package cn.fscode.common.security.xss.filter;

import cn.fscode.common.security.xss.config.properties.SecurityXssProperties;
import cn.fscode.common.tool.core.StringUtils;
import cn.fscode.common.tool.core.html.EscapeUtils;
import io.netty.buffer.ByteBufAllocator;
import java.nio.charset.StandardCharsets;
import javax.annotation.Resource;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
import org.springframework.core.io.buffer.NettyDataBuffer;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@ConditionalOnProperty(value = {"security.xss.enabled"}, havingValue = "true")
@Component
/* loaded from: input_file:cn/fscode/common/security/xss/filter/GatewayXssFilter.class */
public class GatewayXssFilter implements GlobalFilter, Ordered {

    @Resource
    private SecurityXssProperties xssProperties;

    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        ServerHttpRequest request = serverWebExchange.getRequest();
        String path = request.getURI().getPath();
        if (!StringUtils.matches(path, this.xssProperties.getUrlPatterns())) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        HttpMethod method = request.getMethod();
        if (method == null || method == HttpMethod.GET || method == HttpMethod.DELETE) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        if (isJsonRequest(serverWebExchange) && !StringUtils.matches(path, this.xssProperties.getExcludeUrls())) {
            return gatewayFilterChain.filter(serverWebExchange.mutate().request(requestDecorator(serverWebExchange)).build());
        }
        return gatewayFilterChain.filter(serverWebExchange);
    }

    private ServerHttpRequestDecorator requestDecorator(ServerWebExchange serverWebExchange) {
        return new ServerHttpRequestDecorator(serverWebExchange.getRequest()) { // from class: cn.fscode.common.security.xss.filter.GatewayXssFilter.1
            public Flux<DataBuffer> getBody() {
                return super.getBody().buffer().map(list -> {
                    DataBuffer join = new DefaultDataBufferFactory().join(list);
                    byte[] bArr = new byte[join.readableByteCount()];
                    join.read(bArr);
                    DataBufferUtils.release(join);
                    byte[] bytes = EscapeUtils.clean(new String(bArr, StandardCharsets.UTF_8)).getBytes();
                    NettyDataBuffer allocateBuffer = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT).allocateBuffer(bytes.length);
                    allocateBuffer.write(bytes);
                    return allocateBuffer;
                });
            }

            public HttpHeaders getHeaders() {
                HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.putAll(super.getHeaders());
                httpHeaders.remove("Content-Length");
                httpHeaders.set("Transfer-Encoding", "chunked");
                return httpHeaders;
            }
        };
    }

    public boolean isJsonRequest(ServerWebExchange serverWebExchange) {
        return StringUtils.startsWithIgnoreCase(serverWebExchange.getRequest().getHeaders().getFirst("Content-Type"), "application/json");
    }

    public int getOrder() {
        return -100;
    }
}
