package org.tinygroup.weblayer.webcontext.basic.interceptor;

import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import org.tinygroup.commons.tools.HumanReadableSize;
import org.tinygroup.commons.tools.ObjectUtil;
import org.tinygroup.commons.tools.StringEscapeUtil;
import org.tinygroup.logger.LogLevel;
import org.tinygroup.logger.Logger;
import org.tinygroup.logger.LoggerFactory;
import org.tinygroup.weblayer.webcontext.basic.exception.ResponseHeaderRejectedException;
import org.tinygroup.weblayer.webcontext.util.CookieSupport;

/* loaded from: input_file:WEB-INF/lib/weblayer-0.0.4.jar:org/tinygroup/weblayer/webcontext/basic/interceptor/ResponseHeaderSecurityFilter.class */
public class ResponseHeaderSecurityFilter implements WebContextLifecycleInterceptor, HeaderNameInterceptor, HeaderValueInterceptor, CookieInterceptor, CookieHeaderValueInterceptor, StatusMessageInterceptor, RedirectLocationInterceptor {
    private static final String COOKIE_LENGTH_ATTR = "_COOKIE_LENGTH_";
    private final Logger log;
    private final CookieLengthAccumulator cookieLengthAccumulator;
    private HumanReadableSize maxCookieSize;
    public static final HumanReadableSize MAX_SET_COOKIE_SIZE_DEFAULT = new HumanReadableSize("7k");
    private static final Pattern crlf = Pattern.compile("\\r\\n|\\r|\\n");

    /* loaded from: input_file:WEB-INF/lib/weblayer-0.0.4.jar:org/tinygroup/weblayer/webcontext/basic/interceptor/ResponseHeaderSecurityFilter$CookieLengthAccumulator.class */
    private static abstract class CookieLengthAccumulator {
        private CookieLengthAccumulator() {
        }

        public final void addCookie(String str) {
            setLength(getLength() + str.length());
        }

        public final void setCookie(String str) {
            setLength(str.length());
        }

        public abstract int getLength();

        protected abstract void setLength(int i);

        protected abstract void reset();
    }

    /* loaded from: input_file:WEB-INF/lib/weblayer-0.0.4.jar:org/tinygroup/weblayer/webcontext/basic/interceptor/ResponseHeaderSecurityFilter$RequestBasedCookieLengthAccumulator.class */
    private final class RequestBasedCookieLengthAccumulator extends CookieLengthAccumulator {
        private final HttpServletRequest request;

        private RequestBasedCookieLengthAccumulator(HttpServletRequest httpServletRequest) {
            super();
            this.request = httpServletRequest;
        }

        @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.ResponseHeaderSecurityFilter.CookieLengthAccumulator
        public int getLength() {
            Object attribute = this.request.getAttribute(ResponseHeaderSecurityFilter.COOKIE_LENGTH_ATTR);
            if (attribute instanceof Integer) {
                return ((Integer) attribute).intValue();
            }
            return 0;
        }

        @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.ResponseHeaderSecurityFilter.CookieLengthAccumulator
        protected void setLength(int i) {
            this.request.setAttribute(ResponseHeaderSecurityFilter.COOKIE_LENGTH_ATTR, Integer.valueOf(i));
        }

        @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.ResponseHeaderSecurityFilter.CookieLengthAccumulator
        protected void reset() {
            this.request.removeAttribute(ResponseHeaderSecurityFilter.COOKIE_LENGTH_ATTR);
        }
    }

    /* loaded from: input_file:WEB-INF/lib/weblayer-0.0.4.jar:org/tinygroup/weblayer/webcontext/basic/interceptor/ResponseHeaderSecurityFilter$ThreadLocalBasedCookieLengthAccumulator.class */
    private final class ThreadLocalBasedCookieLengthAccumulator extends CookieLengthAccumulator {
        private final ThreadLocal<Integer> cookieLengthHolder;

        private ThreadLocalBasedCookieLengthAccumulator() {
            super();
            this.cookieLengthHolder = new ThreadLocal<>();
        }

        @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.ResponseHeaderSecurityFilter.CookieLengthAccumulator
        public int getLength() {
            Integer num = this.cookieLengthHolder.get();
            if (num instanceof Integer) {
                return num.intValue();
            }
            return 0;
        }

        @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.ResponseHeaderSecurityFilter.CookieLengthAccumulator
        protected void setLength(int i) {
            this.cookieLengthHolder.set(Integer.valueOf(i));
        }

        @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.ResponseHeaderSecurityFilter.CookieLengthAccumulator
        protected void reset() {
            this.cookieLengthHolder.remove();
        }
    }

    public ResponseHeaderSecurityFilter() {
        this(null);
    }

    public ResponseHeaderSecurityFilter(HttpServletRequest httpServletRequest) {
        this.log = LoggerFactory.getLogger((Class<?>) ResponseHeaderSecurityFilter.class);
        if (httpServletRequest == null) {
            this.cookieLengthAccumulator = new ThreadLocalBasedCookieLengthAccumulator();
        } else {
            this.cookieLengthAccumulator = new RequestBasedCookieLengthAccumulator(httpServletRequest);
        }
    }

    public HumanReadableSize getMaxCookieSize() {
        return (this.maxCookieSize == null || this.maxCookieSize.getValue() <= 0) ? MAX_SET_COOKIE_SIZE_DEFAULT : this.maxCookieSize;
    }

    public void setMaxCookieSize(HumanReadableSize humanReadableSize) {
        this.maxCookieSize = humanReadableSize;
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.WebContextLifecycleInterceptor
    public void prepare() {
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.WebContextLifecycleInterceptor
    public void commitHeaders() {
        this.cookieLengthAccumulator.reset();
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.WebContextLifecycleInterceptor
    public void commit() {
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.HeaderNameInterceptor
    public String checkHeaderName(String str) {
        if (!containsCRLF(str)) {
            return str;
        }
        String str2 = "Invalid response header: " + StringEscapeUtil.escapeJava(str);
        this.log.logMessage(LogLevel.ERROR, str2);
        throw new ResponseHeaderRejectedException(str2);
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.HeaderValueInterceptor
    public String checkHeaderValue(String str, String str2) {
        return (String) ObjectUtil.defaultIfNull(filterCRLF(str2, "header " + str), str2);
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.CookieInterceptor
    public Cookie checkCookie(Cookie cookie) {
        String name = cookie.getName();
        if (containsCRLF(name)) {
            this.log.logMessage(LogLevel.ERROR, "Invalid cookie name: " + StringEscapeUtil.escapeJava(name));
            return null;
        }
        String filterCRLF = filterCRLF(cookie.getValue(), "cookie " + name);
        if (filterCRLF == null) {
            return cookie;
        }
        CookieSupport cookieSupport = new CookieSupport(cookie);
        cookieSupport.setValue(filterCRLF);
        return cookieSupport;
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.CookieHeaderValueInterceptor
    public String checkCookieHeaderValue(String str, String str2, boolean z) {
        if (str2 != null) {
            int value = (int) getMaxCookieSize().getValue();
            int length = this.cookieLengthAccumulator.getLength();
            if (length + str2.length() > value) {
                this.log.logMessage(LogLevel.ERROR, "Cookie size exceeds the max value: {} + {} > maxSize {}.  Cookie is ignored: {}", Integer.valueOf(length), Integer.valueOf(str2.length()), getMaxCookieSize(), str2);
                return "";
            }
            if (z) {
                this.cookieLengthAccumulator.setCookie(str2);
            } else {
                this.cookieLengthAccumulator.addCookie(str2);
            }
        }
        return str2;
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.StatusMessageInterceptor
    public String checkStatusMessage(int i, String str) {
        return StringEscapeUtil.escapeHtml(str);
    }

    @Override // org.tinygroup.weblayer.webcontext.basic.interceptor.RedirectLocationInterceptor
    public String checkRedirectLocation(String str) {
        return (String) ObjectUtil.defaultIfNull(filterCRLF(str, "redirectLocation"), str);
    }

    private boolean containsCRLF(String str) {
        if (str == null) {
            return false;
        }
        for (int i = 0; i < str.length(); i++) {
            switch (str.charAt(i)) {
                case '\n':
                case '\r':
                    return true;
                default:
            }
        }
        return false;
    }

    private String filterCRLF(String str, String str2) {
        if (!containsCRLF(str)) {
            return null;
        }
        this.log.logMessage(LogLevel.WARN, "Found CRLF in {}: {}", str2, StringEscapeUtil.escapeJava(str));
        StringBuffer stringBuffer = new StringBuffer();
        Matcher matcher = crlf.matcher(str);
        while (matcher.find()) {
            matcher.appendReplacement(stringBuffer, " ");
        }
        matcher.appendTail(stringBuffer);
        return stringBuffer.toString();
    }
}
