package org.springblade.core.tool.request;

import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.List;
import lombok.Generated;
import org.springblade.core.tool.utils.WebUtil;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PatternMatchUtils;

/* loaded from: input_file:org/springblade/core/tool/request/BladeRequestFilter.class */
public class BladeRequestFilter implements Filter {
    private final RequestProperties requestProperties;
    private final XssProperties xssProperties;
    private final AntPathMatcher antPathMatcher = new AntPathMatcher();
    private final List<String> defaultBlockUrl = List.of("/**/actuator/**", "/health/**");
    private final List<String> defaultWhiteList = List.of("127.0.0.1", "172.30.*.*", "192.168.*.*", "10.*.*.*", "0:0:0:0:0:0:0:1");
    private static final String DEFAULT_MESSAGE = "当前请求被拒绝，请联系管理员！";

    public void init(FilterConfig filterConfig) {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        String servletPath = httpServletRequest.getServletPath();
        if (this.requestProperties.getEnabled().booleanValue() && isRequestBlock(servletPath, WebUtil.getIP(httpServletRequest))) {
            throw new ServletException(DEFAULT_MESSAGE);
        }
        if (!this.requestProperties.getEnabled().booleanValue() || isRequestSkip(servletPath)) {
            filterChain.doFilter(servletRequest, servletResponse);
        } else if (!this.xssProperties.getEnabled().booleanValue() || isXssSkip(servletPath)) {
            filterChain.doFilter(new BladeHttpServletRequestWrapper((HttpServletRequest) servletRequest), servletResponse);
        } else {
            filterChain.doFilter(new XssHttpServletRequestWrapper((HttpServletRequest) servletRequest), servletResponse);
        }
    }

    private boolean isWhiteList(String str) {
        return PatternMatchUtils.simpleMatch((String[]) this.defaultWhiteList.toArray(new String[0]), str) || PatternMatchUtils.simpleMatch((String[]) this.requestProperties.getWhiteList().toArray(new String[0]), str);
    }

    private boolean isBlackList(String str) {
        return PatternMatchUtils.simpleMatch((String[]) this.requestProperties.getBlackList().toArray(new String[0]), str);
    }

    private boolean isRequestBlock(String str) {
        return this.defaultBlockUrl.stream().anyMatch(str2 -> {
            return this.antPathMatcher.match(str2, str);
        }) || this.requestProperties.getBlockUrl().stream().anyMatch(str3 -> {
            return this.antPathMatcher.match(str3, str);
        });
    }

    private boolean isRequestBlock(String str, String str2) {
        return (isRequestBlock(str) && !isWhiteList(str2)) || isBlackList(str2);
    }

    private boolean isRequestSkip(String str) {
        return this.requestProperties.getSkipUrl().stream().anyMatch(str2 -> {
            return this.antPathMatcher.match(str2, str);
        });
    }

    private boolean isXssSkip(String str) {
        return this.xssProperties.getSkipUrl().stream().anyMatch(str2 -> {
            return this.antPathMatcher.match(str2, str);
        });
    }

    public void destroy() {
    }

    @Generated
    public BladeRequestFilter(RequestProperties requestProperties, XssProperties xssProperties) {
        this.requestProperties = requestProperties;
        this.xssProperties = xssProperties;
    }
}
