package cn.com.duibaboot.ext.autoconfigure.security;

import com.google.common.collect.ArrayListMultimap;
import com.google.common.collect.Lists;
import com.google.common.collect.Multimap;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.regex.Pattern;
import javax.annotation.PostConstruct;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.web.util.UrlPathHelper;

/* loaded from: input_file:cn/com/duibaboot/ext/autoconfigure/security/SecurityFilter.class */
public class SecurityFilter implements Filter {
    public static final String DEFAULT_SKIP_PATTERN = "/api-docs.*|/autoconfig|/configprops|/dump|/health|/info|/metrics.*|/mappings|/trace|/swagger.*|.*\\.png|.*\\.css|.*\\.js|.*\\.html|/favicon.ico|/hystrix.stream";
    private final UrlPathHelper urlPathHelper = new UrlPathHelper();
    private Pattern skipPattern = Pattern.compile(DEFAULT_SKIP_PATTERN);
    private Multimap<SimpleMediaType, DefensivePolicy> defensivePolicyMap = ArrayListMultimap.create();

    @Autowired
    private List<DefensivePolicy> defensivePolicyList;

    @Autowired(required = false)
    private DevEnvSecurityPreprocessor devEnvSecurityPreprocessor;

    /* loaded from: input_file:cn/com/duibaboot/ext/autoconfigure/security/SecurityFilter$SimpleMediaType.class */
    class SimpleMediaType {
        private final String type;
        private final String subtype;

        SimpleMediaType(MediaType mediaType) {
            this.type = mediaType.getType();
            this.subtype = mediaType.getSubtype();
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            SimpleMediaType simpleMediaType = (SimpleMediaType) obj;
            return Objects.equals(this.type, simpleMediaType.type) && Objects.equals(this.subtype, simpleMediaType.subtype);
        }

        public int hashCode() {
            return Objects.hash(this.type, this.subtype);
        }
    }

    public void init(FilterConfig filterConfig) {
    }

    @PostConstruct
    public void initialize() {
        for (DefensivePolicy defensivePolicy : this.defensivePolicyList) {
            Set<MediaType> mediaTypes = defensivePolicy.getMediaTypes();
            if (mediaTypes.contains(MediaType.ALL)) {
                this.defensivePolicyMap.put(new SimpleMediaType(MediaType.ALL), defensivePolicy);
            } else {
                Iterator<MediaType> it = mediaTypes.iterator();
                while (it.hasNext()) {
                    this.defensivePolicyMap.put(new SimpleMediaType(it.next()), defensivePolicy);
                }
            }
        }
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (this.skipPattern.matcher(this.urlPathHelper.getPathWithinApplication(httpServletRequest)).matches()) {
            filterChain.doFilter(httpServletRequest, httpServletResponse);
            return;
        }
        ArrayList newArrayList = Lists.newArrayList();
        newArrayList.addAll(this.defensivePolicyMap.get(new SimpleMediaType(MediaType.ALL)));
        String header = httpServletRequest.getHeader("Content-Type");
        if (StringUtils.isNotBlank(header)) {
            newArrayList.addAll(this.defensivePolicyMap.get(new SimpleMediaType(MediaType.parseMediaType(header))));
        }
        if (this.devEnvSecurityPreprocessor != null) {
            this.devEnvSecurityPreprocessor.preprocessor(httpServletRequest, httpServletResponse);
        }
        SecurityCheckSandbox securityCheckSandbox = new SecurityCheckSandbox(httpServletRequest, httpServletResponse, newArrayList);
        securityCheckSandbox.doCheck();
        securityCheckSandbox.doFilter(filterChain);
    }

    public void destroy() {
        this.defensivePolicyMap.clear();
    }
}
