_REQUIRED_TOKEN_REFER");
        if (null != treeSet2 && null != createTokenKey2) {
            z = treeSet2.contains(createTokenKey2);
        }
        return z ? z : z;
    }

    public static void setTokenRequiredRefer(HttpServletRequest httpServletRequest, String str) {
        Set set = (Set) httpServletRequest.getSession().getServletContext().getAttribute("SERVLET_ATTR_REQUIRED_TOKEN_REFER");
        if (null == set) {
            set = new TreeSet();
        }
        set.add(str);
    }

    public static void setTokenRequiredUri(HttpServletRequest httpServletRequest, String str) {
        Set set = (Set) httpServletRequest.getSession().getServletContext().getAttribute("SERVLET_ATTR_REQUIRED_TOKEN_URI");
        if (null == set) {
            set = new TreeSet();
        }
        set.add(str);
    }
}
