package com.lyr.mybatisjpaplugin.interceptor;

import com.lyr.mybatisjpaplugin.annotation.UnEscape;
import java.lang.reflect.Field;
import java.util.Map;
import java.util.Properties;
import org.apache.ibatis.executor.Executor;
import org.apache.ibatis.mapping.MappedStatement;
import org.apache.ibatis.plugin.Interceptor;
import org.apache.ibatis.plugin.Intercepts;
import org.apache.ibatis.plugin.Invocation;
import org.apache.ibatis.plugin.Plugin;
import org.apache.ibatis.plugin.Signature;
import org.springframework.web.util.HtmlUtils;

@Intercepts({@Signature(type = Executor.class, method = "update", args = {MappedStatement.class, Object.class})})
/* loaded from: input_file:com/lyr/mybatisjpaplugin/interceptor/EscapeXssPlugin.class */
public class EscapeXssPlugin implements Interceptor {
    public Object intercept(Invocation invocation) throws Throwable {
        if (invocation.getArgs().length < 2) {
            return invocation.proceed();
        }
        Object obj = invocation.getArgs()[1];
        if (obj == null) {
            return invocation.proceed();
        }
        if (obj instanceof Map) {
            handleMap((Map) obj);
        } else {
            handleBean(obj);
        }
        return invocation.proceed();
    }

    public Object plugin(Object obj) {
        return Plugin.wrap(obj, this);
    }

    public void setProperties(Properties properties) {
    }

    private void handleBean(Object obj) throws IllegalAccessException {
        String str;
        for (Field field : obj.getClass().getDeclaredFields()) {
            field.setAccessible(true);
            if (String.class.isAssignableFrom(field.getType()) && field.getAnnotation(UnEscape.class) == null && (str = (String) field.get(obj)) != null) {
                field.set(obj, escape(str));
            }
        }
    }

    private void handleMap(Map<Object, Object> map) {
        for (Map.Entry<Object, Object> entry : map.entrySet()) {
            Object value = entry.getValue();
            if (value instanceof String) {
                entry.setValue(escape((String) value));
            }
        }
    }

    private String escape(String str) {
        return HtmlUtils.htmlEscape(str);
    }
}
