package com.cssw.bootx.web.autoconfigure.xss;

import cn.hutool.core.collection.CollectionUtil;
import jakarta.servlet.Filter;
import jakarta.servlet.FilterChain;
import jakarta.servlet.FilterConfig;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.server.PathContainer;
import org.springframework.web.util.pattern.PathPatternParser;

/* loaded from: input_file:com/cssw/bootx/web/autoconfigure/xss/XssFilter.class */
public class XssFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(XssFilter.class);
    private final XssProperties xssProperties;

    public void init(FilterConfig filterConfig) throws ServletException {
        log.debug("[Bootx Starter] - Auto Configuration 'Web-XssFilter' completed initialization.");
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
            if (this.xssProperties.isEnabled()) {
                List<String> excludePatterns = this.xssProperties.getExcludePatterns();
                if (CollectionUtil.isNotEmpty(excludePatterns) && isMatchPath(httpServletRequest.getServletPath(), excludePatterns)) {
                    filterChain.doFilter(httpServletRequest, servletResponse);
                    return;
                }
                List<String> includePatterns = this.xssProperties.getIncludePatterns();
                if (!CollectionUtil.isNotEmpty(includePatterns)) {
                    filterChain.doFilter(new XssServletRequestWrapper(httpServletRequest, this.xssProperties), servletResponse);
                    return;
                } else if (isMatchPath(httpServletRequest.getServletPath(), includePatterns)) {
                    filterChain.doFilter(new XssServletRequestWrapper(httpServletRequest, this.xssProperties), servletResponse);
                    return;
                } else {
                    filterChain.doFilter(httpServletRequest, servletResponse);
                    return;
                }
            }
        }
        filterChain.doFilter(servletRequest, servletResponse);
    }

    private static boolean isMatchPath(String str, List<String> list) {
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            if (PathPatternParser.defaultInstance.parse(it.next()).matches(PathContainer.parsePath(str))) {
                return true;
            }
        }
        return false;
    }

    public XssFilter(XssProperties xssProperties) {
        this.xssProperties = xssProperties;
    }
}
