package top.legendscloud.gateway.filter;

import com.alibaba.cloud.commons.lang.StringUtils;
import io.netty.buffer.ByteBufAllocator;
import java.io.UnsupportedEncodingException;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import java.util.Optional;
import org.reactivestreams.Publisher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferFactory;
import org.springframework.core.io.buffer.DataBufferUtils;
import org.springframework.core.io.buffer.DefaultDataBufferFactory;
import org.springframework.core.io.buffer.NettyDataBuffer;
import org.springframework.core.io.buffer.NettyDataBufferFactory;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequestDecorator;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.http.server.reactive.ServerHttpResponseDecorator;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;
import top.legendscloud.gateway.util.SqLinjectionRuleUtils;

@ConfigurationProperties(prefix = "gateway.security.ignore")
@RefreshScope
@Component
/* loaded from: input_file:top/legendscloud/gateway/filter/SqLinjectionFilter.class */
public class SqLinjectionFilter implements GlobalFilter, Ordered {
    private static final Logger log = LoggerFactory.getLogger(SqLinjectionFilter.class);
    private String[] sqlinjectionHttpUrls = new String[0];

    public Mono<Void> filter(ServerWebExchange serverWebExchange, GatewayFilterChain gatewayFilterChain) {
        log.debug("----自定义防sql注入网关全局过滤器生效----");
        ServerHttpRequest request = serverWebExchange.getRequest();
        HttpMethod method = request.getMethod();
        String first = request.getHeaders().getFirst("Content-Type");
        URI uri = serverWebExchange.getRequest().getURI();
        request.getURI().getRawPath();
        getSqlinjectionHttpUrls();
        Boolean valueOf = Boolean.valueOf((method == HttpMethod.POST || method == HttpMethod.PUT) && ("application/x-www-form-urlencoded".equalsIgnoreCase(first) || "application/json".equals(first)));
        if (method != HttpMethod.GET) {
            return valueOf.booleanValue() ? DataBufferUtils.join(request.getBody()).flatMap(dataBuffer -> {
                return Mono.just(Optional.of(dataBuffer));
            }).defaultIfEmpty(Optional.empty()).flatMap(optional -> {
                String str = "";
                if (optional.isPresent()) {
                    byte[] bArr = new byte[((DataBuffer) optional.get()).readableByteCount()];
                    ((DataBuffer) optional.get()).read(bArr);
                    str = new String(bArr, StandardCharsets.UTF_8);
                }
                HttpHeaders headers = request.getHeaders();
                log.debug("{} - [{}] 请求参数：{}", new Object[]{method, uri.getPath(), str});
                boolean z = false;
                if ("application/json".equals(first)) {
                    z = SqLinjectionRuleUtils.postRequestSqlKeyWordsCheck(str);
                } else {
                    try {
                        z = SqLinjectionRuleUtils.getRequestSqlKeyWordsCheck(str);
                    } catch (UnsupportedEncodingException e) {
                        e.printStackTrace();
                    }
                }
                if (z) {
                    log.error("{} - [{}] 参数：{}, 包含不允许sql的关键词，请求拒绝", new Object[]{method, uri.getPath(), str});
                    return setUnauthorizedResponse(gatewayFilterChain, serverWebExchange);
                }
                ServerHttpRequest build = request.mutate().uri(uri).build();
                byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
                final Flux just = Flux.just(toDataBuffer(bytes));
                final HttpHeaders httpHeaders = new HttpHeaders();
                httpHeaders.putAll(headers);
                int length = bytes.length;
                httpHeaders.remove("Content-Length");
                httpHeaders.setContentLength(length);
                httpHeaders.set("Content-Type", "application/json;charset=utf8");
                return gatewayFilterChain.filter(serverWebExchange.mutate().request(new ServerHttpRequestDecorator(build) { // from class: top.legendscloud.gateway.filter.SqLinjectionFilter.1
                    public Flux<DataBuffer> getBody() {
                        return just;
                    }

                    public HttpHeaders getHeaders() {
                        return httpHeaders;
                    }
                }).build());
            }) : gatewayFilterChain.filter(serverWebExchange);
        }
        String rawQuery = uri.getRawQuery();
        if (StringUtils.isBlank(rawQuery)) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        log.debug("请求参数为：{}", rawQuery);
        if (!SqLinjectionRuleUtils.getRequestSqlKeyWordsCheck(rawQuery)) {
            return gatewayFilterChain.filter(serverWebExchange);
        }
        log.error("请求【" + uri.getRawPath() + uri.getRawQuery() + "】参数中包含不允许sql的关键词, 请求拒绝");
        return setUnauthorizedResponse(gatewayFilterChain, serverWebExchange);
    }

    public int getOrder() {
        return Integer.MIN_VALUE;
    }

    private Mono<Void> setUnauthorizedResponse(GatewayFilterChain gatewayFilterChain, ServerWebExchange serverWebExchange) {
        final ServerHttpResponse response = serverWebExchange.getResponse();
        final DataBufferFactory bufferFactory = response.bufferFactory();
        final HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.putAll(serverWebExchange.getResponse().getHeaders());
        return gatewayFilterChain.filter(serverWebExchange.mutate().response(new ServerHttpResponseDecorator(serverWebExchange.getResponse()) { // from class: top.legendscloud.gateway.filter.SqLinjectionFilter.2
            public Mono<Void> writeWith(Publisher<? extends DataBuffer> publisher) {
                if (!(publisher instanceof Flux)) {
                    return super.writeWith(publisher);
                }
                Flux buffer = ((Flux) publisher).buffer();
                HttpHeaders httpHeaders2 = httpHeaders;
                ServerHttpResponse serverHttpResponse = response;
                DataBufferFactory dataBufferFactory = bufferFactory;
                return super.writeWith(buffer.map(list -> {
                    DataBuffer join = new DefaultDataBufferFactory().join(list);
                    byte[] bArr = new byte[join.readableByteCount()];
                    join.read(bArr);
                    DataBufferUtils.release(join);
                    new String(bArr, StandardCharsets.UTF_8);
                    byte[] bytes = "{\"hhhh\":666}".getBytes(StandardCharsets.UTF_8);
                    httpHeaders2.setContentLength(bytes.length);
                    serverHttpResponse.getHeaders().add("Content-Type", "application/json; charset=UTF-8");
                    return dataBufferFactory.wrap(bytes);
                }));
            }

            public HttpHeaders getHeaders() {
                HttpHeaders httpHeaders2 = new HttpHeaders();
                httpHeaders2.putAll(super.getHeaders());
                httpHeaders2.remove("Content-Length");
                httpHeaders2.set("Transfer-Encoding", "chunked");
                return httpHeaders2;
            }
        }).build());
    }

    private DataBuffer toDataBuffer(byte[] bArr) {
        NettyDataBuffer allocateBuffer = new NettyDataBufferFactory(ByteBufAllocator.DEFAULT).allocateBuffer(bArr.length);
        allocateBuffer.write(bArr);
        return allocateBuffer;
    }

    public String[] getSqlinjectionHttpUrls() {
        return this.sqlinjectionHttpUrls;
    }

    public void setSqlinjectionHttpUrls(String[] strArr) {
        this.sqlinjectionHttpUrls = strArr;
    }
}
